# Ansible **noble_platform**: `kubectl apply -k` this directory (namespaces + static YAML only).
# Leaf Argo **Application** manifests live under **argocd/app-of-apps/** and are applied at the **end**
# of **ansible/playbooks/noble.yml** (play **tasks:** → **noble_argocd** `applications_post_platform.yml`) so
# **argocd-controller** does not SSA chart resources before **helm upgrade** (platform, authentik, velero, …).
#
# **noble-bootstrap-root** syncs this same path for GitOps on namespaces/datasource/VolumeSnapshotClass.
# Per-chart GitOps: each **noble-*** app under **argocd/app-of-apps/** (manual sync until you cut over).
#
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
  - authentik/namespace.yaml
  - oauth2-proxy/namespace.yaml
  - kube-prometheus-stack/namespace.yaml
  - loki/namespace.yaml
  - fluent-bit/namespace.yaml
  - newt/namespace.yaml
  - kyverno/namespace.yaml
  - velero/namespace.yaml
  - velero/longhorn-volumesnapshotclass.yaml
  - headlamp/namespace.yaml
  - grafana-loki-datasource/loki-datasource.yaml