apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

# Note: namespaces are defined in base; workloads go to dexorder-system
namespace: dexorder-system

# Base resources (includes all security policies)
resources:
  - ../base

# Production patches
patches:
  - path: patches.yaml

# ConfigMaps for service configs
# In production, these might come from external sources
# or be managed separately, but we'll include them here for consistency
configMapGenerator:
  - name: relay-config
    files:
      - config.yaml=../../configmaps/relay-config.yaml
  - name: ingestor-config
    files:
      - config.yaml=../../configmaps/ingestor-config.yaml
  - name: flink-config
    files:
      - config.yaml=../../configmaps/flink-config.yaml

# Secrets (managed via kubectl, not committed)
# These are created by bin/secret-update prod
secretGenerator: []

generatorOptions:
  disableNameSuffixHash: true

# Images
images:
  - name: dexorder/ai-backend
    newTag: latest
  - name: dexorder/ai-web
    newTag: latest
  - name: ghcr.io/dexorder/gateway
    newTag: latest
  - name: lifecycle-sidecar
    newName: ghcr.io/dexorder/lifecycle-sidecar
    newTag: latest
  - name: ghcr.io/dexorder/agent
    newTag: latest