Merge pull request #914 from fluxcd/img-update-roadmap

Update image update feature parity roadmap
Update semver flag in image update guide
2026-03-01 19:26:55 +00:00 · 2021-02-12 18:35:48 +02:00 · 2021-02-12 18:23:25 +02:00 · 2021-02-12 18:21:29 +02:00 · 2021-02-12 17:20:35 +01:00 · 2021-02-12 17:01:43 +01:00
448 changed files with 21599 additions and 7524 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,46 @@
 ---
 name: Bug report
 about: Create a report to help us improve Flux v2
 title: ''
 assignees: ''
 ---
 <!--
 Find out more about your support options and getting help at
   https://fluxcd.io/support/
 -->
 ### Describe the bug
 A clear and concise description of what the bug is.
 ### To Reproduce
 Steps to reproduce the behaviour:
 1. Provide Flux install instructions
 2. Provide a GitHub repository with Kubernetes manifests
 ### Expected behavior
 A clear and concise description of what you expected to happen.
 ### Additional context
 - Kubernetes version:
 - Git provider:
 - Container registry provider:
 Below please provide the output of the following commands:
 ```cli
 flux --version
 flux check
 kubectl -n <namespace> get all
 kubectl -n <namespace> logs deploy/source-controller
 kubectl -n <namespace> logs deploy/kustomize-controller
 ```
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,5 @@
 blank_issues_enabled: true
 contact_links:
  - name: Ask a question
    url: https://github.com/fluxcd/flux2/discussions
    about: Please ask and answer questions here.
--- a/.github/aur/flux-bin/.SRCINFO.template
+++ b/.github/aur/flux-bin/.SRCINFO.template
@@ -0,0 +1,17 @@
 pkgbase = flux-bin
 	pkgdesc = Open and extensible continuous delivery solution for Kubernetes
 	pkgver = ${PKGVER}
 	pkgrel = ${PKGREL}
 	url = https://fluxcd.io/
 	arch = x86_64
 	arch = armv6h
 	arch = armv7h
 	arch = aarch64
 	license = APACHE
 	optdepends = kubectl
 	source_x86_64 = flux-bin-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v1/flux_${PKGVER}_linux_amd64.tar.gz
 	source_armv6h = flux-bin-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v1/flux_${PKGVER}_linux_arm.tar.gz
 	source_armv7h = flux-bin-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v1/flux_${PKGVER}_linux_arm.tar.gz
 	source_aarch64 = flux-bin-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v1/flux_${PKGVER}_linux_arm64.tar.gz
 pkgname = flux-bin
--- a/.github/aur/flux-bin/.gitignore
+++ b/.github/aur/flux-bin/.gitignore
@@ -0,0 +1 @@
 .pkg
--- a/.github/aur/flux-bin/PKGBUILD.template
+++ b/.github/aur/flux-bin/PKGBUILD.template
@@ -0,0 +1,39 @@
 # Maintainer: Aurel Canciu <aurelcanciu@gmail.com>
 # Maintainer: Hidde Beydals <hello@hidde.co>
 pkgname=flux-bin
 pkgver=${PKGVER}
 pkgrel=${PKGREL}
 pkgdesc="Open and extensible continuous delivery solution for Kubernetes"
 url="https://fluxcd.io/"
 arch=("x86_64" "armv6h" "armv7h" "aarch64")
 license=("APACHE")
 optdepends=("kubectl")
 source_x86_64=(
  "$pkgname-$pkgver.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${pkgver}/flux_${pkgver}_linux_amd64.tar.gz"
 )
 source_armv6h=(
  "$pkgname-$pkgver.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${pkgver}/flux_${pkgver}_linux_arm.tar.gz"
 )
 source_armv7h=(
  "$pkgname-$pkgver.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${pkgver}/flux_${pkgver}_linux_arm.tar.gz"
 )
 source_aarch64=(
  "$pkgname-$pkgver.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${pkgver}/flux_${pkgver}_linux_arm64.tar.gz"
 )
 sha256sums_x86_64=(
  ${SHA256SUM_AMD64}
 )
 sha256sums_armv6h=(
  ${SHA256SUM_ARM}
 )
 sha256sums_armv7h=(
  ${SHA256SUM_ARM}
 )
 sha256sums_aarch64=(
  ${SHA256SUM_ARM64}
 )
 package() {
 	install -Dm755 flux "$pkgdir/usr/bin/flux"
 }
--- a/.github/aur/flux-bin/publish.sh
+++ b/.github/aur/flux-bin/publish.sh
@@ -0,0 +1,55 @@
 #!/usr/bin/env bash
 set -e
 WD=$(cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd)
 PKGNAME=$(basename $WD)
 ROOT=${WD%/.github/aur/$PKGNAME}
 LOCKFILE=/tmp/aur-$PKGNAME.lock
 exec 100>$LOCKFILE || exit 0
 flock -n 100 || exit 0
 trap "rm -f $LOCKFILE" EXIT
 export VERSION=$1
 echo "Publishing to AUR as version ${VERSION}"
 cd $WD
 export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
 eval $(ssh-agent -s)
 ssh-add <(echo "$AUR_BOT_SSH_PRIVATE_KEY")
 GITDIR=$(mktemp -d /tmp/aur-$PKGNAME-XXX)
 trap "rm -rf $GITDIR" EXIT
 git clone aur@aur.archlinux.org:$PKGNAME $GITDIR 2>&1
 CURRENT_PKGVER=$(cat $GITDIR/.SRCINFO | grep pkgver | awk '{ print $3 }')
 CURRENT_PKGREL=$(cat $GITDIR/.SRCINFO | grep pkgrel | awk '{ print $3 }')
 export PKGVER=${VERSION/-/}
 if [[ "${CURRENT_PKGVER}" == "${PKGVER}" ]]; then
    export PKGREL=$((CURRENT_PKGREL+1))
 else
    export PKGREL=1
 fi
 export SHA256SUM_ARM=$(sha256sum ${ROOT}/dist/flux_${PKGVER}_linux_arm.tar.gz | awk '{ print $1 }')
 export SHA256SUM_ARM64=$(sha256sum ${ROOT}/dist/flux_${PKGVER}_linux_arm64.tar.gz | awk '{ print $1 }')
 export SHA256SUM_AMD64=$(sha256sum ${ROOT}/dist/flux_${PKGVER}_linux_amd64.tar.gz | awk '{ print $1 }')
 envsubst '$PKGVER $PKGREL $SHA256SUM_AMD64 $SHA256SUM_ARM $SHA256SUM_ARM64' < .SRCINFO.template > $GITDIR/.SRCINFO
 envsubst '$PKGVER $PKGREL $SHA256SUM_AMD64 $SHA256SUM_ARM $SHA256SUM_ARM64' < PKGBUILD.template > $GITDIR/PKGBUILD
 cd $GITDIR
 git config user.name "fluxcdbot"
 git config user.email "fluxcdbot@users.noreply.github.com"
 git add -A
 if [ -z "$(git status --porcelain)" ]; then
  echo "No changes."
 else
  git commit -m "Updated to version v${PKGVER} release ${PKGREL}"
  git push origin master
 fi
--- a/.github/aur/flux-go/.SRCINFO.template
+++ b/.github/aur/flux-go/.SRCINFO.template
@@ -0,0 +1,19 @@
 pkgbase = flux-go
 	pkgdesc = Open and extensible continuous delivery solution for Kubernetes
 	pkgver = ${PKGVER}
 	pkgrel = ${PKGREL}
 	url = https://fluxcd.io/
 	arch = x86_64
 	arch = armv6h
 	arch = armv7h
 	arch = aarch64
 	license = APACHE
 	makedepends = go
 	depends = glibc
 	optdepends = kubectl
 	provides = flux-bin
 	conflicts = flux-bin
  replaces = flux-cli
 	source = flux-go-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/archive/v${PKGVER}.tar.gz
 pkgname = flux-go
--- a/.github/aur/flux-go/.gitignore
+++ b/.github/aur/flux-go/.gitignore
@@ -0,0 +1 @@
 .pkg
--- a/.github/aur/flux-go/PKGBUILD.template
+++ b/.github/aur/flux-go/PKGBUILD.template
@@ -0,0 +1,43 @@
 # Maintainer: Aurel Canciu <aurelcanciu@gmail.com>
 # Maintainer: Hidde Beydals <hello@hidde.co>
 pkgname=flux-go
 pkgver=${PKGVER}
 pkgrel=${PKGREL}
 pkgdesc="Open and extensible continuous delivery solution for Kubernetes"
 url="https://fluxcd.io/"
 arch=("x86_64" "armv6h" "armv7h" "aarch64")
 license=("APACHE")
 provides=("flux-bin")
 conflicts=("flux-bin")
 replaces=("flux-cli")
 depends=("glibc")
 makedepends=("go")
 optdepends=("kubectl")
 source=(
  "$pkgname-$pkgver.tar.gz::https://github.com/fluxcd/flux2/archive/v$pkgver.tar.gz"
 )
 sha256sums=(
  ${SHA256SUM}
 )
 build() {
  cd "flux2-$pkgver"
  export CGO_LDFLAGS="$LDFLAGS"
  export CGO_CFLAGS="$CFLAGS"
  export CGO_CXXFLAGS="$CXXFLAGS"
  export CGO_CPPFLAGS="$CPPFLAGS"
  export GOFLAGS="-buildmode=pie -trimpath -ldflags=-linkmode=external -mod=readonly -modcacherw"
  go build -ldflags "-X main.VERSION=$pkgver" -o flux-bin ./cmd/flux
 }
 check() {
  cd "flux2-$pkgver"
  make test
 }
 package() {
  cd "flux2-$pkgver"
  install -Dm755 flux-bin "$pkgdir/usr/bin/flux"
  install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
 }
--- a/.github/aur/flux-go/publish.sh
+++ b/.github/aur/flux-go/publish.sh
@@ -0,0 +1,53 @@
 #!/usr/bin/env bash
 set -e
 WD=$(cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd)
 PKGNAME=$(basename $WD)
 ROOT=${WD%/.github/aur/$PKGNAME}
 LOCKFILE=/tmp/aur-$PKGNAME.lock
 exec 100>$LOCKFILE || exit 0
 flock -n 100 || exit 0
 trap "rm -f $LOCKFILE" EXIT
 export VERSION=$1
 echo "Publishing to AUR as version ${VERSION}"
 cd $WD
 export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
 eval $(ssh-agent -s)
 ssh-add <(echo "$AUR_BOT_SSH_PRIVATE_KEY")
 GITDIR=$(mktemp -d /tmp/aur-$PKGNAME-XXX)
 trap "rm -rf $GITDIR" EXIT
 git clone aur@aur.archlinux.org:$PKGNAME $GITDIR 2>&1
 CURRENT_PKGVER=$(cat $GITDIR/.SRCINFO | grep pkgver | awk '{ print $3 }')
 CURRENT_PKGREL=$(cat $GITDIR/.SRCINFO | grep pkgrel | awk '{ print $3 }')
 export PKGVER=${VERSION/-/}
 if [[ "${CURRENT_PKGVER}" == "${PKGVER}" ]]; then
    export PKGREL=$((CURRENT_PKGREL+1))
 else
    export PKGREL=1
 fi
 export SHA256SUM=$(curl -sL https://github.com/fluxcd/flux2/archive/v$PKGVER.tar.gz | sha256sum | awk '{ print $1 }')
 envsubst '$PKGVER $PKGREL $SHA256SUM' < .SRCINFO.template > $GITDIR/.SRCINFO
 envsubst '$PKGVER $PKGREL $SHA256SUM' < PKGBUILD.template > $GITDIR/PKGBUILD
 cd $GITDIR
 git config user.name "fluxcdbot"
 git config user.email "fluxcdbot@users.noreply.github.com"
 git add -A
 if [ -z "$(git status --porcelain)" ]; then
  echo "No changes."
 else
  git commit -m "Updated to version v${PKGVER} release ${PKGREL}"
  git push origin master
 fi
--- a/.github/aur/flux-scm/.SRCINFO.template
+++ b/.github/aur/flux-scm/.SRCINFO.template
@@ -0,0 +1,19 @@
 pkgbase = flux-scm
 	pkgdesc = Open and extensible continuous delivery solution for Kubernetes
 	pkgver = ${PKGVER}
 	pkgrel = ${PKGREL}
 	url = https://fluxcd.io/
 	arch = x86_64
 	arch = armv6h
 	arch = armv7h
 	arch = aarch64
 	license = APACHE
 	makedepends = go
 	depends = glibc
 	optdepends = kubectl
 	provides = flux-bin
 	conflicts = flux-bin
 	source = git+https://github.com/fluxcd/flux2.git
 	md5sums = SKIP
 pkgname = flux-scm
--- a/.github/aur/flux-scm/.gitignore
+++ b/.github/aur/flux-scm/.gitignore
@@ -0,0 +1 @@
 .pkg
--- a/.github/aur/flux-scm/PKGBUILD.template
+++ b/.github/aur/flux-scm/PKGBUILD.template
@@ -0,0 +1,45 @@
 # Maintainer: Aurel Canciu <aurelcanciu@gmail.com>
 # Maintainer: Hidde Beydals <hello@hidde.co>
 pkgname=flux-scm
 pkgver=${PKGVER}
 pkgrel=${PKGREL}
 pkgdesc="Open and extensible continuous delivery solution for Kubernetes"
 url="https://fluxcd.io/"
 arch=("x86_64" "armv6h" "armv7h" "aarch64")
 license=("APACHE")
 provides=("flux-bin")
 conflicts=("flux-bin")
 depends=("glibc")
 makedepends=("go")
 optdepends=("kubectl")
 source=(
  "git+https://github.com/fluxcd/flux2.git"
 )
 md5sums=('SKIP')
 pkgver() {
  cd "flux2"
  printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)"
 }
 build() {
  cd "flux2"
  export CGO_LDFLAGS="$LDFLAGS"
  export CGO_CFLAGS="$CFLAGS"
  export CGO_CXXFLAGS="$CXXFLAGS"
  export CGO_CPPFLAGS="$CPPFLAGS"
  export GOFLAGS="-buildmode=pie -trimpath -ldflags=-linkmode=external -mod=readonly -modcacherw"
  go build -ldflags "-X main.VERSION=$pkgver" -o flux-bin ./cmd/flux
 }
 check() {
  cd "flux2"
  make test
 }
 package() {
  cd "flux2"
  install -Dm755 flux-bin "$pkgdir/usr/bin/flux"
  install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
 }
--- a/.github/aur/flux-scm/publish.sh
+++ b/.github/aur/flux-scm/publish.sh
@@ -0,0 +1,51 @@
 #!/usr/bin/env bash
 set -e
 WD=$(cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd)
 PKGNAME=$(basename $WD)
 ROOT=${WD%/.github/aur/$PKGNAME}
 LOCKFILE=/tmp/aur-$PKGNAME.lock
 exec 100>$LOCKFILE || exit 0
 flock -n 100 || exit 0
 trap "rm -f $LOCKFILE" EXIT
 export VERSION=$1
 echo "Publishing to AUR as version ${VERSION}"
 cd $WD
 export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
 eval $(ssh-agent -s)
 ssh-add <(echo "$AUR_BOT_SSH_PRIVATE_KEY")
 GITDIR=$(mktemp -d /tmp/aur-$PKGNAME-XXX)
 trap "rm -rf $GITDIR" EXIT
 git clone aur@aur.archlinux.org:$PKGNAME $GITDIR 2>&1
 CURRENT_PKGVER=$(cat $GITDIR/.SRCINFO | grep pkgver | awk '{ print $3 }')
 CURRENT_PKGREL=$(cat $GITDIR/.SRCINFO | grep pkgrel | awk '{ print $3 }')
 export PKGVER=${VERSION/-/}
 if [[ "${CURRENT_PKGVER}" == "${PKGVER}" ]]; then
    export PKGREL=$((CURRENT_PKGREL+1))
 else
    export PKGREL=1
 fi
 envsubst '$PKGVER $PKGREL' < .SRCINFO.template > $GITDIR/.SRCINFO
 envsubst '$PKGVER $PKGREL' < PKGBUILD.template > $GITDIR/PKGBUILD
 cd $GITDIR
 git config user.name "fluxcdbot"
 git config user.email "fluxcdbot@users.noreply.github.com"
 git add -A
 if [ -z "$(git status --porcelain)" ]; then
  echo "No changes."
 else
  git commit -m "Updated to version v${PKGVER} release ${PKGREL}"
  git push origin master
 fi
--- a/.github/kind/config.yaml
+++ b/.github/kind/config.yaml
@@ -0,0 +1,5 @@
 kind: Cluster
 apiVersion: kind.x-k8s.io/v1alpha4
 networking:
  disableDefaultCNI: true   # disable kindnet
  podSubnet: 192.168.0.0/16 # set to Calico's default subnet
--- a/.github/workflows/bootstrap.yaml
+++ b/.github/workflows/bootstrap.yaml
@@ -21,50 +21,50 @@ jobs:
      - name: Setup Go
        uses: actions/setup-go@v2
        with:
-          go-version: 1.14.x
+          go-version: 1.15.x
      - name: Setup Kubernetes
-        uses: engineerd/setup-kind@v0.4.0
+        uses: engineerd/setup-kind@v0.5.0
      - name: Set outputs
        id: vars
        run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
      - name: Build
-        run: sudo go build -o ./bin/gotk ./cmd/gotk
+        run: sudo go build -o ./bin/flux ./cmd/flux
      - name: bootstrap init
        run: |
-          ./bin/gotk bootstrap github --manifests ./manifests/install/ \
+          ./bin/flux bootstrap github --manifests ./manifests/install/ \
          --owner=fluxcd-testing \
-          --repository=gotk-test-${{ steps.vars.outputs.sha_short }} \
+          --repository=flux-test-${{ steps.vars.outputs.sha_short }} \
          --branch=main \
          --path=test-cluster
        env:
          GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
      - name: bootstrap no-op
        run: |
-          ./bin/gotk bootstrap github --manifests ./manifests/install/ \
+          ./bin/flux bootstrap github --manifests ./manifests/install/ \
          --owner=fluxcd-testing \
-          --repository=gotk-test-${{ steps.vars.outputs.sha_short }} \
+          --repository=flux-test-${{ steps.vars.outputs.sha_short }} \
          --branch=main \
          --path=test-cluster
        env:
          GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
      - name: uninstall
        run: |
-          ./bin/gotk suspend kustomization gotk-system
+          ./bin/flux uninstall -s --keep-namespace
-          ./bin/gotk uninstall --resources --crds -s
+          kubectl delete ns flux-system --timeout=10m --wait=true
      - name: bootstrap reinstall
        run: |
-          ./bin/gotk bootstrap github --manifests ./manifests/install/ \
+          ./bin/flux bootstrap github --manifests ./manifests/install/ \
          --owner=fluxcd-testing \
-          --repository=gotk-test-${{ steps.vars.outputs.sha_short }} \
+          --repository=flux-test-${{ steps.vars.outputs.sha_short }} \
          --branch=main \
          --path=test-cluster
        env:
          GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
      - name: delete repository
        run: |
-          ./bin/gotk bootstrap github --manifests ./manifests/install/ \
+          ./bin/flux bootstrap github --manifests ./manifests/install/ \
          --owner=fluxcd-testing \
-          --repository=gotk-test-${{ steps.vars.outputs.sha_short }} \
+          --repository=flux-test-${{ steps.vars.outputs.sha_short }} \
          --branch=main \
          --path=test-cluster \
          --delete
@@ -73,6 +73,6 @@ jobs:
      - name: Debug failure
        if: failure()
        run: |
-          kubectl -n gotk-system get all
+          kubectl -n flux-system get all
-          kubectl -n gotk-system logs deploy/source-controller
+          kubectl -n flux-system logs deploy/source-controller
-          kubectl -n gotk-system logs deploy/kustomize-controller
+          kubectl -n flux-system logs deploy/kustomize-controller
--- a/.github/workflows/docs.yaml
+++ b/.github/workflows/docs.yaml
@@ -15,18 +15,14 @@ jobs:
      - name: Copy assets
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SOURCE_VER: ${{ 'v0.1.1' }}
          KUSTOMIZE_VER: ${{ 'v0.1.1' }}
          HELM_VER: ${{ 'v0.1.2' }}
          NOTIFICATION_VER: ${{ 'v0.1.1' }}
        run: |
          controller_version() {
-            sed -n "s/\(.*$1\/.*?ref=\)//p;n" "manifests/bases/$1/kustomization.yaml"
+            sed -n "s/.*$1\/archive\/\(.*\).zip.*/\1/p;n" manifests/bases/$1/kustomization.yaml
          }
          {
            # source-controller CRDs
-            # SOURCE_VER=$(controller_version source-controller)
+            SOURCE_VER=$(controller_version source-controller)
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/source-controller/$SOURCE_VER/docs/api/source.md" > docs/components/source/api.md
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/source-controller/$SOURCE_VER/docs/spec/v1beta1/gitrepositories.md" > docs/components/source/gitrepositories.md
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/source-controller/$SOURCE_VER/docs/spec/v1beta1/helmrepositories.md" > docs/components/source/helmrepositories.md
@@ -36,21 +32,21 @@ jobs:
          {
            # kustomize-controller CRDs
-            # KUSTOMIZE_VER=$(controller_version kustomize-controller)
+            KUSTOMIZE_VER=$(controller_version kustomize-controller)
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/kustomize-controller/$KUSTOMIZE_VER/docs/api/kustomize.md" > docs/components/kustomize/api.md
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/kustomize-controller/$KUSTOMIZE_VER/docs/spec/v1beta1/kustomization.md" > docs/components/kustomize/kustomization.md
          }
          {
            # helm-controller CRDs
-            # HELM_VER=$(controller_version helm-controller)
+            HELM_VER=$(controller_version helm-controller)
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/helm-controller/$HELM_VER/docs/api/helmrelease.md" > docs/components/helm/api.md
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/helm-controller/$HELM_VER/docs/spec/v2beta1/helmreleases.md" > docs/components/helm/helmreleases.md
          }
          {
            # notification-controller CRDs
-            # NOTIFICATION_VER=$(controller_version notification-controller)
+            NOTIFICATION_VER=$(controller_version notification-controller)
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/notification-controller/$NOTIFICATION_VER/docs/api/notification.md" > docs/components/notification/api.md
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/notification-controller/$NOTIFICATION_VER/docs/spec/v1beta1/event.md" > docs/components/notification/event.md
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/notification-controller/$NOTIFICATION_VER/docs/spec/v1beta1/alert.md" > docs/components/notification/alert.md
@@ -58,9 +54,21 @@ jobs:
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/notification-controller/$NOTIFICATION_VER/docs/spec/v1beta1/receiver.md" > docs/components/notification/receiver.md
          }
          {
            # image-*-controller CRDs; these use the same API group
            IMG_REFL_VER=$(controller_version image-reflector-controller)
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/image-reflector-controller/$IMG_REFL_VER/docs/api/image-reflector.md" > docs/components/image/reflector-api.md
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/image-reflector-controller/$IMG_REFL_VER/docs/spec/v1alpha1/imagerepositories.md" > docs/components/image/imagerepositories.md
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/image-reflector-controller/$IMG_REFL_VER/docs/spec/v1alpha1/imagepolicies.md" > docs/components/image/imagepolicies.md
            IMG_AUTO_VER=$(controller_version image-automation-controller)
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/image-automation-controller/$IMG_AUTO_VER/docs/api/image-automation.md" > docs/components/image/automation-api.md
            curl -# -Lf "https://raw.githubusercontent.com/fluxcd/image-automation-controller/$IMG_AUTO_VER/docs/spec/v1alpha1/imageupdateautomations.md" > docs/components/image/imageupdateautomations.md
          }
          {
            # install script
-            cp install/gotk.sh docs/install.sh
+            cp install/flux.sh docs/install.sh
          }
      - name: Deploy docs
        uses: mhausenblas/mkdocs-deploy-gh-pages@master
--- a/.github/workflows/e2e.yaml
+++ b/.github/workflows/e2e.yaml
@@ -24,9 +24,15 @@ jobs:
        with:
          go-version: 1.15.x
      - name: Setup Kubernetes
-        uses: engineerd/setup-kind@v0.4.0
+        uses: engineerd/setup-kind@v0.5.0
        with:
-          image: kindest/node:v1.16.9
+          version: "v0.10.0"
          image: kindest/node:v1.20.2@sha256:8f7ea6e7642c0da54f04a7ee10431549c0257315b3a634f6ef2fecaaedb19bab
          config: .github/kind/config.yaml # disable KIND-net
      - name: Setup Calico for network policy
        run: |
          kubectl apply -f https://docs.projectcalico.org/v3.16/manifests/calico.yaml
          kubectl -n kube-system set env daemonset/calico-node FELIX_IGNORELOOSERPF=true
      - name: Run test
        run: make test
      - name: Check if working tree is dirty
@@ -37,34 +43,43 @@ jobs:
            exit 1
          fi
      - name: Build
-        run: sudo go build -o ./bin/gotk ./cmd/gotk
+        run: sudo go build -o ./bin/flux ./cmd/flux
-      - name: gotk check --pre
+      - name: flux check --pre
        run: |
-          ./bin/gotk check --pre
+          ./bin/flux check --pre
-      - name: gotk install --manifests
+      - name: flux install --manifests
        run: |
-          ./bin/gotk install --manifests ./manifests/install/
+          ./bin/flux install --manifests ./manifests/install/
-      - name: gotk create source git
+      - name: flux create secret
        run: |
-          ./bin/gotk create source git podinfo \
+          ./bin/flux create secret git git-ssh-test \
            --url ssh://git@github.com/stefanprodan/podinfo
          ./bin/flux create secret git git-https-test \
            --url https://github.com/stefanprodan/podinfo \
            --username=test --password=test
          ./bin/flux create secret helm helm-test \
            --username=test --password=test
      - name: flux create source git
        run: |
          ./bin/flux create source git podinfo \
            --url https://github.com/stefanprodan/podinfo  \
            --tag-semver=">=3.2.3"
-      - name: gotk create source git export apply
+      - name: flux create source git export apply
        run: |
-          ./bin/gotk create source git podinfo-export \
+          ./bin/flux create source git podinfo-export \
            --url https://github.com/stefanprodan/podinfo  \
            --tag-semver=">=3.2.3" \
            --export | kubectl apply -f -
-          ./bin/gotk delete source git podinfo-export --silent
+          ./bin/flux delete source git podinfo-export --silent
-      - name: gotk get sources git
+      - name: flux get sources git
        run: |
-          ./bin/gotk get sources git
+          ./bin/flux get sources git
-      - name: gotk get sources git --all-namespaces
+      - name: flux get sources git --all-namespaces
        run: |
-          ./bin/gotk get sources git --all-namespaces
+          ./bin/flux get sources git --all-namespaces
-      - name: gotk create kustomization
+      - name: flux create kustomization
        run: |
-          ./bin/gotk create kustomization podinfo \
+          ./bin/flux create kustomization podinfo \
            --source=podinfo \
            --path="./deploy/overlays/dev" \
            --prune=true \
@@ -73,80 +88,119 @@ jobs:
            --health-check="Deployment/frontend.dev" \
            --health-check="Deployment/backend.dev" \
            --health-check-timeout=3m
-      - name: gotk reconcile kustomization --with-source
+      - name: flux reconcile kustomization --with-source
        run: |
-          ./bin/gotk reconcile kustomization podinfo --with-source
+          ./bin/flux reconcile kustomization podinfo --with-source
-      - name: gotk get kustomizations
+      - name: flux get kustomizations
        run: |
-          ./bin/gotk get kustomizations
+          ./bin/flux get kustomizations
-      - name: gotk get kustomizations --all-namespaces
+      - name: flux get kustomizations --all-namespaces
        run: |
-          ./bin/gotk get kustomizations --all-namespaces
+          ./bin/flux get kustomizations --all-namespaces
-      - name: gotk suspend kustomization
+      - name: flux suspend kustomization
        run: |
-          ./bin/gotk suspend kustomization podinfo
+          ./bin/flux suspend kustomization podinfo
-      - name: gotk resume kustomization
+      - name: flux resume kustomization
        run: |
-          ./bin/gotk resume kustomization podinfo
+          ./bin/flux resume kustomization podinfo
-      - name: gotk export
+      - name: flux export
        run: |
-          ./bin/gotk export source git --all
+          ./bin/flux export source git --all
-          ./bin/gotk export kustomization --all
+          ./bin/flux export kustomization --all
-      - name: gotk delete kustomization
+      - name: flux delete kustomization
        run: |
-          ./bin/gotk delete kustomization podinfo --silent
+          ./bin/flux delete kustomization podinfo --silent
-      - name: gotk create source helm
+      - name: flux create source helm
        run: |
-          ./bin/gotk create source helm podinfo \
+          ./bin/flux create source helm podinfo \
            --url https://stefanprodan.github.io/podinfo
-      - name: gotk create helmrelease --source=HelmRepository/podinfo
+      - name: flux create helmrelease --source=HelmRepository/podinfo
        run: |
-          ./bin/gotk create hr podinfo-helm \
+          ./bin/flux create hr podinfo-helm \
            --target-namespace=default \
            --source=HelmRepository/podinfo \
            --chart=podinfo \
            --chart-version=">4.0.0 <5.0.0"
-      - name: gotk create helmrelease --source=GitRepository/podinfo
+      - name: flux create helmrelease --source=GitRepository/podinfo
        run: |
-          ./bin/gotk create hr podinfo-git \
+          ./bin/flux create hr podinfo-git \
            --target-namespace=default \
            --source=GitRepository/podinfo \
            --chart=./charts/podinfo
-      - name: gotk reconcile helmrelease --with-source
+      - name: flux reconcile helmrelease --with-source
        run: |
-          ./bin/gotk reconcile helmrelease podinfo-git --with-source
+          ./bin/flux reconcile helmrelease podinfo-git --with-source
-      - name: gotk get helmreleases
+      - name: flux get helmreleases
        run: |
-          ./bin/gotk get helmreleases
+          ./bin/flux get helmreleases
-      - name: gotk get helmreleases --all-namespaces
+      - name: flux get helmreleases --all-namespaces
        run: |
-          ./bin/gotk get helmreleases --all-namespaces
+          ./bin/flux get helmreleases --all-namespaces
-      - name: gotk export helmrelease
+      - name: flux export helmrelease
        run: |
-          ./bin/gotk export hr --all
+          ./bin/flux export hr --all
-      - name: gotk delete helmrelease podinfo-helm
+      - name: flux delete helmrelease podinfo-helm
        run: |
-          ./bin/gotk delete hr podinfo-helm --silent
+          ./bin/flux delete hr podinfo-helm --silent
-      - name: gotk delete helmrelease podinfo-git
+      - name: flux delete helmrelease podinfo-git
        run: |
-          ./bin/gotk delete hr podinfo-git --silent
+          ./bin/flux delete hr podinfo-git --silent
-      - name: gotk delete source helm
+      - name: flux delete source helm
        run: |
-          ./bin/gotk delete source helm podinfo --silent
+          ./bin/flux delete source helm podinfo --silent
-      - name: gotk delete source git
+      - name: flux delete source git
        run: |
-          ./bin/gotk delete source git podinfo --silent
+          ./bin/flux delete source git podinfo --silent
-      - name: gotk check
+      - name: flux create tenant
        run: |
-          ./bin/gotk check
+          ./bin/flux create tenant dev-team --with-namespace=apps
-      - name: gotk uninstall
+          ./bin/flux -n apps create source helm podinfo \
            --url https://stefanprodan.github.io/podinfo
          ./bin/flux -n apps create hr podinfo-helm \
            --source=HelmRepository/podinfo \
            --chart=podinfo \
            --chart-version="5.0.x" \
            --service-account=dev-team
      - name: flux create image repository
        run: |
-          ./bin/gotk uninstall --crds --silent
+          ./bin/flux create image repository podinfo \
            --image=ghcr.io/stefanprodan/podinfo \
            --interval=1m
      - name: flux create image policy
        run: |
          ./bin/flux create image policy podinfo \
            --image-ref=podinfo \
            --interval=1m \
            --select-semver=5.0.x
      - name: flux create image policy podinfo-select-alpha
        run: |
          ./bin/flux create image policy podinfo-alpha \
            --image-ref=podinfo \
            --interval=1m \
            --select-alpha=desc
      - name: flux get image policy
        run: |
          ./bin/flux get image policy podinfo | grep '5.0.3'
      - name: flux2-kustomize-helm-example
        run: |
          ./bin/flux create source git flux-system \
          --url=https://github.com/fluxcd/flux2-kustomize-helm-example \
          --branch=main
          ./bin/flux create kustomization flux-system \
          --source=flux-system \
          --path=./clusters/staging
          kubectl -n flux-system wait kustomization/apps --for=condition=ready --timeout=2m
      - name: flux check
        run: |
          ./bin/flux check
      - name: flux uninstall
        run: |
          ./bin/flux uninstall --silent
      - name: Debug failure
        if: failure()
        run: |
          kubectl version --client --short
-          kubectl -n gotk-system get all
+          kubectl -n flux-system get all
-          kubectl -n gotk-system get kustomizations -oyaml
+          kubectl -n flux-system get kustomizations -oyaml
-          kubectl -n gotk-system logs deploy/source-controller
+          kubectl -n flux-system logs deploy/source-controller
-          kubectl -n gotk-system logs deploy/kustomize-controller
+          kubectl -n flux-system logs deploy/kustomize-controller
--- a/.github/workflows/fossa.yml
+++ b/.github/workflows/fossa.yml
@@ -13,15 +13,13 @@ jobs:
      - uses: actions/setup-go@v2
        with:
          go-version: "^1.14.x"
-      - run: go version
+      - name: Add GOPATH to GITHUB_ENV
-      # Runs a set of commands to initialize and analyze with FOSSA
+        run: echo "GOPATH=$(go env GOPATH)" >>"$GITHUB_ENV"
-      - name: run FOSSA analysis
+      - name: Add GOPATH to GITHUB_PATH
-        env:
+        run: echo "$GOPATH/bin" >>"$GITHUB_PATH"
      - name: Run FOSSA scan and upload build data
        uses: fossa-contrib/fossa-action@v1
        with:
          # FOSSA Push-Only API Token
-          FOSSA_API_KEY: '5ee8bf422db1471e0bcf2bcb289185de'
+          fossa-api-key: 5ee8bf422db1471e0bcf2bcb289185de
-        run: |
+          github-token: ${{ github.token }}
          export GOPATH=$HOME/go
          export PATH=$PATH:$(go env GOPATH)/bin
          curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install.sh | bash
          fossa init
          fossa analyze
--- a/.github/workflows/rebase.yml
+++ b/.github/workflows/rebase.yml
@@ -0,0 +1,21 @@
 name: rebase
 on:
  pull_request:
    types: [opened]
  issue_comment:
    types: [created]
 jobs:
  rebase:
    if: github.event.issue.pull_request != '' && contains(github.event.comment.body, '/rebase') && (github.event.comment.author_association == 'CONTRIBUTOR' || github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'OWNER')
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the latest code
        uses: actions/checkout@v2
        with:
          fetch-depth: 0
      - name: Automatic Rebase
        uses: cirrus-actions/rebase@1.3.1
        env:
          GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }}
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -59,24 +59,9 @@ jobs:
          # create tarball
          cd ./output && tar -cvzf manifests.tar.gz $files
-      - name: Create release
+      - name: Generate install manifest
-        id: create_release
+        run: |
-        uses: actions/create-release@latest
+          kustomize build ./manifests/install > ./output/install.yaml
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          tag_name: ${{ github.ref }}
          release_name: ${{ github.ref }}
      - name: Upload artifacts
        id: upload-release-asset
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./output/manifests.tar.gz
          asset_name: manifests.tar.gz
          asset_content_type: application/gzip
      - name: Run GoReleaser
        uses: goreleaser/goreleaser-action@v1
        with:
@@ -85,3 +70,4 @@ jobs:
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          HOMEBREW_TAP_GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }}
          AUR_BOT_SSH_PRIVATE_KEY: ${{ secrets.AUR_BOT_SSH_PRIVATE_KEY }}
--- a/.github/workflows/update.yml
+++ b/.github/workflows/update.yml
@@ -4,6 +4,8 @@ on:
  workflow_dispatch:
  schedule:
    - cron: "0 * * * *"
  push:
    branches: [main]
 jobs:
  update-components:
@@ -19,7 +21,7 @@ jobs:
          bump_version() {
            local RELEASE_VERSION=$(curl -s https://api.github.com/repos/fluxcd/$1/releases | jq -r 'sort_by(.published_at) | .[-1] | .tag_name')
-            local CURRENT_VERSION=$(sed -n "s/\(.*$1\/.*?ref=\)//p;n" "manifests/bases/$1/kustomization.yaml")
+            local CURRENT_VERSION=$(sed -n "s/.*$1\/archive\/\(.*\).zip.*/\1/p;n" manifests/bases/$1/kustomization.yaml)
            if [[ "${RELEASE_VERSION}" != "${CURRENT_VERSION}" ]]; then
              # bump kustomize
@@ -30,7 +32,8 @@ jobs:
                go mod edit -require="github.com/fluxcd/$1/api@${RELEASE_VERSION}"
              fi
-              PR_BODY="$PR_BODY- $1 to ${RELEASE_VERSION}%0A"
+              # NB: special URL encoded formatting required for newlines
              PR_BODY="$PR_BODY- $1 to ${RELEASE_VERSION}%0A  https://github.com/fluxcd/$1/blob/${RELEASE_VERSION}/CHANGELOG.md%0A"
            fi
          }
@@ -40,6 +43,8 @@ jobs:
            bump_version kustomize-controller
            bump_version source-controller
            bump_version notification-controller
            bump_version image-reflector-controller
            bump_version image-automation-controller
            # add missing and remove unused modules
            go mod tidy
@@ -47,7 +52,7 @@ jobs:
            # diff change
            git diff
-            # export PR_BODY for PR
+            # export PR_BODY for PR and commit
            echo "::set-output name=pr_body::$PR_BODY"
          }
@@ -56,19 +61,22 @@ jobs:
        uses: peter-evans/create-pull-request@v3
        with:
            token: ${{ secrets.BOT_GITHUB_TOKEN }}
-            commit-message: Update toolkit components
+            commit-message: |
              Update toolkit components
              ${{ steps.update.outputs.pr_body }}
            committer: GitHub <noreply@github.com>
            author: fluxcdbot <fluxcdbot@users.noreply.github.com>
            signoff: true
            branch: update-components
            title: Update toolkit components
            body: |
              ${{ steps.update.outputs.pr_body }}
-
+            labels: |
-              Auto-generated by [create-pull-request][1]
+              area/build
              [1]: https://github.com/peter-evans/create-pull-request
            branch: update-components
            reviewers: ${{ secrets.ASSIGNEES }}
      - name: Check output
        run: |
          echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}"
          echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -1,10 +1,14 @@
 project_name: flux
 builds:
-  - main: ./cmd/gotk
+  - <<: &build_defaults
-    ldflags:
+      binary: flux
-      - -s -w -X main.VERSION={{ .Version }}
+      main: ./cmd/flux
-    binary: gotk
+      ldflags:
        - -s -w -X main.VERSION={{ .Version }}
      env:
        - CGO_ENABLED=0
    id: linux
    goos:
      - darwin
      - linux
    goarch:
      - amd64
@@ -12,23 +16,58 @@ builds:
      - arm
    goarm:
      - 7
-    env:
+  - <<: *build_defaults
-      - CGO_ENABLED=0
+    id: darwin
    goos:
      - darwin
  - <<: *build_defaults
    id: windows
    goos:
      - windows
 archives:
  - name_template: "{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
    id: nix
    builds: [linux, darwin]
    format: tar.gz
    files:
      - none*
  - name_template: "{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
    id: windows
    builds: [windows]
    format: zip
    files:
      - none*
 brews:
-  - name: gotk
+  - name: flux
    tap:
      owner: fluxcd
      name: homebrew-tap
      token: "{{ .Env.HOMEBREW_TAP_GITHUB_TOKEN }}"
    folder: Formula
    homepage: "https://toolkit.fluxcd.io/"
-    description: "GitOps Toolkit CLI"
+    description: "Flux CLI"
    dependencies:
      - name: kubectl
        type: optional
    test: |
-      system "#{bin}/gotk --version"
+      system "#{bin}/flux --version"
 publishers:
  - name: aur-pkg-bin
    env:
      - AUR_BOT_SSH_PRIVATE_KEY={{ .Env.AUR_BOT_SSH_PRIVATE_KEY }}
    cmd: |
      .github/aur/flux-bin/publish.sh {{ .Version }}
  - name: aur-pkg-scm
    env:
      - AUR_BOT_SSH_PRIVATE_KEY={{ .Env.AUR_BOT_SSH_PRIVATE_KEY }}
    cmd: |
      .github/aur/flux-scm/publish.sh {{ .Version }}
  - name: aur-pkg-go
    env:
      - AUR_BOT_SSH_PRIVATE_KEY={{ .Env.AUR_BOT_SSH_PRIVATE_KEY }}
    cmd: |
      .github/aur/flux-go/publish.sh {{ .Version }}
 release:
  extra_files:
    - glob: ./output/manifests.tar.gz
    - glob: ./output/install.yaml
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,8 +1,9 @@
 # Contributing
-The GitOps Toolkit is [Apache 2.0 licensed](https://github.com/fluxcd/toolkit/blob/master/LICENSE)
+Flux is [Apache 2.0 licensed](https://github.com/fluxcd/flux2/blob/main/LICENSE) and
-and accepts contributions via GitHub pull requests. This document outlines
+accepts contributions via GitHub pull requests. This document outlines
-some of the conventions on to make it easier to get your contribution accepted.
+some of the conventions on to make it easier to get your contribution
 accepted.
 We gratefully welcome improvements to issues and documentation as well as to
 code.
@@ -12,9 +13,18 @@ code.
 By contributing to this project you agree to the Developer Certificate of
 Origin (DCO). This document was created by the Linux Kernel community and is a
 simple statement that you, as a contributor, have the legal right to make the
-contribution. No action from you is required, but it's a good idea to see the
+contribution.
-[DCO](DCO) file for details before you start contributing code to FluxCD
+
-organization.
+We require all commits to be signed. By signing off with your signature, you
 certify that you wrote the patch or otherwise have the right to contribute the
 material by the rules of the [DCO](DCO):
 `Signed-off-by: Jane Doe <jane.doe@example.com>`
 The signature must contain your real name
 (sorry, no pseudonyms or anonymous contributions)
 If your `user.name` and `user.email` are configured in your Git config,
 you can sign your commit automatically with `git commit -s`.
 ## Communications
@@ -23,7 +33,7 @@ join the [CNCF](https://slack.cncf.io/) Slack workspace and use the
 [#flux-dev](https://cloud-native.slack.com/messages/flux-dev/) channel.
 To discuss ideas and specifications we use [Github
-Discussions](https://github.com/fluxcd/toolkit/discussions).
+Discussions](https://github.com/fluxcd/flux2/discussions).
 For announcements we use a mailing list as well. Simply subscribe to
 [flux-dev on cncf.io](https://lists.cncf.io/g/cncf-flux-dev)
@@ -31,14 +41,14 @@ to join the conversation (there you can also add calendar invites
 to your Google calendar for our [Flux
 meeting](https://docs.google.com/document/d/1l_M0om0qUEN_NNiGgpqJ2tvsF2iioHkaARDeh6b70B0/view)).
-## Understanding the GitOps Toolkit
+## Understanding Flux and the GitOps Toolkit
-If you are entirely new to the GitOps Toolkit,
+If you are entirely new to Flux and the GitOps Toolkit,
 you might want to take a look at the [introductory talk and demo](https://www.youtube.com/watch?v=qQBtSkgl7tI).
 This project is composed of:
- [/f/toolkit](https://github.com/fluxcd/toolkit): The GitOps Toolkit CLI
+- [/f/flux2](https://github.com/fluxcd/flux2): The Flux CLI
 - [/f/source-manager](https://github.com/fluxcd/source-controller): Kubernetes operator for managing sources
 - [/f/kustomize-controller](https://github.com/fluxcd/kustomize-controller): Kubernetes operator for building GitOps pipelines with Kustomize
 - [/f/helm-controller](https://github.com/fluxcd/helm-controller): Kubernetes operator for building GitOps pipelines with Helm
--- a/10
+++ b/10
@@ -2,7 +2,17 @@ The maintainers are generally available in Slack at
 https://cloud-native.slack.com in #flux (https://cloud-native.slack.com/messages/CLAJ40HV3)
 (obtain an invitation at https://slack.cncf.io/).
 These maintainers are shared with other Flux v2-related git
 repositories under https://github.com/fluxcd, as noted in their
 respective MAINTAINERS files.
 For convenience, they are reflected in the GitHub team
@fluxcd/flux2-maintainers -- if the list here changes, that team also
 should.
 In alphabetical order:
 Aurel Canciu, Sortlist <aurel@sortlist.com> (github: @relu, slack: relu)
 Hidde Beydals, Weaveworks <hidde@weave.works> (github: @hiddeco, slack: hidde)
 Philip Laine, Xenit <philip.laine@xenit.se> (github: @phillebaba, slack: phillebaba)
 Stefan Prodan, Weaveworks <stefan@weave.works> (github: @stefanprodan, slack: stefanprodan)
--- a/11
+++ b/11
@@ -1,4 +1,4 @@
-VERSION?=$(shell grep 'VERSION' cmd/gotk/main.go | awk '{ print $$4 }' | tr -d '"')
+VERSION?=$(shell grep 'VERSION' cmd/flux/main.go | awk '{ print $$4 }' | tr -d '"')
 all: test build
@@ -15,14 +15,15 @@ test: tidy fmt vet docs
 	go test ./... -coverprofile cover.out
 build:
-	CGO_ENABLED=0 go build -o ./bin/gotk ./cmd/gotk
+	CGO_ENABLED=0 go build -o ./bin/flux ./cmd/flux
 install:
-	go install cmd/gotk
+	go install cmd/flux
 .PHONY: docs
 docs:
-	mkdir -p ./docs/cmd && go run ./cmd/gotk/ docgen
+	rm docs/cmd/*
 	mkdir -p ./docs/cmd && go run ./cmd/flux/ docgen
 install-dev:
-	CGO_ENABLED=0 go build -o /usr/local/bin ./cmd/gotk
+	CGO_ENABLED=0 go build -o /usr/local/bin ./cmd/flux
--- a/README.md
+++ b/README.md
@@ -1,27 +1,30 @@
-# GitOps Toolkit
+# Flux version 2
-[![e2e](https://github.com/fluxcd/toolkit/workflows/e2e/badge.svg)](https://github.com/fluxcd/toolkit/actions)
+[![e2e](https://github.com/fluxcd/flux2/workflows/e2e/badge.svg)](https://github.com/fluxcd/flux2/actions)
-[![report](https://goreportcard.com/badge/github.com/fluxcd/toolkit)](https://goreportcard.com/report/github.com/fluxcd/toolkit)
+[![report](https://goreportcard.com/badge/github.com/fluxcd/flux2)](https://goreportcard.com/report/github.com/fluxcd/flux2)
-[![license](https://img.shields.io/github/license/fluxcd/toolkit.svg)](https://github.com/fluxcd/toolkit/blob/main/LICENSE)
+[![license](https://img.shields.io/github/license/fluxcd/flux2.svg)](https://github.com/fluxcd/flux2/blob/main/LICENSE)
-[![release](https://img.shields.io/github/release/fluxcd/toolkit/all.svg)](https://github.com/fluxcd/toolkit/releases)
+[![release](https://img.shields.io/github/release/fluxcd/flux2/all.svg)](https://github.com/fluxcd/flux2/releases)
 ![overview](docs/diagrams/gitops-toolkit.png)
-The GitOps Toolkit is a set of composable APIs and specialized tools
+Flux is a tool for keeping Kubernetes clusters in sync with sources of
-that can be used to build a Continuous Delivery platform on top of Kubernetes.
+configuration (like Git repositories), and automating updates to
 configuration when there is new code to deploy.
-These tools are build with Kubernetes controller-runtime libraries, and they
+Flux version 2 ("v2") is built from the ground up to use Kubernetes'
-can be dynamically configured with Kubernetes custom resources either by
+API extension system, and to integrate with Prometheus and other core
-cluster admins or by other automated tools.
+components of the Kubernetes ecosystem. In version 2, Flux supports
-The GitOps Toolkit components interact with each other via Kubernetes
+multi-tenancy and support for syncing an arbitrary number of Git
-events and are responsible for the reconciliation of their designated API objects.
+repositories, among other long-requested features.
-## `gotk` installation
+Flux v2 is constructed with the [GitOps Toolkit](#gitops-toolkit), a
 set of composable APIs and specialized tools for building Continuous
 Delivery on top of Kubernetes.
 ## Flux installation
 With Homebrew:
 ```sh
-brew tap fluxcd/tap
+brew install fluxcd/tap/flux
 brew install gotk
 ```
 With Bash:
@@ -30,32 +33,55 @@ With Bash:
 curl -s https://toolkit.fluxcd.io/install.sh | sudo bash
 # enable completions in ~/.bash_profile
-. <(gotk completion bash)
+. <(flux completion bash)
 ```
-Binaries for macOS and Linux AMD64/ARM64 are available to download on the
+Arch Linux (AUR) packages:
-[release page](https://github.com/fluxcd/toolkit/releases).
+
 - [flux-bin](https://aur.archlinux.org/packages/flux-bin): install the latest
  stable version using a pre-build binary (recommended)
 - [flux-go](https://aur.archlinux.org/packages/flux-go): build the latest
  stable version from source code
 - [flux-scm](https://aur.archlinux.org/packages/flux-scm): build the latest
  (unstable) version from source code from our git `main` branch
 Binaries for macOS, Windows and Linux AMD64/ARM are available to download on the
 [release page](https://github.com/fluxcd/flux2/releases).
 Verify that your cluster satisfies the prerequisites with:
 ```sh
-gotk check --pre
+flux check --pre
 ```
 ## Get started
-To get started with the GitOps Toolkit, start [browsing the documentation](https://toolkit.fluxcd.io)
+To get started with Flux, start [browsing the
-or get started with one of the following guides:
+documentation](https://toolkit.fluxcd.io) or get started with one of
 the following guides:
- [Get started with GitOps Toolkit (deep dive)](https://toolkit.fluxcd.io/get-started/)
+- [Get started with Flux](https://toolkit.fluxcd.io/get-started/)
 - [Installation](https://toolkit.fluxcd.io/guides/installation/)
 - [Manage Helm Releases](https://toolkit.fluxcd.io/guides/helmreleases/)
- [Setup Notifications](https://toolkit.fluxcd.io/guides/notifications/)
+- [Automate image updates to Git](https://toolkit.fluxcd.io/guides/image-update/)  
- [Setup Webhook Receivers](https://toolkit.fluxcd.io/guides/webhook-receivers/)
+- [Manage Kubernetes secrets with Mozilla SOPS](https://toolkit.fluxcd.io/guides/mozilla-sops/)  
-## Components
+If you need help, please refer to our **[Support page](https://fluxcd.io/support/)**.
 ## GitOps Toolkit
 The GitOps Toolkit is the set of APIs and controllers that make up the
 runtime for Flux v2. The APIs comprise Kubernetes custom resources,
 which can be created and updated by a cluster user, or by other
 automation tooling.
 ![overview](docs/diagrams/gitops-toolkit.png)
 You can use the toolkit to extend Flux, or to build your own systems
 for continuous delivery -- see [the developer
 guides](https://toolkit.fluxcd.io/dev-guides/source-watcher/).
 ### Components
 - [Toolkit CLI](https://toolkit.fluxcd.io/cmd/gotk/)
 - [Source Controller](https://toolkit.fluxcd.io/components/source/controller/)
    - [GitRepository CRD](https://toolkit.fluxcd.io/components/source/gitrepositories/)
    - [HelmRepository CRD](https://toolkit.fluxcd.io/components/source/helmrepositories/)
@@ -69,30 +95,33 @@ or get started with one of the following guides:
    - [Provider CRD](https://toolkit.fluxcd.io/components/notification/provider/)
    - [Alert CRD](https://toolkit.fluxcd.io/components/notification/alert/)
    - [Receiver CRD](https://toolkit.fluxcd.io/components/notification/receiver/)
-
+- [Image Automation Controllers](https://toolkit.fluxcd.io/components/image/controller/)
  - [ImageRepository CRD](https://toolkit.fluxcd.io/components/image/imagerepositories/)
  - [ImagePolicy CRD](https://toolkit.fluxcd.io/components/image/imagepolicies/)
  - [ImageUpdateAutomation CRD](https://toolkit.fluxcd.io/components/image/imageupdateautomations/)
 ## Community
-The GitOps Toolkit is always looking for new contributors and there are a multitude of ways to get involved. Depending on what you want to do, some of the following bits might be your first steps:
+Need help or want to contribute? Please see the links below. The Flux project is always looking for
 new contributors and there are a multitude of ways to get involved.
- Join our upcoming dev meetings ([meeting access and agenda](https://docs.google.com/document/d/1l_M0om0qUEN_NNiGgpqJ2tvsF2iioHkaARDeh6b70B0/view))
+- Getting Started?
- Talk to us in the #flux channel on [CNCF Slack](https://slack.cncf.io/)
+    - Look at our [Get Started guide](https://toolkit.fluxcd.io/get-started/) and give us feedback
- Join the [planning discussions](https://github.com/fluxcd/toolkit/discussions)
+- Need help?
- And if you are completely new to the GitOps Toolkit, take a look at our [Get Started guide](https://toolkit.fluxcd.io/get-started/) and give us feedback
+    - First: Ask questions on our [GH Discussions page](https://github.com/fluxcd/flux2/discussions)
- To be part of the conversation about Flux's development, [join the flux-dev mailing list](https://lists.cncf.io/g/cncf-flux-dev).
+    - Second: Talk to us in the #flux channel on [CNCF Slack](https://slack.cncf.io/)
- Check out [how to contribute](CONTRIBUTING.md) to the project
+    - Please follow our [Support Guidelines](https://fluxcd.io/support/)
      (in short: be nice, be respectful of volunteers' time, understand that maintainers and
      contributors cannot respond to all DMs, and keep discussions in the public #flux channel as much as possible).
 - Have feature proposals or want to contribute?
    - Propose features on our [GH Discussions page](https://github.com/fluxcd/flux2/discussions)
    - Join our upcoming dev meetings ([meeting access and agenda](https://docs.google.com/document/d/1l_M0om0qUEN_NNiGgpqJ2tvsF2iioHkaARDeh6b70B0/view))
    - [Join the flux-dev mailing list](https://lists.cncf.io/g/cncf-flux-dev).
    - Check out [how to contribute](CONTRIBUTING.md) to the project
-## Featured Talks
+### Events
 - [12 Oct 2020 - Rawkode Live: Introduction to GitOps Toolkit with Stefan Prodan](https://youtu.be/HqTzuOBP0eY)
 - [4 Sep 2020 - KubeCon/CloudNativeCon Europe: The road to Flux v2 and Progressive Delivery with Stefan Prodan & Hidde Beydals](https://youtu.be/8v94nUkXsxU)
 - [25 June 2020 - Cloud Native Nordics: Introduction to GitOps & GitOps Toolkit with Alexis Richardson & Stefan Prodan](https://youtu.be/qQBtSkgl7tI)
 - [7 May 2020 - GitOps Days - Community Special: GitOps Toolkit Experimentation with Stefan Prodan](https://youtu.be/WHzxunv4DKk?t=6521)
-### Upcoming Meetups
+Check out our **[events calendar](https://fluxcd.io/community/#talks)**,
- [19 October 2020 - GitOps Toolkit Guide Walk-through](https://www.meetup.com/GitOps-Community/events/273640196/)
+both with upcoming talks you can attend or past events videos you can watch.
 Join us 10am PT / 18:00 BST) for to this special walk-through of the GitOps Toolkit! 
 Through this talk you'll be able to see how the upcoming Flux v2 and GitOps Toolkit will bring
 great improvements to the Flux that you love! Watch or follow along as Leigh Capili shares some
 highlights and then goes through Getting Started with GitOps Toolkit.
 - 2 November 2020 - GitOps Toolkit Guide Walk-through - Part 2 (TBD)
-We are looking forward to seeing you with us!
+We look forward to seeing you with us!
--- a/action/Dockerfile
+++ b/action/Dockerfile
@@ -0,0 +1,6 @@
 FROM stefanprodan/alpine-base:latest
 COPY entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
 ENTRYPOINT ["/entrypoint.sh"]
--- a/action/README.md
+++ b/action/README.md
@@ -0,0 +1,89 @@
 # Flux GitHub Action
 Usage:
 ```yaml
    steps:
      - name: Setup Flux CLI
        uses: fluxcd/flux2/action@main
      - name: Run Flux commands
        run: flux -v
 ```
 This action places the `flux` binary inside your repository root under `bin/flux`.
 You should add `bin/flux` to your `.gitignore` file, as in the following example:
 ```gitignore
 # ignore flux binary
 bin/flux
 ```
 Note that this action can only be used on GitHub **Linux AMD64** runners.
 ### Automate Flux updates
 Example workflow for updating Flux's components generated with `flux bootstrap --path=clusters/production`:
 ```yaml
 name: update-flux
 on:
  workflow_dispatch:
  schedule:
    - cron: "0 * * * *"
 jobs:
  components:
    runs-on: ubuntu-latest
    steps:
      - name: Check out code
        uses: actions/checkout@v2
      - name: Setup Flux CLI
        uses: fluxcd/flux2/action@main
      - name: Check for updates
        id: update
        run: |
          flux install \
            --export > ./clusters/production/flux-system/gotk-components.yaml
          VERSION="$(flux -v)"
          echo "::set-output name=flux_version::$VERSION"
      - name: Create Pull Request
        uses: peter-evans/create-pull-request@v3
        with:
            token: ${{ secrets.GITHUB_TOKEN }}
            branch: update-flux
            commit-message: Update to ${{ steps.update.outputs.flux_version }}
            title: Update to ${{ steps.update.outputs.flux_version }}
            body: |
              ${{ steps.update.outputs.flux_version }}
 ```
 ### End-to-end testing
 Example workflow for running Flux in Kubernetes Kind:
 ```yaml
 name: e2e
 on:
  push:
    branches:
      - '*'
 jobs:
  kubernetes:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Setup Flux CLI
        uses: fluxcd/flux2/action@main
      - name: Setup Kubernetes Kind
        uses: engineerd/setup-kind@v0.5.0
      - name: Install Flux in Kubernetes Kind
        run: flux install
 ```
 A complete e2e testing workflow is available here
 [flux2-kustomize-helm-example](https://github.com/fluxcd/flux2-kustomize-helm-example/blob/main/.github/workflows/e2e.yaml)
--- a/action/action.yml
+++ b/action/action.yml
@@ -0,0 +1,15 @@
 name: 'kustomize'
 description: 'A GitHub Action for running Flux commands'
 author: 'Flux project'
 branding:
  icon: 'command'
  color: 'blue'
 inputs:
  version:
    description: 'strict semver'
    required: false
 runs:
  using: 'docker'
  image: 'Dockerfile'
  args:
    - ${{ inputs.version }}
--- a/action/entrypoint.sh
+++ b/action/entrypoint.sh
@@ -0,0 +1,40 @@
 #!/bin/bash
 #  Copyright 2020 The Flux authors
 #
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
 #  You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 #  Unless required by applicable law or agreed to in writing, software
 #  distributed under the License is distributed on an "AS IS" BASIS,
 #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
 set -e
 VERSION=$1
 if [ -z $VERSION ]; then
  # Find latest release if no version is specified
  VERSION=$(curl https://api.github.com/repos/fluxcd/flux2/releases/latest -sL | grep tag_name | sed -E 's/.*"([^"]+)".*/\1/' | cut -c 2-)
 fi
 # Download linux binary
 BIN_URL="https://github.com/fluxcd/flux2/releases/download/v${VERSION}/flux_${VERSION}_linux_amd64.tar.gz"
 curl -sL $BIN_URL | tar xz
 # Copy binary to GitHub runner
 mkdir -p $GITHUB_WORKSPACE/bin
 mv ./flux $GITHUB_WORKSPACE/bin
 chmod +x $GITHUB_WORKSPACE/bin/flux
 # Print version
 $GITHUB_WORKSPACE/bin/flux -v
 # Add binary to GitHub runner path
 echo "$GITHUB_WORKSPACE/bin" >> $GITHUB_PATH
 echo "$RUNNER_WORKSPACE/$(basename $GITHUB_REPOSITORY)/bin" >> $GITHUB_PATH
--- a/cmd/flux/bootstrap.go
+++ b/cmd/flux/bootstrap.go
@@ -0,0 +1,310 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"net/url"
 	"path/filepath"
 	"time"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1beta1"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/flux2/pkg/manifestgen/install"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sync"
 )
 var bootstrapCmd = &cobra.Command{
 	Use:   "bootstrap",
 	Short: "Bootstrap toolkit components",
 	Long:  "The bootstrap sub-commands bootstrap the toolkit components on the targeted Git provider.",
 }
 type bootstrapFlags struct {
 	version            string
 	defaultComponents  []string
 	extraComponents    []string
 	registry           string
 	imagePullSecret    string
 	branch             string
 	watchAllNamespaces bool
 	networkPolicy      bool
 	manifestsPath      string
 	arch               flags.Arch
 	logLevel           flags.LogLevel
 	requiredComponents []string
 	tokenAuth          bool
 	clusterDomain      string
 	tolerationKeys     []string
 }
 const (
 	bootstrapDefaultBranch = "main"
 )
 var bootstrapArgs = NewBootstrapFlags()
 func init() {
 	bootstrapCmd.PersistentFlags().StringVarP(&bootstrapArgs.version, "version", "v", rootArgs.defaults.Version,
 		"toolkit version")
 	bootstrapCmd.PersistentFlags().StringSliceVar(&bootstrapArgs.defaultComponents, "components", rootArgs.defaults.Components,
 		"list of components, accepts comma-separated values")
 	bootstrapCmd.PersistentFlags().StringSliceVar(&bootstrapArgs.extraComponents, "components-extra", nil,
 		"list of components in addition to those supplied or defaulted, accepts comma-separated values")
 	bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.registry, "registry", "ghcr.io/fluxcd",
 		"container registry where the toolkit images are published")
 	bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.imagePullSecret, "image-pull-secret", "",
 		"Kubernetes secret name used for pulling the toolkit images from a private registry")
 	bootstrapCmd.PersistentFlags().Var(&bootstrapArgs.arch, "arch", bootstrapArgs.arch.Description())
 	bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.branch, "branch", bootstrapDefaultBranch,
 		"default branch (for GitHub this must match the default branch setting for the organization)")
 	bootstrapCmd.PersistentFlags().BoolVar(&bootstrapArgs.watchAllNamespaces, "watch-all-namespaces", true,
 		"watch for custom resources in all namespaces, if set to false it will only watch the namespace where the toolkit is installed")
 	bootstrapCmd.PersistentFlags().BoolVar(&bootstrapArgs.networkPolicy, "network-policy", true,
 		"deny ingress access to the toolkit controllers from other namespaces using network policies")
 	bootstrapCmd.PersistentFlags().BoolVar(&bootstrapArgs.tokenAuth, "token-auth", false,
 		"when enabled, the personal access token will be used instead of SSH deploy key")
 	bootstrapCmd.PersistentFlags().Var(&bootstrapArgs.logLevel, "log-level", bootstrapArgs.logLevel.Description())
 	bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.manifestsPath, "manifests", "", "path to the manifest directory")
 	bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.clusterDomain, "cluster-domain", rootArgs.defaults.ClusterDomain, "internal cluster domain")
 	bootstrapCmd.PersistentFlags().StringSliceVar(&bootstrapArgs.tolerationKeys, "toleration-keys", nil,
 		"list of toleration keys used to schedule the components pods onto nodes with matching taints")
 	bootstrapCmd.PersistentFlags().MarkHidden("manifests")
 	bootstrapCmd.PersistentFlags().MarkDeprecated("arch", "multi-arch container image is now available for AMD64, ARMv7 and ARM64")
 	rootCmd.AddCommand(bootstrapCmd)
 }
 func NewBootstrapFlags() bootstrapFlags {
 	return bootstrapFlags{
 		logLevel:           flags.LogLevel(rootArgs.defaults.LogLevel),
 		requiredComponents: []string{"source-controller", "kustomize-controller"},
 	}
 }
 func bootstrapComponents() []string {
 	return append(bootstrapArgs.defaultComponents, bootstrapArgs.extraComponents...)
 }
 func bootstrapValidate() error {
 	components := bootstrapComponents()
 	for _, component := range bootstrapArgs.requiredComponents {
 		if !utils.ContainsItemString(components, component) {
 			return fmt.Errorf("component %s is required", component)
 		}
 	}
 	if err := utils.ValidateComponents(components); err != nil {
 		return err
 	}
 	return nil
 }
 func generateInstallManifests(targetPath, namespace, tmpDir string, localManifests string) (string, error) {
 	if bootstrapArgs.version == install.MakeDefaultOptions().Version {
 		version, err := install.GetLatestVersion()
 		if err != nil {
 			return "", err
 		}
 		bootstrapArgs.version = version
 	}
 	opts := install.Options{
 		BaseURL:                localManifests,
 		Version:                bootstrapArgs.version,
 		Namespace:              namespace,
 		Components:             bootstrapComponents(),
 		Registry:               bootstrapArgs.registry,
 		ImagePullSecret:        bootstrapArgs.imagePullSecret,
 		WatchAllNamespaces:     bootstrapArgs.watchAllNamespaces,
 		NetworkPolicy:          bootstrapArgs.networkPolicy,
 		LogLevel:               bootstrapArgs.logLevel.String(),
 		NotificationController: rootArgs.defaults.NotificationController,
 		ManifestFile:           rootArgs.defaults.ManifestFile,
 		Timeout:                rootArgs.timeout,
 		TargetPath:             targetPath,
 		ClusterDomain:          bootstrapArgs.clusterDomain,
 		TolerationKeys:         bootstrapArgs.tolerationKeys,
 	}
 	if localManifests == "" {
 		opts.BaseURL = rootArgs.defaults.BaseURL
 	}
 	output, err := install.Generate(opts)
 	if err != nil {
 		return "", fmt.Errorf("generating install manifests failed: %w", err)
 	}
 	filePath, err := output.WriteFile(tmpDir)
 	if err != nil {
 		return "", fmt.Errorf("generating install manifests failed: %w", err)
 	}
 	return filePath, nil
 }
 func applyInstallManifests(ctx context.Context, manifestPath string, components []string) error {
 	kubectlArgs := []string{"apply", "-f", manifestPath}
 	if _, err := utils.ExecKubectlCommand(ctx, utils.ModeOS, rootArgs.kubeconfig, rootArgs.kubecontext, kubectlArgs...); err != nil {
 		return fmt.Errorf("install failed")
 	}
 	statusChecker, err := NewStatusChecker(time.Second, rootArgs.timeout)
 	if err != nil {
 		return fmt.Errorf("install failed: %w", err)
 	}
 	logger.Waitingf("verifying installation")
 	if err := statusChecker.Assess(components...); err != nil {
 		return fmt.Errorf("install failed")
 	}
 	return nil
 }
 func generateSyncManifests(url, branch, name, namespace, targetPath, tmpDir string, interval time.Duration) (string, error) {
 	opts := sync.Options{
 		Name:         name,
 		Namespace:    namespace,
 		URL:          url,
 		Branch:       branch,
 		Interval:     interval,
 		TargetPath:   targetPath,
 		ManifestFile: sync.MakeDefaultOptions().ManifestFile,
 	}
 	manifest, err := sync.Generate(opts)
 	if err != nil {
 		return "", fmt.Errorf("generating install manifests failed: %w", err)
 	}
 	output, err := manifest.WriteFile(tmpDir)
 	if err != nil {
 		return "", err
 	}
 	outputDir := filepath.Dir(output)
 	if err := utils.GenerateKustomizationYaml(outputDir); err != nil {
 		return "", err
 	}
 	return outputDir, nil
 }
 func applySyncManifests(ctx context.Context, kubeClient client.Client, name, namespace, manifestsPath string) error {
 	kubectlArgs := []string{"apply", "-k", manifestsPath}
 	if _, err := utils.ExecKubectlCommand(ctx, utils.ModeStderrOS, rootArgs.kubeconfig, rootArgs.kubecontext, kubectlArgs...); err != nil {
 		return err
 	}
 	logger.Waitingf("waiting for cluster sync")
 	var gitRepository sourcev1.GitRepository
 	if err := wait.PollImmediate(rootArgs.pollInterval, rootArgs.timeout,
 		isGitRepositoryReady(ctx, kubeClient, types.NamespacedName{Name: name, Namespace: namespace}, &gitRepository)); err != nil {
 		return err
 	}
 	var kustomization kustomizev1.Kustomization
 	if err := wait.PollImmediate(rootArgs.pollInterval, rootArgs.timeout,
 		isKustomizationReady(ctx, kubeClient, types.NamespacedName{Name: name, Namespace: namespace}, &kustomization)); err != nil {
 		return err
 	}
 	return nil
 }
 func shouldInstallManifests(ctx context.Context, kubeClient client.Client, namespace string) bool {
 	namespacedName := types.NamespacedName{
 		Namespace: namespace,
 		Name:      namespace,
 	}
 	var kustomization kustomizev1.Kustomization
 	if err := kubeClient.Get(ctx, namespacedName, &kustomization); err != nil {
 		return true
 	}
 	return kustomization.Status.LastAppliedRevision == ""
 }
 func shouldCreateDeployKey(ctx context.Context, kubeClient client.Client, namespace string) bool {
 	namespacedName := types.NamespacedName{
 		Namespace: namespace,
 		Name:      namespace,
 	}
 	var existing corev1.Secret
 	if err := kubeClient.Get(ctx, namespacedName, &existing); err != nil {
 		return true
 	}
 	return false
 }
 func generateDeployKey(ctx context.Context, kubeClient client.Client, url *url.URL, namespace string) (string, error) {
 	pair, err := generateKeyPair(ctx, sourceGitArgs.keyAlgorithm, sourceGitArgs.keyRSABits, sourceGitArgs.keyECDSACurve)
 	if err != nil {
 		return "", err
 	}
 	hostKey, err := scanHostKey(ctx, url)
 	if err != nil {
 		return "", err
 	}
 	secret := corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      namespace,
 			Namespace: namespace,
 		},
 		StringData: map[string]string{
 			"identity":     string(pair.PrivateKey),
 			"identity.pub": string(pair.PublicKey),
 			"known_hosts":  string(hostKey),
 		},
 	}
 	if err := upsertSecret(ctx, kubeClient, secret); err != nil {
 		return "", err
 	}
 	return string(pair.PublicKey), nil
 }
 func checkIfBootstrapPathDiffers(ctx context.Context, kubeClient client.Client, namespace string, path string) (string, bool) {
 	namespacedName := types.NamespacedName{
 		Name:      namespace,
 		Namespace: namespace,
 	}
 	var fluxSystemKustomization kustomizev1.Kustomization
 	err := kubeClient.Get(ctx, namespacedName, &fluxSystemKustomization)
 	if err != nil {
 		return "", false
 	}
 	if fluxSystemKustomization.Spec.Path == path {
 		return "", false
 	}
 	return fluxSystemKustomization.Spec.Path, true
 }
--- a/cmd/flux/bootstrap_github.go
+++ b/cmd/flux/bootstrap_github.go
@@ -0,0 +1,333 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"io/ioutil"
 	"net/url"
 	"os"
 	"path"
 	"path/filepath"
 	"time"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"github.com/fluxcd/pkg/git"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var bootstrapGitHubCmd = &cobra.Command{
 	Use:   "github",
 	Short: "Bootstrap toolkit components in a GitHub repository",
 	Long: `The bootstrap github command creates the GitHub repository if it doesn't exists and
 commits the toolkit components manifests to the main branch.
 Then it configures the target cluster to synchronize with the repository.
 If the toolkit components are present on the cluster,
 the bootstrap command will perform an upgrade if needed.`,
 	Example: `  # Create a GitHub personal access token and export it as an env var
  export GITHUB_TOKEN=<my-token>
  # Run bootstrap for a private repo owned by a GitHub organization
  flux bootstrap github --owner=<organization> --repository=<repo name>
  # Run bootstrap for a private repo and assign organization teams to it
  flux bootstrap github --owner=<organization> --repository=<repo name> --team=<team1 slug> --team=<team2 slug>
  # Run bootstrap for a repository path
  flux bootstrap github --owner=<organization> --repository=<repo name> --path=dev-cluster
  # Run bootstrap for a public repository on a personal account
  flux bootstrap github --owner=<user> --repository=<repo name> --private=false --personal=true
  # Run bootstrap for a private repo hosted on GitHub Enterprise using SSH auth
  flux bootstrap github --owner=<organization> --repository=<repo name> --hostname=<domain> --ssh-hostname=<domain>
  # Run bootstrap for a private repo hosted on GitHub Enterprise using HTTPS auth
  flux bootstrap github --owner=<organization> --repository=<repo name> --hostname=<domain> --token-auth
  # Run bootstrap for a an existing repository with a branch named main
  flux bootstrap github --owner=<organization> --repository=<repo name> --branch=main
 `,
 	RunE: bootstrapGitHubCmdRun,
 }
 type githubFlags struct {
 	owner       string
 	repository  string
 	interval    time.Duration
 	personal    bool
 	private     bool
 	hostname    string
 	path        flags.SafeRelativePath
 	teams       []string
 	delete      bool
 	sshHostname string
 }
 const (
 	ghDefaultPermission = "maintain"
 )
 var githubArgs githubFlags
 func init() {
 	bootstrapGitHubCmd.Flags().StringVar(&githubArgs.owner, "owner", "", "GitHub user or organization name")
 	bootstrapGitHubCmd.Flags().StringVar(&githubArgs.repository, "repository", "", "GitHub repository name")
 	bootstrapGitHubCmd.Flags().StringArrayVar(&githubArgs.teams, "team", []string{}, "GitHub team to be given maintainer access")
 	bootstrapGitHubCmd.Flags().BoolVar(&githubArgs.personal, "personal", false, "if true, the owner is assumed to be a GitHub user; otherwise an org")
 	bootstrapGitHubCmd.Flags().BoolVar(&githubArgs.private, "private", true, "if true, the repository is assumed to be private")
 	bootstrapGitHubCmd.Flags().DurationVar(&githubArgs.interval, "interval", time.Minute, "sync interval")
 	bootstrapGitHubCmd.Flags().StringVar(&githubArgs.hostname, "hostname", git.GitHubDefaultHostname, "GitHub hostname")
 	bootstrapGitHubCmd.Flags().StringVar(&githubArgs.sshHostname, "ssh-hostname", "", "GitHub SSH hostname, to be used when the SSH host differs from the HTTPS one")
 	bootstrapGitHubCmd.Flags().Var(&githubArgs.path, "path", "path relative to the repository root, when specified the cluster sync will be scoped to this path")
 	bootstrapGitHubCmd.Flags().BoolVar(&githubArgs.delete, "delete", false, "delete repository (used for testing only)")
 	bootstrapGitHubCmd.Flags().MarkHidden("delete")
 	bootstrapCmd.AddCommand(bootstrapGitHubCmd)
 }
 func bootstrapGitHubCmdRun(cmd *cobra.Command, args []string) error {
 	ghToken := os.Getenv(git.GitHubTokenName)
 	if ghToken == "" {
 		return fmt.Errorf("%s environment variable not found", git.GitHubTokenName)
 	}
 	if err := bootstrapValidate(); err != nil {
 		return err
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	usedPath, bootstrapPathDiffers := checkIfBootstrapPathDiffers(
 		ctx,
 		kubeClient,
 		rootArgs.namespace,
 		filepath.ToSlash(githubArgs.path.String()),
 	)
 	if bootstrapPathDiffers {
 		return fmt.Errorf("cluster already bootstrapped to %v path", usedPath)
 	}
 	repository, err := git.NewRepository(
 		githubArgs.repository,
 		githubArgs.owner,
 		githubArgs.hostname,
 		ghToken,
 		"flux",
 		githubArgs.owner+"@users.noreply.github.com",
 	)
 	if err != nil {
 		return err
 	}
 	if githubArgs.sshHostname != "" {
 		repository.SSHHost = githubArgs.sshHostname
 	}
 	provider := &git.GithubProvider{
 		IsPrivate:  githubArgs.private,
 		IsPersonal: githubArgs.personal,
 	}
 	tmpDir, err := ioutil.TempDir("", rootArgs.namespace)
 	if err != nil {
 		return err
 	}
 	defer os.RemoveAll(tmpDir)
 	if githubArgs.delete {
 		if err := provider.DeleteRepository(ctx, repository); err != nil {
 			return err
 		}
 		logger.Successf("repository deleted")
 		return nil
 	}
 	// create GitHub repository if doesn't exists
 	logger.Actionf("connecting to %s", githubArgs.hostname)
 	changed, err := provider.CreateRepository(ctx, repository)
 	if err != nil {
 		return err
 	}
 	if changed {
 		logger.Successf("repository created")
 	}
 	withErrors := false
 	// add teams to org repository
 	if !githubArgs.personal {
 		for _, team := range githubArgs.teams {
 			if changed, err := provider.AddTeam(ctx, repository, team, ghDefaultPermission); err != nil {
 				logger.Failuref(err.Error())
 				withErrors = true
 			} else if changed {
 				logger.Successf("%s team access granted", team)
 			}
 		}
 	}
 	// clone repository and checkout the main branch
 	if err := repository.Checkout(ctx, bootstrapArgs.branch, tmpDir); err != nil {
 		return err
 	}
 	logger.Successf("repository cloned")
 	// generate install manifests
 	logger.Generatef("generating manifests")
 	installManifest, err := generateInstallManifests(
 		githubArgs.path.String(),
 		rootArgs.namespace,
 		tmpDir,
 		bootstrapArgs.manifestsPath,
 	)
 	if err != nil {
 		return err
 	}
 	// stage install manifests
 	changed, err = repository.Commit(
 		ctx,
 		path.Join(githubArgs.path.String(), rootArgs.namespace),
 		fmt.Sprintf("Add flux %s components manifests", bootstrapArgs.version),
 	)
 	if err != nil {
 		return err
 	}
 	// push install manifests
 	if changed {
 		if err := repository.Push(ctx); err != nil {
 			return err
 		}
 		logger.Successf("components manifests pushed")
 	} else {
 		logger.Successf("components are up to date")
 	}
 	// determine if repo synchronization is working
 	isInstall := shouldInstallManifests(ctx, kubeClient, rootArgs.namespace)
 	if isInstall {
 		// apply install manifests
 		logger.Actionf("installing components in %s namespace", rootArgs.namespace)
 		if err := applyInstallManifests(ctx, installManifest, bootstrapComponents()); err != nil {
 			return err
 		}
 		logger.Successf("install completed")
 	}
 	repoURL := repository.GetURL()
 	if bootstrapArgs.tokenAuth {
 		// setup HTTPS token auth
 		secret := corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
 				Name:      rootArgs.namespace,
 				Namespace: rootArgs.namespace,
 			},
 			StringData: map[string]string{
 				"username": "git",
 				"password": ghToken,
 			},
 		}
 		if err := upsertSecret(ctx, kubeClient, secret); err != nil {
 			return err
 		}
 	} else {
 		// setup SSH deploy key
 		repoURL = repository.GetSSH()
 		if shouldCreateDeployKey(ctx, kubeClient, rootArgs.namespace) {
 			logger.Actionf("configuring deploy key")
 			u, err := url.Parse(repository.GetSSH())
 			if err != nil {
 				return fmt.Errorf("git URL parse failed: %w", err)
 			}
 			key, err := generateDeployKey(ctx, kubeClient, u, rootArgs.namespace)
 			if err != nil {
 				return fmt.Errorf("generating deploy key failed: %w", err)
 			}
 			keyName := "flux"
 			if githubArgs.path != "" {
 				keyName = fmt.Sprintf("flux-%s", githubArgs.path)
 			}
 			if changed, err := provider.AddDeployKey(ctx, repository, key, keyName); err != nil {
 				return err
 			} else if changed {
 				logger.Successf("deploy key configured")
 			}
 		}
 	}
 	// configure repo synchronization
 	logger.Actionf("generating sync manifests")
 	syncManifests, err := generateSyncManifests(
 		repoURL,
 		bootstrapArgs.branch,
 		rootArgs.namespace,
 		rootArgs.namespace,
 		filepath.ToSlash(githubArgs.path.String()),
 		tmpDir,
 		githubArgs.interval,
 	)
 	if err != nil {
 		return err
 	}
 	// commit and push manifests
 	if changed, err = repository.Commit(
 		ctx,
 		path.Join(githubArgs.path.String(), rootArgs.namespace),
 		fmt.Sprintf("Add flux %s sync manifests", bootstrapArgs.version),
 	); err != nil {
 		return err
 	} else if changed {
 		if err := repository.Push(ctx); err != nil {
 			return err
 		}
 		logger.Successf("sync manifests pushed")
 	}
 	// apply manifests and waiting for sync
 	logger.Actionf("applying sync manifests")
 	if err := applySyncManifests(ctx, kubeClient, rootArgs.namespace, rootArgs.namespace, syncManifests); err != nil {
 		return err
 	}
 	if withErrors {
 		return fmt.Errorf("bootstrap completed with errors")
 	}
 	logger.Successf("bootstrap finished")
 	return nil
 }
--- a/cmd/flux/bootstrap_gitlab.go
+++ b/cmd/flux/bootstrap_gitlab.go
@@ -0,0 +1,303 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"io/ioutil"
 	"net/url"
 	"os"
 	"path"
 	"path/filepath"
 	"regexp"
 	"time"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"github.com/fluxcd/pkg/git"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var bootstrapGitLabCmd = &cobra.Command{
 	Use:   "gitlab",
 	Short: "Bootstrap toolkit components in a GitLab repository",
 	Long: `The bootstrap gitlab command creates the GitLab repository if it doesn't exists and
 commits the toolkit components manifests to the master branch.
 Then it configures the target cluster to synchronize with the repository.
 If the toolkit components are present on the cluster,
 the bootstrap command will perform an upgrade if needed.`,
 	Example: `  # Create a GitLab API token and export it as an env var
  export GITLAB_TOKEN=<my-token>
  # Run bootstrap for a private repo using HTTPS token authentication
  flux bootstrap gitlab --owner=<group> --repository=<repo name> --token-auth
  # Run bootstrap for a private repo using SSH authentication
  flux bootstrap gitlab --owner=<group> --repository=<repo name>
  # Run bootstrap for a repository path
  flux bootstrap gitlab --owner=<group> --repository=<repo name> --path=dev-cluster
  # Run bootstrap for a public repository on a personal account
  flux bootstrap gitlab --owner=<user> --repository=<repo name> --private=false --personal --token-auth
  # Run bootstrap for a private repo hosted on a GitLab server
  flux bootstrap gitlab --owner=<group> --repository=<repo name> --hostname=<domain> --token-auth
  # Run bootstrap for a an existing repository with a branch named main
  flux bootstrap gitlab --owner=<organization> --repository=<repo name> --branch=main --token-auth
 `,
 	RunE: bootstrapGitLabCmdRun,
 }
 const (
 	gitlabProjectRegex = `\A[[:alnum:]\x{00A9}-\x{1f9ff}_][[:alnum:]\p{Pd}\x{00A9}-\x{1f9ff}_\.]*\z`
 )
 type gitlabFlags struct {
 	owner       string
 	repository  string
 	interval    time.Duration
 	personal    bool
 	private     bool
 	hostname    string
 	sshHostname string
 	path        flags.SafeRelativePath
 }
 var gitlabArgs gitlabFlags
 func init() {
 	bootstrapGitLabCmd.Flags().StringVar(&gitlabArgs.owner, "owner", "", "GitLab user or group name")
 	bootstrapGitLabCmd.Flags().StringVar(&gitlabArgs.repository, "repository", "", "GitLab repository name")
 	bootstrapGitLabCmd.Flags().BoolVar(&gitlabArgs.personal, "personal", false, "if true, the owner is assumed to be a GitLab user; otherwise a group")
 	bootstrapGitLabCmd.Flags().BoolVar(&gitlabArgs.private, "private", true, "if true, the repository is assumed to be private")
 	bootstrapGitLabCmd.Flags().DurationVar(&gitlabArgs.interval, "interval", time.Minute, "sync interval")
 	bootstrapGitLabCmd.Flags().StringVar(&gitlabArgs.hostname, "hostname", git.GitLabDefaultHostname, "GitLab hostname")
 	bootstrapGitLabCmd.Flags().StringVar(&gitlabArgs.sshHostname, "ssh-hostname", "", "GitLab SSH hostname, to be used when the SSH host differs from the HTTPS one")
 	bootstrapGitLabCmd.Flags().Var(&gitlabArgs.path, "path", "path relative to the repository root, when specified the cluster sync will be scoped to this path")
 	bootstrapCmd.AddCommand(bootstrapGitLabCmd)
 }
 func bootstrapGitLabCmdRun(cmd *cobra.Command, args []string) error {
 	glToken := os.Getenv(git.GitLabTokenName)
 	if glToken == "" {
 		return fmt.Errorf("%s environment variable not found", git.GitLabTokenName)
 	}
 	projectNameIsValid, err := regexp.MatchString(gitlabProjectRegex, gitlabArgs.repository)
 	if err != nil {
 		return err
 	}
 	if !projectNameIsValid {
 		return fmt.Errorf("%s is an invalid project name for gitlab.\nIt can contain only letters, digits, emojis, '_', '.', dash, space. It must start with letter, digit, emoji or '_'.", gitlabArgs.repository)
 	}
 	if err := bootstrapValidate(); err != nil {
 		return err
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	usedPath, bootstrapPathDiffers := checkIfBootstrapPathDiffers(ctx, kubeClient, rootArgs.namespace, filepath.ToSlash(gitlabArgs.path.String()))
 	if bootstrapPathDiffers {
 		return fmt.Errorf("cluster already bootstrapped to %v path", usedPath)
 	}
 	repository, err := git.NewRepository(
 		gitlabArgs.repository,
 		gitlabArgs.owner,
 		gitlabArgs.hostname,
 		glToken,
 		"flux",
 		gitlabArgs.owner+"@users.noreply.gitlab.com",
 	)
 	if err != nil {
 		return err
 	}
 	if gitlabArgs.sshHostname != "" {
 		repository.SSHHost = gitlabArgs.sshHostname
 	}
 	tmpDir, err := ioutil.TempDir("", rootArgs.namespace)
 	if err != nil {
 		return err
 	}
 	defer os.RemoveAll(tmpDir)
 	provider := &git.GitLabProvider{
 		IsPrivate:  gitlabArgs.private,
 		IsPersonal: gitlabArgs.personal,
 	}
 	// create GitLab project if doesn't exists
 	logger.Actionf("connecting to %s", gitlabArgs.hostname)
 	changed, err := provider.CreateRepository(ctx, repository)
 	if err != nil {
 		return err
 	}
 	if changed {
 		logger.Successf("repository created")
 	}
 	// clone repository and checkout the master branch
 	if err := repository.Checkout(ctx, bootstrapArgs.branch, tmpDir); err != nil {
 		return err
 	}
 	logger.Successf("repository cloned")
 	// generate install manifests
 	logger.Generatef("generating manifests")
 	installManifest, err := generateInstallManifests(
 		gitlabArgs.path.String(),
 		rootArgs.namespace,
 		tmpDir,
 		bootstrapArgs.manifestsPath,
 	)
 	if err != nil {
 		return err
 	}
 	// stage install manifests
 	changed, err = repository.Commit(
 		ctx,
 		path.Join(gitlabArgs.path.String(), rootArgs.namespace),
 		fmt.Sprintf("Add flux %s components manifests", bootstrapArgs.version),
 	)
 	if err != nil {
 		return err
 	}
 	// push install manifests
 	if changed {
 		if err := repository.Push(ctx); err != nil {
 			return err
 		}
 		logger.Successf("components manifests pushed")
 	} else {
 		logger.Successf("components are up to date")
 	}
 	// determine if repo synchronization is working
 	isInstall := shouldInstallManifests(ctx, kubeClient, rootArgs.namespace)
 	if isInstall {
 		// apply install manifests
 		logger.Actionf("installing components in %s namespace", rootArgs.namespace)
 		if err := applyInstallManifests(ctx, installManifest, bootstrapComponents()); err != nil {
 			return err
 		}
 		logger.Successf("install completed")
 	}
 	repoURL := repository.GetURL()
 	if bootstrapArgs.tokenAuth {
 		// setup HTTPS token auth
 		secret := corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
 				Name:      rootArgs.namespace,
 				Namespace: rootArgs.namespace,
 			},
 			StringData: map[string]string{
 				"username": "git",
 				"password": glToken,
 			},
 		}
 		if err := upsertSecret(ctx, kubeClient, secret); err != nil {
 			return err
 		}
 	} else {
 		// setup SSH deploy key
 		repoURL = repository.GetSSH()
 		if shouldCreateDeployKey(ctx, kubeClient, rootArgs.namespace) {
 			logger.Actionf("configuring deploy key")
 			u, err := url.Parse(repoURL)
 			if err != nil {
 				return fmt.Errorf("git URL parse failed: %w", err)
 			}
 			key, err := generateDeployKey(ctx, kubeClient, u, rootArgs.namespace)
 			if err != nil {
 				return fmt.Errorf("generating deploy key failed: %w", err)
 			}
 			keyName := "flux"
 			if gitlabArgs.path != "" {
 				keyName = fmt.Sprintf("flux-%s", gitlabArgs.path)
 			}
 			if changed, err := provider.AddDeployKey(ctx, repository, key, keyName); err != nil {
 				return err
 			} else if changed {
 				logger.Successf("deploy key configured")
 			}
 		}
 	}
 	// configure repo synchronization
 	logger.Actionf("generating sync manifests")
 	syncManifests, err := generateSyncManifests(
 		repoURL,
 		bootstrapArgs.branch,
 		rootArgs.namespace,
 		rootArgs.namespace,
 		filepath.ToSlash(gitlabArgs.path.String()),
 		tmpDir,
 		gitlabArgs.interval,
 	)
 	if err != nil {
 		return err
 	}
 	// commit and push manifests
 	if changed, err = repository.Commit(
 		ctx,
 		path.Join(gitlabArgs.path.String(), rootArgs.namespace),
 		fmt.Sprintf("Add flux %s sync manifests", bootstrapArgs.version),
 	); err != nil {
 		return err
 	} else if changed {
 		if err := repository.Push(ctx); err != nil {
 			return err
 		}
 		logger.Successf("sync manifests pushed")
 	}
 	// apply manifests and waiting for sync
 	logger.Actionf("applying sync manifests")
 	if err := applySyncManifests(ctx, kubeClient, rootArgs.namespace, rootArgs.namespace, syncManifests); err != nil {
 		return err
 	}
 	logger.Successf("bootstrap finished")
 	return nil
 }
--- a/cmd/flux/check.go
+++ b/cmd/flux/check.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -18,15 +18,17 @@ package main
 import (
 	"context"
-	"fmt"
+	"encoding/json"
 	"os"
 	"os/exec"
 	"strings"
 	"time"
 	"github.com/blang/semver/v4"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/spf13/cobra"
 	apimachineryversion "k8s.io/apimachinery/pkg/version"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
 )
 var checkCmd = &cobra.Command{
@@ -35,29 +37,38 @@ var checkCmd = &cobra.Command{
 	Long: `The check command will perform a series of checks to validate that
 the local environment is configured correctly and if the installed components are healthy.`,
 	Example: `  # Run pre-installation checks
-  gotk check --pre
+  flux check --pre
  # Run installation checks
-  gotk check
+  flux check
 `,
 	RunE: runCheckCmd,
 }
-var (
+type checkFlags struct {
-	checkPre        bool
+	pre             bool
-	checkComponents []string
+	components      []string
-)
+	extraComponents []string
 }
 type kubectlVersion struct {
 	ClientVersion *apimachineryversion.Info `json:"clientVersion"`
 }
 var checkArgs checkFlags
 func init() {
-	checkCmd.Flags().BoolVarP(&checkPre, "pre", "", false,
+	checkCmd.Flags().BoolVarP(&checkArgs.pre, "pre", "", false,
 		"only run pre-installation checks")
-	checkCmd.Flags().StringSliceVar(&checkComponents, "components", defaultComponents,
+	checkCmd.Flags().StringSliceVar(&checkArgs.components, "components", rootArgs.defaults.Components,
 		"list of components, accepts comma-separated values")
 	checkCmd.Flags().StringSliceVar(&checkArgs.extraComponents, "components-extra", nil,
 		"list of components in addition to those supplied or defaulted, accepts comma-separated values")
 	rootCmd.AddCommand(checkCmd)
 }
 func runCheckCmd(cmd *cobra.Command, args []string) error {
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	logger.Actionf("checking prerequisites")
@@ -71,7 +82,7 @@ func runCheckCmd(cmd *cobra.Command, args []string) error {
 		checkFailed = true
 	}
-	if checkPre {
+	if checkArgs.pre {
 		if checkFailed {
 			os.Exit(1)
 		}
@@ -97,14 +108,20 @@ func kubectlCheck(ctx context.Context, version string) bool {
 		return false
 	}
-	command := "kubectl version --client --short | awk '{ print $3 }'"
+	kubectlArgs := []string{"version", "--client", "--output", "json"}
-	output, err := utils.execCommand(ctx, ModeCapture, command)
+	output, err := utils.ExecKubectlCommand(ctx, utils.ModeCapture, rootArgs.kubeconfig, rootArgs.kubecontext, kubectlArgs...)
 	if err != nil {
 		logger.Failuref("kubectl version can't be determined")
 		return false
 	}
-	v, err := semver.ParseTolerant(output)
+	kv := &kubectlVersion{}
 	if err = json.Unmarshal([]byte(output), kv); err != nil {
 		logger.Failuref("kubectl version output can't be unmarshaled")
 		return false
 	}
 	v, err := semver.ParseTolerant(kv.ClientVersion.GitVersion)
 	if err != nil {
 		logger.Failuref("kubectl version can't be parsed")
 		return false
@@ -121,7 +138,7 @@ func kubectlCheck(ctx context.Context, version string) bool {
 }
 func kubernetesCheck(version string) bool {
-	cfg, err := clientcmd.BuildConfigFromFlags("", kubeconfig)
+	cfg, err := utils.KubeConfig(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		logger.Failuref("Kubernetes client initialization failed: %s", err.Error())
 		return false
@@ -156,18 +173,26 @@ func kubernetesCheck(version string) bool {
 }
 func componentsCheck() bool {
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	statusChecker, err := NewStatusChecker(time.Second, 30*time.Second)
 	if err != nil {
 		return false
 	}
 	ok := true
-	for _, deployment := range checkComponents {
+	deployments := append(checkArgs.components, checkArgs.extraComponents...)
-		command := fmt.Sprintf("kubectl -n %s rollout status deployment %s --timeout=%s",
+	for _, deployment := range deployments {
-			namespace, deployment, timeout.String())
+		if err := statusChecker.Assess(deployment); err != nil {
 		if output, err := utils.execCommand(ctx, ModeCapture, command); err != nil {
 			logger.Failuref("%s: %s", deployment, strings.TrimSuffix(output, "\n"))
 			ok = false
 		} else {
-			logger.Successf("%s is healthy", deployment)
+			logger.Successf("%s: healthy", deployment)
 		}
 		kubectlArgs := []string{"-n", rootArgs.namespace, "get", "deployment", deployment, "-o", "jsonpath=\"{..image}\""}
 		if output, err := utils.ExecKubectlCommand(ctx, utils.ModeCapture, rootArgs.kubeconfig, rootArgs.kubecontext, kubectlArgs...); err == nil {
 			logger.Actionf(strings.TrimPrefix(strings.TrimSuffix(output, "\""), "\""))
 		}
 	}
 	return ok
--- a/cmd/flux/completion.go
+++ b/cmd/flux/completion.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
--- a/cmd/flux/completion_bash.go
+++ b/cmd/flux/completion_bash.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -27,12 +27,12 @@ var completionBashCmd = &cobra.Command{
 	Short: "Generates bash completion scripts",
 	Example: `To load completion run
-. <(gotk completion bash)
+. <(flux completion bash)
 To configure your bash shell to load completions for each session add to your bashrc
 # ~/.bashrc or ~/.profile
-command -v gotk >/dev/null && . <(gotk completion bash)
+command -v flux >/dev/null && . <(flux completion bash)
 `,
 	Run: func(cmd *cobra.Command, args []string) {
 		rootCmd.GenBashCompletion(os.Stdout)
--- a/cmd/flux/completion_fish.go
+++ b/cmd/flux/completion_fish.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -27,11 +27,11 @@ var completionFishCmd = &cobra.Command{
 	Short: "Generates fish completion scripts",
 	Example: `To load completion run
-. <(gotk completion fish)
+. <(flux completion fish)
 To configure your fish shell to load completions for each session write this script to your completions dir:
-gotk completion fish > ~/.config/fish/completions/gotk
+flux completion fish > ~/.config/fish/completions/flux
 See http://fishshell.com/docs/current/index.html#completion-own for more details
 `,
--- a/cmd/flux/completion_powershell.go
+++ b/cmd/flux/completion_powershell.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -27,19 +27,19 @@ var completionPowerShellCmd = &cobra.Command{
 	Short: "Generates powershell completion scripts",
 	Example: `To load completion run
-. <(gotk completion powershell)
+. <(flux completion powershell)
 To configure your powershell shell to load completions for each session add to your powershell profile
 Windows:
 cd "$env:USERPROFILE\Documents\WindowsPowerShell\Modules"
-gotk completion >> gotk-completion.ps1
+flux completion >> flux-completion.ps1
 Linux:
 cd "${XDG_CONFIG_HOME:-"$HOME/.config/"}/powershell/modules"
-gotk completion >> gotk-completions.ps1
+flux completion >> flux-completions.ps1
 `,
 	Run: func(cmd *cobra.Command, args []string) {
 		rootCmd.GenPowerShellCompletion(os.Stdout)
--- a/cmd/flux/completion_zsh.go
+++ b/cmd/flux/completion_zsh.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -27,20 +27,20 @@ var completionZshCmd = &cobra.Command{
 	Short: "Generates zsh completion scripts",
 	Example: `To load completion run
-. <(gotk completion zsh) && compdef _gotk gotk
+. <(flux completion zsh) && compdef _flux flux
 To configure your zsh shell to load completions for each session add to your zshrc
 # ~/.zshrc or ~/.profile
-command -v gotk >/dev/null && . <(gotk completion zsh) && compdef _gotk gotk
+command -v flux >/dev/null && . <(flux completion zsh) && compdef _flux flux
 or write a cached file in one of the completion directories in your ${fpath}:
 echo "${fpath// /\n}" | grep -i completion
-gotk completions zsh > _gotk
+flux completion zsh > _flux
-mv _gotk ~/.oh-my-zsh/completions  # oh-my-zsh
+mv _flux ~/.oh-my-zsh/completions  # oh-my-zsh
-mv _gotk ~/.zprezto/modules/completion/external/src/  # zprezto
+mv _flux ~/.zprezto/modules/completion/external/src/  # zprezto
 `,
 	Run: func(cmd *cobra.Command, args []string) {
 		rootCmd.GenZshCompletion(os.Stdout)
--- a/cmd/flux/create.go
+++ b/cmd/flux/create.go
@@ -0,0 +1,152 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"strings"
 	"time"
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/validation"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var createCmd = &cobra.Command{
 	Use:   "create",
 	Short: "Create or update sources and resources",
 	Long:  "The create sub-commands generate sources and resources.",
 }
 type createFlags struct {
 	interval time.Duration
 	export   bool
 	labels   []string
 }
 var createArgs createFlags
 func init() {
 	createCmd.PersistentFlags().DurationVarP(&createArgs.interval, "interval", "", time.Minute, "source sync interval")
 	createCmd.PersistentFlags().BoolVar(&createArgs.export, "export", false, "export in YAML format to stdout")
 	createCmd.PersistentFlags().StringSliceVar(&createArgs.labels, "label", nil,
 		"set labels on the resource (can specify multiple labels with commas: label1=value1,label2=value2)")
 	rootCmd.AddCommand(createCmd)
 }
 // upsertable is an interface for values that can be used in `upsert`.
 type upsertable interface {
 	adapter
 	named
 }
 // upsert updates or inserts an object. Instead of providing the
 // object itself, you provide a named (as in Name and Namespace)
 // template value, and a mutate function which sets the values you
 // want to update. The mutate function is nullary -- you mutate a
 // value in the closure, e.g., by doing this:
 //
 //     var existing Value
 //     existing.Name = name
 //     existing.Namespace = ns
 //     upsert(ctx, client, valueAdapter{&value}, func() error {
 //       value.Spec = onePreparedEarlier
 //     })
 func (names apiType) upsert(ctx context.Context, kubeClient client.Client, object upsertable, mutate func() error) (types.NamespacedName, error) {
 	nsname := types.NamespacedName{
 		Namespace: object.GetNamespace(),
 		Name:      object.GetName(),
 	}
 	op, err := controllerutil.CreateOrUpdate(ctx, kubeClient, object.asClientObject(), mutate)
 	if err != nil {
 		return nsname, err
 	}
 	switch op {
 	case controllerutil.OperationResultCreated:
 		logger.Successf("%s created", names.kind)
 	case controllerutil.OperationResultUpdated:
 		logger.Successf("%s updated", names.kind)
 	}
 	return nsname, nil
 }
 type upsertWaitable interface {
 	upsertable
 	statusable
 }
 // upsertAndWait encodes the pattern of creating or updating a
 // resource, then waiting for it to reconcile. See the note on
 // `upsert` for how to work with the `mutate` argument.
 func (names apiType) upsertAndWait(object upsertWaitable, mutate func() error) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext) // NB globals
 	if err != nil {
 		return err
 	}
 	logger.Generatef("generating %s", names.kind)
 	logger.Actionf("applying %s", names.kind)
 	namespacedName, err := imageRepositoryType.upsert(ctx, kubeClient, object, mutate)
 	if err != nil {
 		return err
 	}
 	logger.Waitingf("waiting for %s reconciliation", names.kind)
 	if err := wait.PollImmediate(rootArgs.pollInterval, rootArgs.timeout,
 		isReady(ctx, kubeClient, namespacedName, object)); err != nil {
 		return err
 	}
 	logger.Successf("%s reconciliation completed", names.kind)
 	return nil
 }
 func parseLabels() (map[string]string, error) {
 	result := make(map[string]string)
 	for _, label := range createArgs.labels {
 		// validate key value pair
 		parts := strings.Split(label, "=")
 		if len(parts) != 2 {
 			return nil, fmt.Errorf("invalid label format '%s', must be key=value", label)
 		}
 		// validate label name
 		if errors := validation.IsQualifiedName(parts[0]); len(errors) > 0 {
 			return nil, fmt.Errorf("invalid label '%s': %v", parts[0], errors)
 		}
 		// validate label value
 		if errors := validation.IsValidLabelValue(parts[1]); len(errors) > 0 {
 			return nil, fmt.Errorf("invalid label value '%s': %v", parts[1], errors)
 		}
 		result[parts[0]] = parts[1]
 	}
 	return result, nil
 }
--- a/cmd/flux/create_alert.go
+++ b/cmd/flux/create_alert.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -19,17 +19,19 @@ package main
 import (
 	"context"
 	"fmt"
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	notificationv1 "github.com/fluxcd/notification-controller/api/v1beta1"
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var createAlertCmd = &cobra.Command{
@@ -37,41 +39,43 @@ var createAlertCmd = &cobra.Command{
 	Short: "Create or update a Alert resource",
 	Long:  "The create alert command generates a Alert resource.",
 	Example: `  # Create an Alert for kustomization events
-  gotk create alert \
+  flux create alert \
  --event-severity info \
-  --event-source Kustomization/gotk-system \
+  --event-source Kustomization/flux-system \
  --provider-ref slack \
-  gotk-system
+  flux-system
 `,
 	RunE: createAlertCmdRun,
 }
-var (
+type alertFlags struct {
-	aProviderRef   string
+	providerRef   string
-	aEventSeverity string
+	eventSeverity string
-	aEventSources  []string
+	eventSources  []string
-)
+}
 var alertArgs alertFlags
 func init() {
-	createAlertCmd.Flags().StringVar(&aProviderRef, "provider-ref", "", "reference to provider")
+	createAlertCmd.Flags().StringVar(&alertArgs.providerRef, "provider-ref", "", "reference to provider")
-	createAlertCmd.Flags().StringVar(&aEventSeverity, "event-severity", "", "severity of events to send alerts for")
+	createAlertCmd.Flags().StringVar(&alertArgs.eventSeverity, "event-severity", "", "severity of events to send alerts for")
-	createAlertCmd.Flags().StringArrayVar(&aEventSources, "event-source", []string{}, "sources that should generate alerts (<kind>/<name>)")
+	createAlertCmd.Flags().StringArrayVar(&alertArgs.eventSources, "event-source", []string{}, "sources that should generate alerts (<kind>/<name>)")
 	createCmd.AddCommand(createAlertCmd)
 }
 func createAlertCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
-		return fmt.Errorf("alert name is required")
+		return fmt.Errorf("Alert name is required")
 	}
 	name := args[0]
-	if aProviderRef == "" {
+	if alertArgs.providerRef == "" {
 		return fmt.Errorf("provider ref is required")
 	}
 	eventSources := []notificationv1.CrossNamespaceObjectReference{}
-	for _, eventSource := range aEventSources {
+	for _, eventSource := range alertArgs.eventSources {
-		kind, name := utils.parseObjectKindName(eventSource)
+		kind, name := utils.ParseObjectKindName(eventSource)
 		if kind == "" {
 			return fmt.Errorf("invalid event source '%s', must be in format <kind>/<name>", eventSource)
 		}
@@ -91,55 +95,55 @@ func createAlertCmdRun(cmd *cobra.Command, args []string) error {
 		return err
 	}
-	if !export {
+	if !createArgs.export {
-		logger.Generatef("generating alert")
+		logger.Generatef("generating Alert")
 	}
 	alert := notificationv1.Alert{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
-			Namespace: namespace,
+			Namespace: rootArgs.namespace,
 			Labels:    sourceLabels,
 		},
 		Spec: notificationv1.AlertSpec{
-			ProviderRef: corev1.LocalObjectReference{
+			ProviderRef: meta.LocalObjectReference{
-				Name: aProviderRef,
+				Name: alertArgs.providerRef,
 			},
-			EventSeverity: aEventSeverity,
+			EventSeverity: alertArgs.eventSeverity,
 			EventSources:  eventSources,
 			Suspend:       false,
 		},
 	}
-	if export {
+	if createArgs.export {
 		return exportAlert(alert)
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
-	logger.Actionf("applying alert")
+	logger.Actionf("applying Alert")
-	if err := upsertAlert(ctx, kubeClient, alert); err != nil {
+	namespacedName, err := upsertAlert(ctx, kubeClient, &alert)
 	if err != nil {
 		return err
 	}
-	logger.Waitingf("waiting for reconciliation")
+	logger.Waitingf("waiting for Alert reconciliation")
-	if err := wait.PollImmediate(pollInterval, timeout,
+	if err := wait.PollImmediate(rootArgs.pollInterval, rootArgs.timeout,
-		isAlertReady(ctx, kubeClient, name, namespace)); err != nil {
+		isAlertReady(ctx, kubeClient, namespacedName, &alert)); err != nil {
 		return err
 	}
-
+	logger.Successf("Alert %s is ready", name)
 	logger.Successf("alert %s is ready", name)
 	return nil
 }
-func upsertAlert(ctx context.Context, kubeClient client.Client, alert notificationv1.Alert) error {
+func upsertAlert(ctx context.Context, kubeClient client.Client,
 	alert *notificationv1.Alert) (types.NamespacedName, error) {
 	namespacedName := types.NamespacedName{
 		Namespace: alert.GetNamespace(),
 		Name:      alert.GetName(),
@@ -149,44 +153,39 @@ func upsertAlert(ctx context.Context, kubeClient client.Client, alert notificati
 	err := kubeClient.Get(ctx, namespacedName, &existing)
 	if err != nil {
 		if errors.IsNotFound(err) {
-			if err := kubeClient.Create(ctx, &alert); err != nil {
+			if err := kubeClient.Create(ctx, alert); err != nil {
-				return err
+				return namespacedName, err
 			} else {
-				logger.Successf("alert created")
+				logger.Successf("Alert created")
-				return nil
+				return namespacedName, nil
 			}
 		}
-		return err
+		return namespacedName, err
 	}
 	existing.Labels = alert.Labels
 	existing.Spec = alert.Spec
 	if err := kubeClient.Update(ctx, &existing); err != nil {
-		return err
+		return namespacedName, err
 	}
-
+	alert = &existing
-	logger.Successf("alert updated")
+	logger.Successf("Alert updated")
-	return nil
+	return namespacedName, nil
 }
-func isAlertReady(ctx context.Context, kubeClient client.Client, name, namespace string) wait.ConditionFunc {
+func isAlertReady(ctx context.Context, kubeClient client.Client,
 	namespacedName types.NamespacedName, alert *notificationv1.Alert) wait.ConditionFunc {
 	return func() (bool, error) {
-		var alert notificationv1.Alert
+		err := kubeClient.Get(ctx, namespacedName, alert)
 		namespacedName := types.NamespacedName{
 			Namespace: namespace,
 			Name:      name,
 		}
 		err := kubeClient.Get(ctx, namespacedName, &alert)
 		if err != nil {
 			return false, err
 		}
-		if c := meta.GetCondition(alert.Status.Conditions, meta.ReadyCondition); c != nil {
+		if c := apimeta.FindStatusCondition(alert.Status.Conditions, meta.ReadyCondition); c != nil {
 			switch c.Status {
-			case corev1.ConditionTrue:
+			case metav1.ConditionTrue:
 				return true, nil
-			case corev1.ConditionFalse:
+			case metav1.ConditionFalse:
 				return false, fmt.Errorf(c.Message)
 			}
 		}
--- a/cmd/flux/create_alertprovider.go
+++ b/cmd/flux/create_alertprovider.go
@@ -0,0 +1,193 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/api/errors"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	notificationv1 "github.com/fluxcd/notification-controller/api/v1beta1"
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var createAlertProviderCmd = &cobra.Command{
 	Use:   "alert-provider [name]",
 	Short: "Create or update a Provider resource",
 	Long:  "The create alert-provider command generates a Provider resource.",
 	Example: `  # Create a Provider for a Slack channel
  flux create alert-provider slack \
  --type slack \
  --channel general \
  --address https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK \
  --secret-ref webhook-url
  # Create a Provider for a Github repository
  flux create alert-provider github-podinfo \
  --type github \
  --address https://github.com/stefanprodan/podinfo \
  --secret-ref github-token
 `,
 	RunE: createAlertProviderCmdRun,
 }
 type alertProviderFlags struct {
 	alertType string
 	channel   string
 	username  string
 	address   string
 	secretRef string
 }
 var alertProviderArgs alertProviderFlags
 func init() {
 	createAlertProviderCmd.Flags().StringVar(&alertProviderArgs.alertType, "type", "", "type of provider")
 	createAlertProviderCmd.Flags().StringVar(&alertProviderArgs.channel, "channel", "", "channel to send messages to in the case of a chat provider")
 	createAlertProviderCmd.Flags().StringVar(&alertProviderArgs.username, "username", "", "bot username used by the provider")
 	createAlertProviderCmd.Flags().StringVar(&alertProviderArgs.address, "address", "", "path to either the git repository, chat provider or webhook")
 	createAlertProviderCmd.Flags().StringVar(&alertProviderArgs.secretRef, "secret-ref", "", "name of secret containing authentication token")
 	createCmd.AddCommand(createAlertProviderCmd)
 }
 func createAlertProviderCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("Provider name is required")
 	}
 	name := args[0]
 	if alertProviderArgs.alertType == "" {
 		return fmt.Errorf("Provider type is required")
 	}
 	sourceLabels, err := parseLabels()
 	if err != nil {
 		return err
 	}
 	if !createArgs.export {
 		logger.Generatef("generating Provider")
 	}
 	provider := notificationv1.Provider{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
 			Namespace: rootArgs.namespace,
 			Labels:    sourceLabels,
 		},
 		Spec: notificationv1.ProviderSpec{
 			Type:     alertProviderArgs.alertType,
 			Channel:  alertProviderArgs.channel,
 			Username: alertProviderArgs.username,
 			Address:  alertProviderArgs.address,
 		},
 	}
 	if alertProviderArgs.secretRef != "" {
 		provider.Spec.SecretRef = &meta.LocalObjectReference{
 			Name: alertProviderArgs.secretRef,
 		}
 	}
 	if createArgs.export {
 		return exportAlertProvider(provider)
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	logger.Actionf("applying Provider")
 	namespacedName, err := upsertAlertProvider(ctx, kubeClient, &provider)
 	if err != nil {
 		return err
 	}
 	logger.Waitingf("waiting for Provider reconciliation")
 	if err := wait.PollImmediate(rootArgs.pollInterval, rootArgs.timeout,
 		isAlertProviderReady(ctx, kubeClient, namespacedName, &provider)); err != nil {
 		return err
 	}
 	logger.Successf("Provider %s is ready", name)
 	return nil
 }
 func upsertAlertProvider(ctx context.Context, kubeClient client.Client,
 	provider *notificationv1.Provider) (types.NamespacedName, error) {
 	namespacedName := types.NamespacedName{
 		Namespace: provider.GetNamespace(),
 		Name:      provider.GetName(),
 	}
 	var existing notificationv1.Provider
 	err := kubeClient.Get(ctx, namespacedName, &existing)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			if err := kubeClient.Create(ctx, provider); err != nil {
 				return namespacedName, err
 			} else {
 				logger.Successf("Provider created")
 				return namespacedName, nil
 			}
 		}
 		return namespacedName, err
 	}
 	existing.Labels = provider.Labels
 	existing.Spec = provider.Spec
 	if err := kubeClient.Update(ctx, &existing); err != nil {
 		return namespacedName, err
 	}
 	provider = &existing
 	logger.Successf("Provider updated")
 	return namespacedName, nil
 }
 func isAlertProviderReady(ctx context.Context, kubeClient client.Client,
 	namespacedName types.NamespacedName, provider *notificationv1.Provider) wait.ConditionFunc {
 	return func() (bool, error) {
 		err := kubeClient.Get(ctx, namespacedName, provider)
 		if err != nil {
 			return false, err
 		}
 		if c := apimeta.FindStatusCondition(provider.Status.Conditions, meta.ReadyCondition); c != nil {
 			switch c.Status {
 			case metav1.ConditionTrue:
 				return true, nil
 			case metav1.ConditionFalse:
 				return false, fmt.Errorf(c.Message)
 			}
 		}
 		return false, nil
 	}
 }
--- a/cmd/flux/create_helmrelease.go
+++ b/cmd/flux/create_helmrelease.go
@@ -0,0 +1,295 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/spf13/cobra"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 	helmv2 "github.com/fluxcd/helm-controller/api/v2beta1"
 )
 var createHelmReleaseCmd = &cobra.Command{
 	Use:     "helmrelease [name]",
 	Aliases: []string{"hr"},
 	Short:   "Create or update a HelmRelease resource",
 	Long:    "The helmrelease create command generates a HelmRelease resource for a given HelmRepository source.",
 	Example: `  # Create a HelmRelease with a chart from a HelmRepository source
  flux create hr podinfo \
    --interval=10m \
    --source=HelmRepository/podinfo \
    --chart=podinfo \
    --chart-version=">4.0.0"
  # Create a HelmRelease with a chart from a GitRepository source
  flux create hr podinfo \
    --interval=10m \
    --source=GitRepository/podinfo \
    --chart=./charts/podinfo
  # Create a HelmRelease with a chart from a Bucket source
  flux create hr podinfo \
    --interval=10m \
    --source=Bucket/podinfo \
    --chart=./charts/podinfo
  # Create a HelmRelease with values from local YAML files
  flux create hr podinfo \
    --source=HelmRepository/podinfo \
    --chart=podinfo \
    --values=./my-values1.yaml \
    --values=./my-values2.yaml
  # Create a HelmRelease with values from a Kubernetes secret
  kubectl -n app create secret generic my-secret-values \
 	--from-file=values.yaml=/path/to/my-secret-values.yaml
  flux -n app create hr podinfo \
    --source=HelmRepository/podinfo \
    --chart=podinfo \
    --values-from=Secret/my-secret-values
  # Create a HelmRelease with a custom release name
  flux create hr podinfo \
    --release-name=podinfo-dev
    --source=HelmRepository/podinfo \
    --chart=podinfo \
  # Create a HelmRelease targeting another namespace than the resource
  flux create hr podinfo \
    --target-namespace=default \
    --source=HelmRepository/podinfo \
    --chart=podinfo
  # Create a HelmRelease definition on disk without applying it on the cluster
  flux create hr podinfo \
    --source=HelmRepository/podinfo \
    --chart=podinfo \
    --values=./values.yaml \
    --export > podinfo-release.yaml
 `,
 	RunE: createHelmReleaseCmdRun,
 }
 type helmReleaseFlags struct {
 	name            string
 	source          flags.HelmChartSource
 	dependsOn       []string
 	chart           string
 	chartVersion    string
 	targetNamespace string
 	valuesFile      []string
 	valuesFrom      flags.HelmReleaseValuesFrom
 	saName          string
 }
 var helmReleaseArgs helmReleaseFlags
 func init() {
 	createHelmReleaseCmd.Flags().StringVar(&helmReleaseArgs.name, "release-name", "", "name used for the Helm release, defaults to a composition of '[<target-namespace>-]<HelmRelease-name>'")
 	createHelmReleaseCmd.Flags().Var(&helmReleaseArgs.source, "source", helmReleaseArgs.source.Description())
 	createHelmReleaseCmd.Flags().StringVar(&helmReleaseArgs.chart, "chart", "", "Helm chart name or path")
 	createHelmReleaseCmd.Flags().StringVar(&helmReleaseArgs.chartVersion, "chart-version", "", "Helm chart version, accepts a semver range (ignored for charts from GitRepository sources)")
 	createHelmReleaseCmd.Flags().StringArrayVar(&helmReleaseArgs.dependsOn, "depends-on", nil, "HelmReleases that must be ready before this release can be installed, supported formats '<name>' and '<namespace>/<name>'")
 	createHelmReleaseCmd.Flags().StringVar(&helmReleaseArgs.targetNamespace, "target-namespace", "", "namespace to install this release, defaults to the HelmRelease namespace")
 	createHelmReleaseCmd.Flags().StringVar(&helmReleaseArgs.saName, "service-account", "", "the name of the service account to impersonate when reconciling this HelmRelease")
 	createHelmReleaseCmd.Flags().StringArrayVar(&helmReleaseArgs.valuesFile, "values", nil, "local path to values.yaml files")
 	createHelmReleaseCmd.Flags().Var(&helmReleaseArgs.valuesFrom, "values-from", helmReleaseArgs.valuesFrom.Description())
 	createCmd.AddCommand(createHelmReleaseCmd)
 }
 func createHelmReleaseCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("HelmRelease name is required")
 	}
 	name := args[0]
 	if helmReleaseArgs.chart == "" {
 		return fmt.Errorf("chart name or path is required")
 	}
 	sourceLabels, err := parseLabels()
 	if err != nil {
 		return err
 	}
 	if !createArgs.export {
 		logger.Generatef("generating HelmRelease")
 	}
 	helmRelease := helmv2.HelmRelease{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
 			Namespace: rootArgs.namespace,
 			Labels:    sourceLabels,
 		},
 		Spec: helmv2.HelmReleaseSpec{
 			ReleaseName: helmReleaseArgs.name,
 			DependsOn:   utils.MakeDependsOn(helmReleaseArgs.dependsOn),
 			Interval: metav1.Duration{
 				Duration: createArgs.interval,
 			},
 			TargetNamespace: helmReleaseArgs.targetNamespace,
 			Chart: helmv2.HelmChartTemplate{
 				Spec: helmv2.HelmChartTemplateSpec{
 					Chart:   helmReleaseArgs.chart,
 					Version: helmReleaseArgs.chartVersion,
 					SourceRef: helmv2.CrossNamespaceObjectReference{
 						Kind: helmReleaseArgs.source.Kind,
 						Name: helmReleaseArgs.source.Name,
 					},
 				},
 			},
 			Suspend: false,
 		},
 	}
 	if helmReleaseArgs.saName != "" {
 		helmRelease.Spec.ServiceAccountName = helmReleaseArgs.saName
 	}
 	if len(helmReleaseArgs.valuesFile) > 0 {
 		var valuesMap map[string]interface{}
 		for _, v := range helmReleaseArgs.valuesFile {
 			data, err := ioutil.ReadFile(v)
 			if err != nil {
 				return fmt.Errorf("reading values from %s failed: %w", v, err)
 			}
 			jsonBytes, err := yaml.YAMLToJSON(data)
 			if err != nil {
 				return fmt.Errorf("converting values to JSON from %s failed: %w", v, err)
 			}
 			jsonMap := make(map[string]interface{})
 			if err := json.Unmarshal(jsonBytes, &jsonMap); err != nil {
 				return fmt.Errorf("unmarshaling values from %s failed: %w", v, err)
 			}
 			if valuesMap == nil {
 				valuesMap = jsonMap
 			} else {
 				valuesMap = utils.MergeMaps(valuesMap, jsonMap)
 			}
 		}
 		jsonRaw, err := json.Marshal(valuesMap)
 		if err != nil {
 			return fmt.Errorf("marshaling values failed: %w", err)
 		}
 		helmRelease.Spec.Values = &apiextensionsv1.JSON{Raw: jsonRaw}
 	}
 	if helmReleaseArgs.valuesFrom.String() != "" {
 		helmRelease.Spec.ValuesFrom = []helmv2.ValuesReference{{
 			Kind: helmReleaseArgs.valuesFrom.Kind,
 			Name: helmReleaseArgs.valuesFrom.Name,
 		}}
 	}
 	if createArgs.export {
 		return exportHelmRelease(helmRelease)
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	logger.Actionf("applying HelmRelease")
 	namespacedName, err := upsertHelmRelease(ctx, kubeClient, &helmRelease)
 	if err != nil {
 		return err
 	}
 	logger.Waitingf("waiting for HelmRelease reconciliation")
 	if err := wait.PollImmediate(rootArgs.pollInterval, rootArgs.timeout,
 		isHelmReleaseReady(ctx, kubeClient, namespacedName, &helmRelease)); err != nil {
 		return err
 	}
 	logger.Successf("HelmRelease %s is ready", name)
 	logger.Successf("applied revision %s", helmRelease.Status.LastAppliedRevision)
 	return nil
 }
 func upsertHelmRelease(ctx context.Context, kubeClient client.Client,
 	helmRelease *helmv2.HelmRelease) (types.NamespacedName, error) {
 	namespacedName := types.NamespacedName{
 		Namespace: helmRelease.GetNamespace(),
 		Name:      helmRelease.GetName(),
 	}
 	var existing helmv2.HelmRelease
 	err := kubeClient.Get(ctx, namespacedName, &existing)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			if err := kubeClient.Create(ctx, helmRelease); err != nil {
 				return namespacedName, err
 			} else {
 				logger.Successf("HelmRelease created")
 				return namespacedName, nil
 			}
 		}
 		return namespacedName, err
 	}
 	existing.Labels = helmRelease.Labels
 	existing.Spec = helmRelease.Spec
 	if err := kubeClient.Update(ctx, &existing); err != nil {
 		return namespacedName, err
 	}
 	helmRelease = &existing
 	logger.Successf("HelmRelease updated")
 	return namespacedName, nil
 }
 func isHelmReleaseReady(ctx context.Context, kubeClient client.Client,
 	namespacedName types.NamespacedName, helmRelease *helmv2.HelmRelease) wait.ConditionFunc {
 	return func() (bool, error) {
 		err := kubeClient.Get(ctx, namespacedName, helmRelease)
 		if err != nil {
 			return false, err
 		}
 		// Confirm the state we are observing is for the current generation
 		if helmRelease.Generation != helmRelease.Status.ObservedGeneration {
 			return false, nil
 		}
 		return apimeta.IsStatusConditionTrue(helmRelease.Status.Conditions, meta.ReadyCondition), nil
 	}
 }
--- a/cmd/flux/create_image.go
+++ b/cmd/flux/create_image.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -17,19 +17,22 @@ limitations under the License.
 package main
 import (
 	"strings"
 	"github.com/spf13/cobra"
 )
-var getCmd = &cobra.Command{
+const createImageLong = `
-	Use:   "get",
+The create image sub-commands work with image automation objects; that is,
-	Short: "Get sources and resources",
+object controlling updates to git based on e.g., new container images
-	Long:  "The get sub-commands print the statuses of sources and resources.",
+being available.`
 }
-var allNamespaces bool
+var createImageCmd = &cobra.Command{
 	Use:   "image",
 	Short: "Create or update resources dealing with image automation",
 	Long:  strings.TrimSpace(createImageLong),
 }
 func init() {
-	getCmd.PersistentFlags().BoolVarP(&allNamespaces, "all-namespaces", "A", false,
+	createCmd.AddCommand(createImageCmd)
 		"list the requested object(s) across all namespaces")
 	rootCmd.AddCommand(getCmd)
 }
--- a/cmd/flux/create_image_policy.go
+++ b/cmd/flux/create_image_policy.go
@@ -0,0 +1,252 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"fmt"
 	"regexp/syntax"
 	"strings"
 	"unicode"
 	"unicode/utf8"
 	"github.com/spf13/cobra"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"github.com/fluxcd/pkg/apis/meta"
 	imagev1 "github.com/fluxcd/image-reflector-controller/api/v1alpha1"
 )
 var createImagePolicyCmd = &cobra.Command{
 	Use:   "policy <name>",
 	Short: "Create or update an ImagePolicy object",
 	Long: `The create image policy command generates an ImagePolicy resource.
 An ImagePolicy object calculates a "latest image" given an image
 repository and a policy, e.g., semver.
 The image that sorts highest according to the policy is recorded in
 the status of the object.`,
 	RunE: createImagePolicyRun}
 type imagePolicyFlags struct {
 	imageRef        string
 	semver          string
 	alpha           string
 	numeric         string
 	filterRegex     string
 	filterExtract   string
 	filterNumerical string
 }
 var imagePolicyArgs = imagePolicyFlags{}
 func init() {
 	flags := createImagePolicyCmd.Flags()
 	flags.StringVar(&imagePolicyArgs.imageRef, "image-ref", "", "the name of an image repository object")
 	flags.StringVar(&imagePolicyArgs.semver, "select-semver", "", "a semver range to apply to tags; e.g., '1.x'")
 	flags.StringVar(&imagePolicyArgs.alpha, "select-alpha", "", "use alphabetical sorting to select image; either \"asc\" meaning select the last, or \"desc\" meaning select the first")
 	flags.StringVar(&imagePolicyArgs.numeric, "select-numeric", "", "use numeric sorting to select image; either \"asc\" meaning select the last, or \"desc\" meaning select the first")
 	flags.StringVar(&imagePolicyArgs.filterRegex, "filter-regex", "", "regular expression pattern used to filter the image tags")
 	flags.StringVar(&imagePolicyArgs.filterExtract, "filter-extract", "", "replacement pattern (using capture groups from --filter-regex) to use for sorting")
 	createImageCmd.AddCommand(createImagePolicyCmd)
 }
 // getObservedGeneration is implemented here, since it's not
 // (presently) needed elsewhere.
 func (obj imagePolicyAdapter) getObservedGeneration() int64 {
 	return obj.ImagePolicy.Status.ObservedGeneration
 }
 func createImagePolicyRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("ImagePolicy name is required")
 	}
 	objectName := args[0]
 	if imagePolicyArgs.imageRef == "" {
 		return fmt.Errorf("the name of an ImageRepository in the namespace is required (--image-ref)")
 	}
 	labels, err := parseLabels()
 	if err != nil {
 		return err
 	}
 	var policy = imagev1.ImagePolicy{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      objectName,
 			Namespace: rootArgs.namespace,
 			Labels:    labels,
 		},
 		Spec: imagev1.ImagePolicySpec{
 			ImageRepositoryRef: meta.LocalObjectReference{
 				Name: imagePolicyArgs.imageRef,
 			},
 		},
 	}
 	switch {
 	case imagePolicyArgs.semver != "" && imagePolicyArgs.alpha != "":
 	case imagePolicyArgs.semver != "" && imagePolicyArgs.numeric != "":
 	case imagePolicyArgs.alpha != "" && imagePolicyArgs.numeric != "":
 		return fmt.Errorf("only one of --select-semver, --select-alpha or --select-numeric can be specified")
 	case imagePolicyArgs.semver != "":
 		policy.Spec.Policy.SemVer = &imagev1.SemVerPolicy{
 			Range: imagePolicyArgs.semver,
 		}
 	case imagePolicyArgs.alpha != "":
 		if imagePolicyArgs.alpha != "desc" && imagePolicyArgs.alpha != "asc" {
 			return fmt.Errorf("--select-alpha must be one of [\"asc\", \"desc\"]")
 		}
 		policy.Spec.Policy.Alphabetical = &imagev1.AlphabeticalPolicy{
 			Order: imagePolicyArgs.alpha,
 		}
 	case imagePolicyArgs.numeric != "":
 		if imagePolicyArgs.numeric != "desc" && imagePolicyArgs.numeric != "asc" {
 			return fmt.Errorf("--select-numeric must be one of [\"asc\", \"desc\"]")
 		}
 		policy.Spec.Policy.Numerical = &imagev1.NumericalPolicy{
 			Order: imagePolicyArgs.numeric,
 		}
 	default:
 		return fmt.Errorf("a policy must be provided with either --select-semver or --select-alpha")
 	}
 	if imagePolicyArgs.filterRegex != "" {
 		exp, err := syntax.Parse(imagePolicyArgs.filterRegex, syntax.Perl)
 		if err != nil {
 			return fmt.Errorf("--filter-regex is an invalid regex pattern")
 		}
 		policy.Spec.FilterTags = &imagev1.TagFilter{
 			Pattern: imagePolicyArgs.filterRegex,
 		}
 		if imagePolicyArgs.filterExtract != "" {
 			if err := validateExtractStr(imagePolicyArgs.filterExtract, exp.CapNames()); err != nil {
 				return err
 			}
 			policy.Spec.FilterTags.Extract = imagePolicyArgs.filterExtract
 		}
 	} else if imagePolicyArgs.filterExtract != "" {
 		return fmt.Errorf("cannot specify --filter-extract without specifying --filter-regex")
 	}
 	if createArgs.export {
 		return printExport(exportImagePolicy(&policy))
 	}
 	var existing imagev1.ImagePolicy
 	copyName(&existing, &policy)
 	err = imagePolicyType.upsertAndWait(imagePolicyAdapter{&existing}, func() error {
 		existing.Spec = policy.Spec
 		existing.SetLabels(policy.Labels)
 		return nil
 	})
 	return err
 }
 // Performs a dry-run of the extract function in Regexp to validate the template
 func validateExtractStr(template string, capNames []string) error {
 	for len(template) > 0 {
 		i := strings.Index(template, "$")
 		if i < 0 {
 			return nil
 		}
 		template = template[i:]
 		if len(template) > 1 && template[1] == '$' {
 			template = template[2:]
 			continue
 		}
 		name, num, rest, ok := extract(template)
 		if !ok {
 			// Malformed extract string, assume user didn't want this
 			template = template[1:]
 			return fmt.Errorf("--filter-extract is malformed")
 		}
 		template = rest
 		if num >= 0 {
 			// we won't worry about numbers as we can't validate these
 			continue
 		} else {
 			found := false
 			for _, capName := range capNames {
 				if name == capName {
 					found = true
 				}
 			}
 			if !found {
 				return fmt.Errorf("capture group $%s used in --filter-extract not found in --filter-regex", name)
 			}
 		}
 	}
 	return nil
 }
 // extract method from the regexp package
 // returns the name or number of the value prepended by $
 func extract(str string) (name string, num int, rest string, ok bool) {
 	if len(str) < 2 || str[0] != '$' {
 		return
 	}
 	brace := false
 	if str[1] == '{' {
 		brace = true
 		str = str[2:]
 	} else {
 		str = str[1:]
 	}
 	i := 0
 	for i < len(str) {
 		rune, size := utf8.DecodeRuneInString(str[i:])
 		if !unicode.IsLetter(rune) && !unicode.IsDigit(rune) && rune != '_' {
 			break
 		}
 		i += size
 	}
 	if i == 0 {
 		// empty name is not okay
 		return
 	}
 	name = str[:i]
 	if brace {
 		if i >= len(str) || str[i] != '}' {
 			// missing closing brace
 			return
 		}
 		i++
 	}
 	// Parse number.
 	num = 0
 	for i := 0; i < len(name); i++ {
 		if name[i] < '0' || '9' < name[i] || num >= 1e8 {
 			num = -1
 			break
 		}
 		num = num*10 + int(name[i]) - '0'
 	}
 	// Disallow leading zeros.
 	if name[0] == '0' && len(name) > 1 {
 		num = -1
 	}
 	rest = str[i:]
 	ok = true
 	return
 }
--- a/cmd/flux/create_image_repository.go
+++ b/cmd/flux/create_image_repository.go
@@ -0,0 +1,143 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"fmt"
 	"time"
 	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/spf13/cobra"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"github.com/fluxcd/pkg/apis/meta"
 	imagev1 "github.com/fluxcd/image-reflector-controller/api/v1alpha1"
 )
 var createImageRepositoryCmd = &cobra.Command{
 	Use:   "repository <name>",
 	Short: "Create or update an ImageRepository object",
 	Long: `The create image repository command generates an ImageRepository resource.
 An ImageRepository object specifies an image repository to scan.`,
 	Example: `  # Create an ImageRepository object to scan the alpine image repository:
  flux create image repository alpine-repo --image alpine --interval 20m
  # Create an image repository that uses an image pull secret (assumed to
  # have been created already):
  flux create image repository myapp-repo \
    --secret-ref image-pull \
    --image ghcr.io/example.com/myapp --interval 5m
  # Create a TLS secret for a local image registry using a self-signed
  # host certificate, and use it to scan an image. ca.pem is a file
  # containing the CA certificate used to sign the host certificate.
  flux create secret tls local-registry-cert --ca-file ./ca.pem
  flux create image repository app-repo \
    --cert-secret-ref local-registry-cert \
    --image local-registry:5000/app --interval 5m
  # Create a TLS secret with a client certificate and key, and use it
  # to scan a private image registry.
  flux create secret tls client-cert \
    --cert-file client.crt --key-file client.key
  flux create image repository app-repo \
    --cert-secret-ref client-cert \
    --image registry.example.com/private/app --interval 5m
 `,
 	RunE: createImageRepositoryRun,
 }
 type imageRepoFlags struct {
 	image         string
 	secretRef     string
 	certSecretRef string
 	timeout       time.Duration
 }
 var imageRepoArgs = imageRepoFlags{}
 func init() {
 	flags := createImageRepositoryCmd.Flags()
 	flags.StringVar(&imageRepoArgs.image, "image", "", "the image repository to scan; e.g., library/alpine")
 	flags.StringVar(&imageRepoArgs.secretRef, "secret-ref", "", "the name of a docker-registry secret to use for credentials")
 	flags.StringVar(&imageRepoArgs.certSecretRef, "cert-ref", "", "the name of a secret to use for TLS certificates")
 	// NB there is already a --timeout in the global flags, for
 	// controlling timeout on operations while e.g., creating objects.
 	flags.DurationVar(&imageRepoArgs.timeout, "scan-timeout", 0, "a timeout for scanning; this defaults to the interval if not set")
 	createImageCmd.AddCommand(createImageRepositoryCmd)
 }
 func createImageRepositoryRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("ImageRepository name is required")
 	}
 	objectName := args[0]
 	if imageRepoArgs.image == "" {
 		return fmt.Errorf("an image repository (--image) is required")
 	}
 	if _, err := name.NewRepository(imageRepoArgs.image); err != nil {
 		return fmt.Errorf("unable to parse image value: %w", err)
 	}
 	labels, err := parseLabels()
 	if err != nil {
 		return err
 	}
 	var repo = imagev1.ImageRepository{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      objectName,
 			Namespace: rootArgs.namespace,
 			Labels:    labels,
 		},
 		Spec: imagev1.ImageRepositorySpec{
 			Image:    imageRepoArgs.image,
 			Interval: metav1.Duration{Duration: createArgs.interval},
 		},
 	}
 	if imageRepoArgs.timeout != 0 {
 		repo.Spec.Timeout = &metav1.Duration{Duration: imageRepoArgs.timeout}
 	}
 	if imageRepoArgs.secretRef != "" {
 		repo.Spec.SecretRef = &meta.LocalObjectReference{
 			Name: imageRepoArgs.secretRef,
 		}
 	}
 	if imageRepoArgs.certSecretRef != "" {
 		repo.Spec.CertSecretRef = &meta.LocalObjectReference{
 			Name: imageRepoArgs.certSecretRef,
 		}
 	}
 	if createArgs.export {
 		return printExport(exportImageRepository(&repo))
 	}
 	// a temp value for use with the rest
 	var existing imagev1.ImageRepository
 	copyName(&existing, &repo)
 	err = imageRepositoryType.upsertAndWait(imageRepositoryAdapter{&existing}, func() error {
 		existing.Spec = repo.Spec
 		existing.Labels = repo.Labels
 		return nil
 	})
 	return err
 }
--- a/cmd/flux/create_image_updateauto.go
+++ b/cmd/flux/create_image_updateauto.go
@@ -0,0 +1,115 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"fmt"
 	"github.com/spf13/cobra"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"github.com/fluxcd/pkg/apis/meta"
 	autov1 "github.com/fluxcd/image-automation-controller/api/v1alpha1"
 )
 var createImageUpdateCmd = &cobra.Command{
 	Use:   "update <name>",
 	Short: "Create or update an ImageUpdateAutomation object",
 	Long: `The create image update command generates an ImageUpdateAutomation resource.
 An ImageUpdateAutomation object specifies an automated update to images
 mentioned in YAMLs in a git repository.`,
 	RunE: createImageUpdateRun,
 }
 type imageUpdateFlags struct {
 	// git checkout spec
 	gitRepoRef string
 	branch     string
 	// commit spec
 	commitTemplate string
 	authorName     string
 	authorEmail    string
 }
 var imageUpdateArgs = imageUpdateFlags{}
 func init() {
 	flags := createImageUpdateCmd.Flags()
 	flags.StringVar(&imageUpdateArgs.gitRepoRef, "git-repo-ref", "", "the name of a GitRepository resource with details of the upstream git repository")
 	flags.StringVar(&imageUpdateArgs.branch, "branch", "", "the branch to checkout and push commits to")
 	flags.StringVar(&imageUpdateArgs.commitTemplate, "commit-template", "", "a template for commit messages")
 	flags.StringVar(&imageUpdateArgs.authorName, "author-name", "", "the name to use for commit author")
 	flags.StringVar(&imageUpdateArgs.authorEmail, "author-email", "", "the email to use for commit author")
 	createImageCmd.AddCommand(createImageUpdateCmd)
 }
 func createImageUpdateRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("ImageUpdateAutomation name is required")
 	}
 	objectName := args[0]
 	if imageUpdateArgs.gitRepoRef == "" {
 		return fmt.Errorf("a reference to a GitRepository is required (--git-repo-ref)")
 	}
 	if imageUpdateArgs.branch == "" {
 		return fmt.Errorf("the Git repository branch is required (--branch)")
 	}
 	labels, err := parseLabels()
 	if err != nil {
 		return err
 	}
 	var update = autov1.ImageUpdateAutomation{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      objectName,
 			Namespace: rootArgs.namespace,
 			Labels:    labels,
 		},
 		Spec: autov1.ImageUpdateAutomationSpec{
 			Checkout: autov1.GitCheckoutSpec{
 				GitRepositoryRef: meta.LocalObjectReference{
 					Name: imageUpdateArgs.gitRepoRef,
 				},
 				Branch: imageUpdateArgs.branch,
 			},
 			Interval: metav1.Duration{Duration: createArgs.interval},
 			Commit: autov1.CommitSpec{
 				AuthorName:      imageUpdateArgs.authorName,
 				AuthorEmail:     imageUpdateArgs.authorEmail,
 				MessageTemplate: imageUpdateArgs.commitTemplate,
 			},
 		},
 	}
 	if createArgs.export {
 		return printExport(exportImageUpdate(&update))
 	}
 	var existing autov1.ImageUpdateAutomation
 	copyName(&existing, &update)
 	err = imageUpdateAutomationType.upsertAndWait(imageUpdateAutomationAdapter{&existing}, func() error {
 		existing.Spec = update.Spec
 		existing.Labels = update.Labels
 		return nil
 	})
 	return err
 }
--- a/cmd/flux/create_kustomization.go
+++ b/cmd/flux/create_kustomization.go
@@ -0,0 +1,295 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"strings"
 	"time"
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/api/errors"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	helmv2 "github.com/fluxcd/helm-controller/api/v2beta1"
 	kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1beta1"
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var createKsCmd = &cobra.Command{
 	Use:     "kustomization [name]",
 	Aliases: []string{"ks"},
 	Short:   "Create or update a Kustomization resource",
 	Long:    "The kustomization source create command generates a Kustomize resource for a given source.",
 	Example: `  # Create a Kustomization resource from a source at a given path
  flux create kustomization contour \
    --source=contour \
    --path="./examples/contour/" \
    --prune=true \
    --interval=10m \
    --validation=client \
    --health-check="Deployment/contour.projectcontour" \
    --health-check="DaemonSet/envoy.projectcontour" \
    --health-check-timeout=3m
  # Create a Kustomization resource that depends on the previous one
  flux create kustomization webapp \
    --depends-on=contour \
    --source=webapp \
    --path="./deploy/overlays/dev" \
    --prune=true \
    --interval=5m \
    --validation=client
  # Create a Kustomization resource that references a Bucket
  flux create kustomization secrets \
    --source=Bucket/secrets \
    --prune=true \
    --interval=5m
 `,
 	RunE: createKsCmdRun,
 }
 type kustomizationFlags struct {
 	source             flags.KustomizationSource
 	path               flags.SafeRelativePath
 	prune              bool
 	dependsOn          []string
 	validation         string
 	healthCheck        []string
 	healthTimeout      time.Duration
 	saName             string
 	decryptionProvider flags.DecryptionProvider
 	decryptionSecret   string
 	targetNamespace    string
 }
 var kustomizationArgs = NewKustomizationFlags()
 func init() {
 	createKsCmd.Flags().Var(&kustomizationArgs.source, "source", kustomizationArgs.source.Description())
 	createKsCmd.Flags().Var(&kustomizationArgs.path, "path", "path to the directory containing a kustomization.yaml file")
 	createKsCmd.Flags().BoolVar(&kustomizationArgs.prune, "prune", false, "enable garbage collection")
 	createKsCmd.Flags().StringArrayVar(&kustomizationArgs.healthCheck, "health-check", nil, "workload to be included in the health assessment, in the format '<kind>/<name>.<namespace>'")
 	createKsCmd.Flags().DurationVar(&kustomizationArgs.healthTimeout, "health-check-timeout", 2*time.Minute, "timeout of health checking operations")
 	createKsCmd.Flags().StringVar(&kustomizationArgs.validation, "validation", "", "validate the manifests before applying them on the cluster, can be 'client' or 'server'")
 	createKsCmd.Flags().StringArrayVar(&kustomizationArgs.dependsOn, "depends-on", nil, "Kustomization that must be ready before this Kustomization can be applied, supported formats '<name>' and '<namespace>/<name>'")
 	createKsCmd.Flags().StringVar(&kustomizationArgs.saName, "service-account", "", "the name of the service account to impersonate when reconciling this Kustomization")
 	createKsCmd.Flags().Var(&kustomizationArgs.decryptionProvider, "decryption-provider", kustomizationArgs.decryptionProvider.Description())
 	createKsCmd.Flags().StringVar(&kustomizationArgs.decryptionSecret, "decryption-secret", "", "set the Kubernetes secret name that contains the OpenPGP private keys used for sops decryption")
 	createKsCmd.Flags().StringVar(&kustomizationArgs.targetNamespace, "target-namespace", "", "overrides the namespace of all Kustomization objects reconciled by this Kustomization")
 	createCmd.AddCommand(createKsCmd)
 }
 func NewKustomizationFlags() kustomizationFlags {
 	return kustomizationFlags{
 		path: "./",
 	}
 }
 func createKsCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("Kustomization name is required")
 	}
 	name := args[0]
 	if kustomizationArgs.path == "" {
 		return fmt.Errorf("path is required")
 	}
 	if !strings.HasPrefix(kustomizationArgs.path.String(), "./") {
 		return fmt.Errorf("path must begin with ./")
 	}
 	if !createArgs.export {
 		logger.Generatef("generating Kustomization")
 	}
 	kslabels, err := parseLabels()
 	if err != nil {
 		return err
 	}
 	kustomization := kustomizev1.Kustomization{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
 			Namespace: rootArgs.namespace,
 			Labels:    kslabels,
 		},
 		Spec: kustomizev1.KustomizationSpec{
 			DependsOn: utils.MakeDependsOn(kustomizationArgs.dependsOn),
 			Interval: metav1.Duration{
 				Duration: createArgs.interval,
 			},
 			Path:  kustomizationArgs.path.String(),
 			Prune: kustomizationArgs.prune,
 			SourceRef: kustomizev1.CrossNamespaceSourceReference{
 				Kind: kustomizationArgs.source.Kind,
 				Name: kustomizationArgs.source.Name,
 			},
 			Suspend:         false,
 			Validation:      kustomizationArgs.validation,
 			TargetNamespace: kustomizationArgs.targetNamespace,
 		},
 	}
 	if len(kustomizationArgs.healthCheck) > 0 {
 		healthChecks := make([]meta.NamespacedObjectKindReference, 0)
 		for _, w := range kustomizationArgs.healthCheck {
 			kindObj := strings.Split(w, "/")
 			if len(kindObj) != 2 {
 				return fmt.Errorf("invalid health check '%s' must be in the format 'kind/name.namespace' %v", w, kindObj)
 			}
 			kind := kindObj[0]
 			//TODO: (stefan) extend this list with all the kstatus builtin kinds
 			kinds := map[string]bool{
 				"Deployment":           true,
 				"DaemonSet":            true,
 				"StatefulSet":          true,
 				helmv2.HelmReleaseKind: true,
 			}
 			if !kinds[kind] {
 				return fmt.Errorf("invalid health check kind '%s' can be HelmRelease, Deployment, DaemonSet or StatefulSet", kind)
 			}
 			nameNs := strings.Split(kindObj[1], ".")
 			if len(nameNs) != 2 {
 				return fmt.Errorf("invalid health check '%s' must be in the format 'kind/name.namespace'", w)
 			}
 			check := meta.NamespacedObjectKindReference{
 				Kind:      kind,
 				Name:      nameNs[0],
 				Namespace: nameNs[1],
 			}
 			if kind == helmv2.HelmReleaseKind {
 				check.APIVersion = helmv2.GroupVersion.String()
 			}
 			healthChecks = append(healthChecks, check)
 		}
 		kustomization.Spec.HealthChecks = healthChecks
 		kustomization.Spec.Timeout = &metav1.Duration{
 			Duration: kustomizationArgs.healthTimeout,
 		}
 	}
 	if kustomizationArgs.saName != "" {
 		kustomization.Spec.ServiceAccountName = kustomizationArgs.saName
 	}
 	if kustomizationArgs.decryptionProvider != "" {
 		kustomization.Spec.Decryption = &kustomizev1.Decryption{
 			Provider: kustomizationArgs.decryptionProvider.String(),
 		}
 		if kustomizationArgs.decryptionSecret != "" {
 			kustomization.Spec.Decryption.SecretRef = &meta.LocalObjectReference{Name: kustomizationArgs.decryptionSecret}
 		}
 	}
 	if createArgs.export {
 		return exportKs(kustomization)
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	logger.Actionf("applying Kustomization")
 	namespacedName, err := upsertKustomization(ctx, kubeClient, &kustomization)
 	if err != nil {
 		return err
 	}
 	logger.Waitingf("waiting for Kustomization reconciliation")
 	if err := wait.PollImmediate(rootArgs.pollInterval, rootArgs.timeout,
 		isKustomizationReady(ctx, kubeClient, namespacedName, &kustomization)); err != nil {
 		return err
 	}
 	logger.Successf("Kustomization %s is ready", name)
 	logger.Successf("applied revision %s", kustomization.Status.LastAppliedRevision)
 	return nil
 }
 func upsertKustomization(ctx context.Context, kubeClient client.Client,
 	kustomization *kustomizev1.Kustomization) (types.NamespacedName, error) {
 	namespacedName := types.NamespacedName{
 		Namespace: kustomization.GetNamespace(),
 		Name:      kustomization.GetName(),
 	}
 	var existing kustomizev1.Kustomization
 	err := kubeClient.Get(ctx, namespacedName, &existing)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			if err := kubeClient.Create(ctx, kustomization); err != nil {
 				return namespacedName, err
 			} else {
 				logger.Successf("Kustomization created")
 				return namespacedName, nil
 			}
 		}
 		return namespacedName, err
 	}
 	existing.Labels = kustomization.Labels
 	existing.Spec = kustomization.Spec
 	if err := kubeClient.Update(ctx, &existing); err != nil {
 		return namespacedName, err
 	}
 	kustomization = &existing
 	logger.Successf("Kustomization updated")
 	return namespacedName, nil
 }
 func isKustomizationReady(ctx context.Context, kubeClient client.Client,
 	namespacedName types.NamespacedName, kustomization *kustomizev1.Kustomization) wait.ConditionFunc {
 	return func() (bool, error) {
 		err := kubeClient.Get(ctx, namespacedName, kustomization)
 		if err != nil {
 			return false, err
 		}
 		// Confirm the state we are observing is for the current generation
 		if kustomization.Generation != kustomization.Status.ObservedGeneration {
 			return false, nil
 		}
 		if c := apimeta.FindStatusCondition(kustomization.Status.Conditions, meta.ReadyCondition); c != nil {
 			switch c.Status {
 			case metav1.ConditionTrue:
 				return true, nil
 			case metav1.ConditionFalse:
 				return false, fmt.Errorf(c.Message)
 			}
 		}
 		return false, nil
 	}
 }
--- a/cmd/flux/create_receiver.go
+++ b/cmd/flux/create_receiver.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -21,8 +21,8 @@ import (
 	"fmt"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
@@ -30,6 +30,8 @@ import (
 	notificationv1 "github.com/fluxcd/notification-controller/api/v1beta1"
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var createReceiverCmd = &cobra.Command{
@@ -37,7 +39,7 @@ var createReceiverCmd = &cobra.Command{
 	Short: "Create or update a Receiver resource",
 	Long:  "The create receiver command generates a Receiver resource.",
 	Example: `  # Create a Receiver
-  gotk create receiver github-receiver \
+  flux create receiver github-receiver \
 	--type github \
 	--event ping \
 	--event push \
@@ -48,38 +50,40 @@ var createReceiverCmd = &cobra.Command{
 	RunE: createReceiverCmdRun,
 }
-var (
+type receiverFlags struct {
-	rcvType      string
+	receiverType string
-	rcvSecretRef string
+	secretRef    string
-	rcvEvents    []string
+	events       []string
-	rcvResources []string
+	resources    []string
-)
+}
 var receiverArgs receiverFlags
 func init() {
-	createReceiverCmd.Flags().StringVar(&rcvType, "type", "", "")
+	createReceiverCmd.Flags().StringVar(&receiverArgs.receiverType, "type", "", "")
-	createReceiverCmd.Flags().StringVar(&rcvSecretRef, "secret-ref", "", "")
+	createReceiverCmd.Flags().StringVar(&receiverArgs.secretRef, "secret-ref", "", "")
-	createReceiverCmd.Flags().StringArrayVar(&rcvEvents, "event", []string{}, "")
+	createReceiverCmd.Flags().StringArrayVar(&receiverArgs.events, "event", []string{}, "")
-	createReceiverCmd.Flags().StringArrayVar(&rcvResources, "resource", []string{}, "")
+	createReceiverCmd.Flags().StringArrayVar(&receiverArgs.resources, "resource", []string{}, "")
 	createCmd.AddCommand(createReceiverCmd)
 }
 func createReceiverCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
-		return fmt.Errorf("receiver name is required")
+		return fmt.Errorf("Receiver name is required")
 	}
 	name := args[0]
-	if rcvType == "" {
+	if receiverArgs.receiverType == "" {
-		return fmt.Errorf("type is required")
+		return fmt.Errorf("Receiver type is required")
 	}
-	if rcvSecretRef == "" {
+	if receiverArgs.secretRef == "" {
 		return fmt.Errorf("secret ref is required")
 	}
 	resources := []notificationv1.CrossNamespaceObjectReference{}
-	for _, resource := range rcvResources {
+	for _, resource := range receiverArgs.resources {
-		kind, name := utils.parseObjectKindName(resource)
+		kind, name := utils.ParseObjectKindName(resource)
 		if kind == "" {
 			return fmt.Errorf("invalid event source '%s', must be in format <kind>/<name>", resource)
 		}
@@ -99,67 +103,58 @@ func createReceiverCmdRun(cmd *cobra.Command, args []string) error {
 		return err
 	}
-	if !export {
+	if !createArgs.export {
-		logger.Generatef("generating receiver")
+		logger.Generatef("generating Receiver")
 	}
 	receiver := notificationv1.Receiver{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
-			Namespace: namespace,
+			Namespace: rootArgs.namespace,
 			Labels:    sourceLabels,
 		},
 		Spec: notificationv1.ReceiverSpec{
-			Type:      rcvType,
+			Type:      receiverArgs.receiverType,
-			Events:    rcvEvents,
+			Events:    receiverArgs.events,
 			Resources: resources,
-			SecretRef: corev1.LocalObjectReference{
+			SecretRef: meta.LocalObjectReference{
-				Name: rcvSecretRef,
+				Name: receiverArgs.secretRef,
 			},
 			Suspend: false,
 		},
 	}
-	if export {
+	if createArgs.export {
 		return exportReceiver(receiver)
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
-	logger.Actionf("applying receiver")
+	logger.Actionf("applying Receiver")
-	if err := upsertReceiver(ctx, kubeClient, receiver); err != nil {
+	namespacedName, err := upsertReceiver(ctx, kubeClient, &receiver)
 		return err
 	}
 	logger.Waitingf("waiting for reconciliation")
 	if err := wait.PollImmediate(pollInterval, timeout,
 		isReceiverReady(ctx, kubeClient, name, namespace)); err != nil {
 		return err
 	}
 	logger.Successf("receiver %s is ready", name)
 	namespacedName := types.NamespacedName{
 		Namespace: namespace,
 		Name:      name,
 	}
 	err = kubeClient.Get(ctx, namespacedName, &receiver)
 	if err != nil {
-		return fmt.Errorf("receiver sync failed: %w", err)
+		return err
 	}
 	logger.Waitingf("waiting for Receiver reconciliation")
 	if err := wait.PollImmediate(rootArgs.pollInterval, rootArgs.timeout,
 		isReceiverReady(ctx, kubeClient, namespacedName, &receiver)); err != nil {
 		return err
 	}
 	logger.Successf("Receiver %s is ready", name)
 	logger.Successf("generated webhook URL %s", receiver.Status.URL)
 	return nil
 }
-func upsertReceiver(ctx context.Context, kubeClient client.Client, receiver notificationv1.Receiver) error {
+func upsertReceiver(ctx context.Context, kubeClient client.Client,
 	receiver *notificationv1.Receiver) (types.NamespacedName, error) {
 	namespacedName := types.NamespacedName{
 		Namespace: receiver.GetNamespace(),
 		Name:      receiver.GetName(),
@@ -169,44 +164,39 @@ func upsertReceiver(ctx context.Context, kubeClient client.Client, receiver noti
 	err := kubeClient.Get(ctx, namespacedName, &existing)
 	if err != nil {
 		if errors.IsNotFound(err) {
-			if err := kubeClient.Create(ctx, &receiver); err != nil {
+			if err := kubeClient.Create(ctx, receiver); err != nil {
-				return err
+				return namespacedName, err
 			} else {
-				logger.Successf("receiver created")
+				logger.Successf("Receiver created")
-				return nil
+				return namespacedName, nil
 			}
 		}
-		return err
+		return namespacedName, err
 	}
 	existing.Labels = receiver.Labels
 	existing.Spec = receiver.Spec
 	if err := kubeClient.Update(ctx, &existing); err != nil {
-		return err
+		return namespacedName, err
 	}
-
+	receiver = &existing
-	logger.Successf("receiver updated")
+	logger.Successf("Receiver updated")
-	return nil
+	return namespacedName, nil
 }
-func isReceiverReady(ctx context.Context, kubeClient client.Client, name, namespace string) wait.ConditionFunc {
+func isReceiverReady(ctx context.Context, kubeClient client.Client,
 	namespacedName types.NamespacedName, receiver *notificationv1.Receiver) wait.ConditionFunc {
 	return func() (bool, error) {
-		var receiver notificationv1.Receiver
+		err := kubeClient.Get(ctx, namespacedName, receiver)
 		namespacedName := types.NamespacedName{
 			Namespace: namespace,
 			Name:      name,
 		}
 		err := kubeClient.Get(ctx, namespacedName, &receiver)
 		if err != nil {
 			return false, err
 		}
-		if c := meta.GetCondition(receiver.Status.Conditions, meta.ReadyCondition); c != nil {
+		if c := apimeta.FindStatusCondition(receiver.Status.Conditions, meta.ReadyCondition); c != nil {
 			switch c.Status {
-			case corev1.ConditionTrue:
+			case metav1.ConditionTrue:
 				return true, nil
-			case corev1.ConditionFalse:
+			case metav1.ConditionFalse:
 				return false, fmt.Errorf(c.Message)
 			}
 		}
--- a/cmd/flux/create_secret.go
+++ b/cmd/flux/create_secret.go
@@ -0,0 +1,99 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 )
 var createSecretCmd = &cobra.Command{
 	Use:   "secret",
 	Short: "Create or update Kubernetes secrets",
 	Long:  "The create source sub-commands generate Kubernetes secrets specific to Flux.",
 }
 func init() {
 	createCmd.AddCommand(createSecretCmd)
 }
 func makeSecret(name string) (corev1.Secret, error) {
 	secretLabels, err := parseLabels()
 	if err != nil {
 		return corev1.Secret{}, err
 	}
 	return corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
 			Namespace: rootArgs.namespace,
 			Labels:    secretLabels,
 		},
 		StringData: map[string]string{},
 		Data:       nil,
 	}, nil
 }
 func upsertSecret(ctx context.Context, kubeClient client.Client, secret corev1.Secret) error {
 	namespacedName := types.NamespacedName{
 		Namespace: secret.GetNamespace(),
 		Name:      secret.GetName(),
 	}
 	var existing corev1.Secret
 	err := kubeClient.Get(ctx, namespacedName, &existing)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			if err := kubeClient.Create(ctx, &secret); err != nil {
 				return err
 			} else {
 				return nil
 			}
 		}
 		return err
 	}
 	existing.StringData = secret.StringData
 	if err := kubeClient.Update(ctx, &existing); err != nil {
 		return err
 	}
 	return nil
 }
 func exportSecret(secret corev1.Secret) error {
 	secret.TypeMeta = metav1.TypeMeta{
 		APIVersion: "v1",
 		Kind:       "Secret",
 	}
 	data, err := yaml.Marshal(secret)
 	if err != nil {
 		return err
 	}
 	fmt.Println("---")
 	fmt.Println(resourceToString(data))
 	return nil
 }
--- a/cmd/flux/create_secret_git.go
+++ b/cmd/flux/create_secret_git.go
@@ -0,0 +1,216 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"crypto/elliptic"
 	"fmt"
 	"io/ioutil"
 	"net/url"
 	"time"
 	"github.com/spf13/cobra"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/pkg/ssh"
 )
 var createSecretGitCmd = &cobra.Command{
 	Use:   "git [name]",
 	Short: "Create or update a Kubernetes secret for Git authentication",
 	Long: `
 The create secret git command generates a Kubernetes secret with Git credentials.
 For Git over SSH, the host and SSH keys are automatically generated and stored in the secret.
 For Git over HTTP/S, the provided basic authentication credentials are stored in the secret.`,
 	Example: `  # Create a Git SSH authentication secret using an ECDSA P-521 curve public key
  flux create secret git podinfo-auth \
    --url=ssh://git@github.com/stefanprodan/podinfo \
    --ssh-key-algorithm=ecdsa \
    --ssh-ecdsa-curve=p521
  # Create a secret for a Git repository using basic authentication
  flux create secret git podinfo-auth \
    --url=https://github.com/stefanprodan/podinfo \
    --username=username \
    --password=password
  # Create a Git SSH secret on disk and print the deploy key
  flux create secret git podinfo-auth \
    --url=ssh://git@github.com/stefanprodan/podinfo \
    --export > podinfo-auth.yaml
  yq read podinfo-auth.yaml 'data."identity.pub"' | base64 --decode
  # Create a Git SSH secret on disk and encrypt it with Mozilla SOPS
  flux create secret git podinfo-auth \
    --namespace=apps \
    --url=ssh://git@github.com/stefanprodan/podinfo \
    --export > podinfo-auth.yaml
  sops --encrypt --encrypted-regex '^(data|stringData)$' \
    --in-place podinfo-auth.yaml
 `,
 	RunE: createSecretGitCmdRun,
 }
 type secretGitFlags struct {
 	url          string
 	username     string
 	password     string
 	keyAlgorithm flags.PublicKeyAlgorithm
 	rsaBits      flags.RSAKeyBits
 	ecdsaCurve   flags.ECDSACurve
 	caFile       string
 }
 var secretGitArgs = NewSecretGitFlags()
 func init() {
 	createSecretGitCmd.Flags().StringVar(&secretGitArgs.url, "url", "", "git address, e.g. ssh://git@host/org/repository")
 	createSecretGitCmd.Flags().StringVarP(&secretGitArgs.username, "username", "u", "", "basic authentication username")
 	createSecretGitCmd.Flags().StringVarP(&secretGitArgs.password, "password", "p", "", "basic authentication password")
 	createSecretGitCmd.Flags().Var(&secretGitArgs.keyAlgorithm, "ssh-key-algorithm", secretGitArgs.keyAlgorithm.Description())
 	createSecretGitCmd.Flags().Var(&secretGitArgs.rsaBits, "ssh-rsa-bits", secretGitArgs.rsaBits.Description())
 	createSecretGitCmd.Flags().Var(&secretGitArgs.ecdsaCurve, "ssh-ecdsa-curve", secretGitArgs.ecdsaCurve.Description())
 	createSecretGitCmd.Flags().StringVar(&secretGitArgs.caFile, "ca-file", "", "path to TLS CA file used for validating self-signed certificates")
 	createSecretCmd.AddCommand(createSecretGitCmd)
 }
 func NewSecretGitFlags() secretGitFlags {
 	return secretGitFlags{
 		keyAlgorithm: "rsa",
 		rsaBits:      2048,
 		ecdsaCurve:   flags.ECDSACurve{Curve: elliptic.P384()},
 	}
 }
 func createSecretGitCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("secret name is required")
 	}
 	name := args[0]
 	secret, err := makeSecret(name)
 	if err != nil {
 		return err
 	}
 	if secretGitArgs.url == "" {
 		return fmt.Errorf("url is required")
 	}
 	u, err := url.Parse(secretGitArgs.url)
 	if err != nil {
 		return fmt.Errorf("git URL parse failed: %w", err)
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	switch u.Scheme {
 	case "ssh":
 		pair, err := generateKeyPair(ctx, secretGitArgs.keyAlgorithm, secretGitArgs.rsaBits, secretGitArgs.ecdsaCurve)
 		if err != nil {
 			return err
 		}
 		hostKey, err := scanHostKey(ctx, u)
 		if err != nil {
 			return err
 		}
 		secret.StringData = map[string]string{
 			"identity":     string(pair.PrivateKey),
 			"identity.pub": string(pair.PublicKey),
 			"known_hosts":  string(hostKey),
 		}
 		if !createArgs.export {
 			logger.Generatef("deploy key: %s", string(pair.PublicKey))
 		}
 	case "http", "https":
 		if secretGitArgs.username == "" || secretGitArgs.password == "" {
 			return fmt.Errorf("for Git over HTTP/S the username and password are required")
 		}
 		secret.StringData = map[string]string{
 			"username": secretGitArgs.username,
 			"password": secretGitArgs.password,
 		}
 		if secretGitArgs.caFile != "" {
 			ca, err := ioutil.ReadFile(secretGitArgs.caFile)
 			if err != nil {
 				return fmt.Errorf("failed to read CA file '%s': %w", secretGitArgs.caFile, err)
 			}
 			secret.StringData["caFile"] = string(ca)
 		}
 	default:
 		return fmt.Errorf("git URL scheme '%s' not supported, can be: ssh, http and https", u.Scheme)
 	}
 	if createArgs.export {
 		return exportSecret(secret)
 	}
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	if err := upsertSecret(ctx, kubeClient, secret); err != nil {
 		return err
 	}
 	logger.Actionf("secret '%s' created in '%s' namespace", name, rootArgs.namespace)
 	return nil
 }
 func generateKeyPair(ctx context.Context, alg flags.PublicKeyAlgorithm, rsa flags.RSAKeyBits, ecdsa flags.ECDSACurve) (*ssh.KeyPair, error) {
 	var keyGen ssh.KeyPairGenerator
 	switch algorithm := alg.String(); algorithm {
 	case "rsa":
 		keyGen = ssh.NewRSAGenerator(int(rsa))
 	case "ecdsa":
 		keyGen = ssh.NewECDSAGenerator(ecdsa.Curve)
 	case "ed25519":
 		keyGen = ssh.NewEd25519Generator()
 	default:
 		return nil, fmt.Errorf("unsupported public key algorithm: %s", algorithm)
 	}
 	pair, err := keyGen.Generate()
 	if err != nil {
 		return nil, fmt.Errorf("key pair generation failed, error: %w", err)
 	}
 	return pair, nil
 }
 func scanHostKey(ctx context.Context, url *url.URL) ([]byte, error) {
 	host := url.Host
 	if url.Port() == "" {
 		host = host + ":22"
 	}
 	hostKey, err := ssh.ScanHostKey(host, 30*time.Second)
 	if err != nil {
 		return nil, fmt.Errorf("SSH key scan for host %s failed, error: %w", host, err)
 	}
 	return hostKey, nil
 }
--- a/cmd/flux/create_secret_helm.go
+++ b/cmd/flux/create_secret_helm.go
@@ -0,0 +1,107 @@
 /*
 Copyright 2021 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"github.com/spf13/cobra"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var createSecretHelmCmd = &cobra.Command{
 	Use:   "helm [name]",
 	Short: "Create or update a Kubernetes secret for Helm repository authentication",
 	Long: `
 The create secret helm command generates a Kubernetes secret with basic authentication credentials.`,
 	Example: `    # Create a Helm authentication secret on disk and encrypt it with Mozilla SOPS
  flux create secret helm repo-auth \
    --namespace=my-namespace \
    --username=my-username \
    --password=my-password \
    --export > repo-auth.yaml
  sops --encrypt --encrypted-regex '^(data|stringData)$' \
    --in-place repo-auth.yaml
  # Create an authentication secret using a custom TLS cert
  flux create secret helm repo-auth \
    --username=username \
    --password=password \
    --cert-file=./cert.crt \
    --key-file=./key.crt \
    --ca-file=./ca.crt
 `,
 	RunE: createSecretHelmCmdRun,
 }
 type secretHelmFlags struct {
 	username string
 	password string
 	secretTLSFlags
 }
 var secretHelmArgs secretHelmFlags
 func init() {
 	createSecretHelmCmd.Flags().StringVarP(&secretHelmArgs.username, "username", "u", "", "basic authentication username")
 	createSecretHelmCmd.Flags().StringVarP(&secretHelmArgs.password, "password", "p", "", "basic authentication password")
 	initSecretTLSFlags(createSecretHelmCmd.Flags(), &secretHelmArgs.secretTLSFlags)
 	createSecretCmd.AddCommand(createSecretHelmCmd)
 }
 func createSecretHelmCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("secret name is required")
 	}
 	name := args[0]
 	secret, err := makeSecret(name)
 	if err != nil {
 		return err
 	}
 	if secretHelmArgs.username != "" && secretHelmArgs.password != "" {
 		secret.StringData["username"] = secretHelmArgs.username
 		secret.StringData["password"] = secretHelmArgs.password
 	}
 	if err = populateSecretTLS(&secret, secretHelmArgs.secretTLSFlags); err != nil {
 		return err
 	}
 	if createArgs.export {
 		return exportSecret(secret)
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	if err := upsertSecret(ctx, kubeClient, secret); err != nil {
 		return err
 	}
 	logger.Actionf("secret '%s' created in '%s' namespace", name, rootArgs.namespace)
 	return nil
 }
--- a/cmd/flux/create_secret_tls.go
+++ b/cmd/flux/create_secret_tls.go
@@ -0,0 +1,128 @@
 /*
 Copyright 2020, 2021 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"io/ioutil"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
 	corev1 "k8s.io/api/core/v1"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var createSecretTLSCmd = &cobra.Command{
 	Use:   "tls [name]",
 	Short: "Create or update a Kubernetes secret with TLS certificates",
 	Long: `
 The create secret tls command generates a Kubernetes secret with certificates for use with TLS.`,
 	Example: `
  # Create a TLS secret on disk and encrypt it with Mozilla SOPS.
  # Files are expected to be PEM-encoded.
  flux create secret tls certs \
    --namespace=my-namespace \
    --cert-file=./client.crt \
    --key-file=./client.key \
    --export > certs.yaml
  sops --encrypt --encrypted-regex '^(data|stringData)$' \
    --in-place certs.yaml
 `,
 	RunE: createSecretTLSCmdRun,
 }
 type secretTLSFlags struct {
 	certFile string
 	keyFile  string
 	caFile   string
 }
 var secretTLSArgs secretTLSFlags
 func initSecretTLSFlags(flags *pflag.FlagSet, args *secretTLSFlags) {
 	flags.StringVar(&args.certFile, "cert-file", "", "TLS authentication cert file path")
 	flags.StringVar(&args.keyFile, "key-file", "", "TLS authentication key file path")
 	flags.StringVar(&args.caFile, "ca-file", "", "TLS authentication CA file path")
 }
 func init() {
 	flags := createSecretTLSCmd.Flags()
 	initSecretTLSFlags(flags, &secretTLSArgs)
 	createSecretCmd.AddCommand(createSecretTLSCmd)
 }
 func populateSecretTLS(secret *corev1.Secret, args secretTLSFlags) error {
 	if args.certFile != "" && args.keyFile != "" {
 		cert, err := ioutil.ReadFile(args.certFile)
 		if err != nil {
 			return fmt.Errorf("failed to read repository cert file '%s': %w", args.certFile, err)
 		}
 		secret.StringData["certFile"] = string(cert)
 		key, err := ioutil.ReadFile(args.keyFile)
 		if err != nil {
 			return fmt.Errorf("failed to read repository key file '%s': %w", args.keyFile, err)
 		}
 		secret.StringData["keyFile"] = string(key)
 	}
 	if args.caFile != "" {
 		ca, err := ioutil.ReadFile(args.caFile)
 		if err != nil {
 			return fmt.Errorf("failed to read repository CA file '%s': %w", args.caFile, err)
 		}
 		secret.StringData["caFile"] = string(ca)
 	}
 	return nil
 }
 func createSecretTLSCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("secret name is required")
 	}
 	name := args[0]
 	secret, err := makeSecret(name)
 	if err != nil {
 		return err
 	}
 	if err = populateSecretTLS(&secret, secretTLSArgs); err != nil {
 		return err
 	}
 	if createArgs.export {
 		return exportSecret(secret)
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	if err := upsertSecret(ctx, kubeClient, secret); err != nil {
 		return err
 	}
 	logger.Actionf("secret '%s' created in '%s' namespace", name, rootArgs.namespace)
 	return nil
 }
--- a/cmd/flux/create_source.go
+++ b/cmd/flux/create_source.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
--- a/cmd/flux/create_source_bucket.go
+++ b/cmd/flux/create_source_bucket.go
@@ -0,0 +1,238 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"io/ioutil"
 	"os"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"github.com/fluxcd/pkg/apis/meta"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var createSourceBucketCmd = &cobra.Command{
 	Use:   "bucket [name]",
 	Short: "Create or update a Bucket source",
 	Long: `
 The create source bucket command generates a Bucket resource and waits for it to be downloaded.
 For Buckets with static authentication, the credentials are stored in a Kubernetes secret.`,
 	Example: `  # Create a source from a Buckets using static authentication
  flux create source bucket podinfo \
 	--bucket-name=podinfo \
    --endpoint=minio.minio.svc.cluster.local:9000 \
 	--insecure=true \
 	--access-key=myaccesskey \
 	--secret-key=mysecretkey \
    --interval=10m
  # Create a source from an Amazon S3 Bucket using IAM authentication
  flux create source bucket podinfo \
 	--bucket-name=podinfo \
 	--provider=aws \
    --endpoint=s3.amazonaws.com \
 	--region=us-east-1 \
    --interval=10m
 `,
 	RunE: createSourceBucketCmdRun,
 }
 type sourceBucketFlags struct {
 	name      string
 	provider  flags.SourceBucketProvider
 	endpoint  string
 	accessKey string
 	secretKey string
 	region    string
 	insecure  bool
 	secretRef string
 }
 var sourceBucketArgs = NewSourceBucketFlags()
 func init() {
 	createSourceBucketCmd.Flags().Var(&sourceBucketArgs.provider, "provider", sourceBucketArgs.provider.Description())
 	createSourceBucketCmd.Flags().StringVar(&sourceBucketArgs.name, "bucket-name", "", "the bucket name")
 	createSourceBucketCmd.Flags().StringVar(&sourceBucketArgs.endpoint, "endpoint", "", "the bucket endpoint address")
 	createSourceBucketCmd.Flags().StringVar(&sourceBucketArgs.accessKey, "access-key", "", "the bucket access key")
 	createSourceBucketCmd.Flags().StringVar(&sourceBucketArgs.secretKey, "secret-key", "", "the bucket secret key")
 	createSourceBucketCmd.Flags().StringVar(&sourceBucketArgs.region, "region", "", "the bucket region")
 	createSourceBucketCmd.Flags().BoolVar(&sourceBucketArgs.insecure, "insecure", false, "for when connecting to a non-TLS S3 HTTP endpoint")
 	createSourceBucketCmd.Flags().StringVar(&sourceBucketArgs.secretRef, "secret-ref", "", "the name of an existing secret containing credentials")
 	createSourceCmd.AddCommand(createSourceBucketCmd)
 }
 func NewSourceBucketFlags() sourceBucketFlags {
 	return sourceBucketFlags{
 		provider: flags.SourceBucketProvider(sourcev1.GenericBucketProvider),
 	}
 }
 func createSourceBucketCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("Bucket source name is required")
 	}
 	name := args[0]
 	if sourceBucketArgs.name == "" {
 		return fmt.Errorf("bucket-name is required")
 	}
 	if sourceBucketArgs.endpoint == "" {
 		return fmt.Errorf("endpoint is required")
 	}
 	sourceLabels, err := parseLabels()
 	if err != nil {
 		return err
 	}
 	tmpDir, err := ioutil.TempDir("", name)
 	if err != nil {
 		return err
 	}
 	defer os.RemoveAll(tmpDir)
 	bucket := &sourcev1.Bucket{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
 			Namespace: rootArgs.namespace,
 			Labels:    sourceLabels,
 		},
 		Spec: sourcev1.BucketSpec{
 			BucketName: sourceBucketArgs.name,
 			Provider:   sourceBucketArgs.provider.String(),
 			Insecure:   sourceBucketArgs.insecure,
 			Endpoint:   sourceBucketArgs.endpoint,
 			Region:     sourceBucketArgs.region,
 			Interval: metav1.Duration{
 				Duration: createArgs.interval,
 			},
 		},
 	}
 	if sourceHelmArgs.secretRef != "" {
 		bucket.Spec.SecretRef = &meta.LocalObjectReference{
 			Name: sourceBucketArgs.secretRef,
 		}
 	}
 	if createArgs.export {
 		return exportBucket(*bucket)
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	logger.Generatef("generating Bucket source")
 	if sourceBucketArgs.secretRef == "" {
 		secretName := fmt.Sprintf("bucket-%s", name)
 		secret := corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
 				Name:      secretName,
 				Namespace: rootArgs.namespace,
 				Labels:    sourceLabels,
 			},
 			StringData: map[string]string{},
 		}
 		if sourceBucketArgs.accessKey != "" && sourceBucketArgs.secretKey != "" {
 			secret.StringData["accesskey"] = sourceBucketArgs.accessKey
 			secret.StringData["secretkey"] = sourceBucketArgs.secretKey
 		}
 		if len(secret.StringData) > 0 {
 			logger.Actionf("applying secret with the bucket credentials")
 			if err := upsertSecret(ctx, kubeClient, secret); err != nil {
 				return err
 			}
 			bucket.Spec.SecretRef = &meta.LocalObjectReference{
 				Name: secretName,
 			}
 			logger.Successf("authentication configured")
 		}
 	}
 	logger.Actionf("applying Bucket source")
 	namespacedName, err := upsertBucket(ctx, kubeClient, bucket)
 	if err != nil {
 		return err
 	}
 	logger.Waitingf("waiting for Bucket source reconciliation")
 	if err := wait.PollImmediate(rootArgs.pollInterval, rootArgs.timeout,
 		isBucketReady(ctx, kubeClient, namespacedName, bucket)); err != nil {
 		return err
 	}
 	logger.Successf("Bucket source reconciliation completed")
 	if bucket.Status.Artifact == nil {
 		return fmt.Errorf("Bucket source reconciliation but no artifact was found")
 	}
 	logger.Successf("fetched revision: %s", bucket.Status.Artifact.Revision)
 	return nil
 }
 func upsertBucket(ctx context.Context, kubeClient client.Client,
 	bucket *sourcev1.Bucket) (types.NamespacedName, error) {
 	namespacedName := types.NamespacedName{
 		Namespace: bucket.GetNamespace(),
 		Name:      bucket.GetName(),
 	}
 	var existing sourcev1.Bucket
 	err := kubeClient.Get(ctx, namespacedName, &existing)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			if err := kubeClient.Create(ctx, bucket); err != nil {
 				return namespacedName, err
 			} else {
 				logger.Successf("Bucket source created")
 				return namespacedName, nil
 			}
 		}
 		return namespacedName, err
 	}
 	existing.Labels = bucket.Labels
 	existing.Spec = bucket.Spec
 	if err := kubeClient.Update(ctx, &existing); err != nil {
 		return namespacedName, err
 	}
 	bucket = &existing
 	logger.Successf("Bucket source updated")
 	return namespacedName, nil
 }
--- a/cmd/flux/create_source_git.go
+++ b/cmd/flux/create_source_git.go
@@ -0,0 +1,361 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"crypto/elliptic"
 	"fmt"
 	"io/ioutil"
 	"net/url"
 	"os"
 	"github.com/manifoldco/promptui"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"github.com/fluxcd/pkg/apis/meta"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 type sourceGitFlags struct {
 	url               string
 	branch            string
 	tag               string
 	semver            string
 	username          string
 	password          string
 	caFile            string
 	keyAlgorithm      flags.PublicKeyAlgorithm
 	keyRSABits        flags.RSAKeyBits
 	keyECDSACurve     flags.ECDSACurve
 	secretRef         string
 	gitImplementation flags.GitImplementation
 }
 var createSourceGitCmd = &cobra.Command{
 	Use:   "git [name]",
 	Short: "Create or update a GitRepository source",
 	Long: `
 The create source git command generates a GitRepository resource and waits for it to sync.
 For Git over SSH, host and SSH keys are automatically generated and stored in a Kubernetes secret.
 For private Git repositories, the basic authentication credentials are stored in a Kubernetes secret.`,
 	Example: `  # Create a source from a public Git repository master branch
  flux create source git podinfo \
    --url=https://github.com/stefanprodan/podinfo \
    --branch=master
  # Create a source from a Git repository pinned to specific git tag
  flux create source git podinfo \
    --url=https://github.com/stefanprodan/podinfo \
    --tag="3.2.3"
  # Create a source from a public Git repository tag that matches a semver range
  flux create source git podinfo \
    --url=https://github.com/stefanprodan/podinfo \
    --tag-semver=">=3.2.0 <3.3.0"
  # Create a source from a Git repository using SSH authentication
  flux create source git podinfo \
    --url=ssh://git@github.com/stefanprodan/podinfo \
    --branch=master
  # Create a source from a Git repository using SSH authentication and an
  # ECDSA P-521 curve public key
  flux create source git podinfo \
    --url=ssh://git@github.com/stefanprodan/podinfo \
    --branch=master \
    --ssh-key-algorithm=ecdsa \
    --ssh-ecdsa-curve=p521
  # Create a source from a Git repository using basic authentication
  flux create source git podinfo \
    --url=https://github.com/stefanprodan/podinfo \
    --username=username \
    --password=password
 `,
 	RunE: createSourceGitCmdRun,
 }
 var sourceGitArgs = newSourceGitFlags()
 func init() {
 	createSourceGitCmd.Flags().StringVar(&sourceGitArgs.url, "url", "", "git address, e.g. ssh://git@host/org/repository")
 	createSourceGitCmd.Flags().StringVar(&sourceGitArgs.branch, "branch", "master", "git branch")
 	createSourceGitCmd.Flags().StringVar(&sourceGitArgs.tag, "tag", "", "git tag")
 	createSourceGitCmd.Flags().StringVar(&sourceGitArgs.semver, "tag-semver", "", "git tag semver range")
 	createSourceGitCmd.Flags().StringVarP(&sourceGitArgs.username, "username", "u", "", "basic authentication username")
 	createSourceGitCmd.Flags().StringVarP(&sourceGitArgs.password, "password", "p", "", "basic authentication password")
 	createSourceGitCmd.Flags().Var(&sourceGitArgs.keyAlgorithm, "ssh-key-algorithm", sourceGitArgs.keyAlgorithm.Description())
 	createSourceGitCmd.Flags().Var(&sourceGitArgs.keyRSABits, "ssh-rsa-bits", sourceGitArgs.keyRSABits.Description())
 	createSourceGitCmd.Flags().Var(&sourceGitArgs.keyECDSACurve, "ssh-ecdsa-curve", sourceGitArgs.keyECDSACurve.Description())
 	createSourceGitCmd.Flags().StringVar(&sourceGitArgs.secretRef, "secret-ref", "", "the name of an existing secret containing SSH or basic credentials")
 	createSourceGitCmd.Flags().Var(&sourceGitArgs.gitImplementation, "git-implementation", sourceGitArgs.gitImplementation.Description())
 	createSourceGitCmd.Flags().StringVar(&sourceGitArgs.caFile, "ca-file", "", "path to TLS CA file used for validating self-signed certificates, requires libgit2")
 	createSourceCmd.AddCommand(createSourceGitCmd)
 }
 func newSourceGitFlags() sourceGitFlags {
 	return sourceGitFlags{
 		keyAlgorithm:  "rsa",
 		keyRSABits:    2048,
 		keyECDSACurve: flags.ECDSACurve{Curve: elliptic.P384()},
 	}
 }
 func createSourceGitCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("GitRepository source name is required")
 	}
 	name := args[0]
 	if sourceGitArgs.url == "" {
 		return fmt.Errorf("url is required")
 	}
 	if sourceGitArgs.gitImplementation.String() != sourcev1.LibGit2Implementation && sourceGitArgs.caFile != "" {
 		return fmt.Errorf("specifing a CA file requires --git-implementation=%s", sourcev1.LibGit2Implementation)
 	}
 	tmpDir, err := ioutil.TempDir("", name)
 	if err != nil {
 		return err
 	}
 	defer os.RemoveAll(tmpDir)
 	u, err := url.Parse(sourceGitArgs.url)
 	if err != nil {
 		return fmt.Errorf("git URL parse failed: %w", err)
 	}
 	sourceLabels, err := parseLabels()
 	if err != nil {
 		return err
 	}
 	gitRepository := sourcev1.GitRepository{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
 			Namespace: rootArgs.namespace,
 			Labels:    sourceLabels,
 		},
 		Spec: sourcev1.GitRepositorySpec{
 			URL: sourceGitArgs.url,
 			Interval: metav1.Duration{
 				Duration: createArgs.interval,
 			},
 			Reference: &sourcev1.GitRepositoryRef{},
 		},
 	}
 	if sourceGitArgs.gitImplementation != "" {
 		gitRepository.Spec.GitImplementation = sourceGitArgs.gitImplementation.String()
 	}
 	if sourceGitArgs.semver != "" {
 		gitRepository.Spec.Reference.SemVer = sourceGitArgs.semver
 	} else if sourceGitArgs.tag != "" {
 		gitRepository.Spec.Reference.Tag = sourceGitArgs.tag
 	} else {
 		gitRepository.Spec.Reference.Branch = sourceGitArgs.branch
 	}
 	if createArgs.export {
 		if sourceGitArgs.secretRef != "" {
 			gitRepository.Spec.SecretRef = &meta.LocalObjectReference{
 				Name: sourceGitArgs.secretRef,
 			}
 		}
 		return exportGit(gitRepository)
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	withAuth := false
 	// TODO(hidde): move all auth prep to separate func?
 	if sourceGitArgs.secretRef != "" {
 		withAuth = true
 	} else if u.Scheme == "ssh" {
 		logger.Generatef("generating deploy key pair")
 		pair, err := generateKeyPair(ctx, sourceGitArgs.keyAlgorithm, sourceGitArgs.keyRSABits, sourceGitArgs.keyECDSACurve)
 		if err != nil {
 			return err
 		}
 		logger.Successf("deploy key: %s", pair.PublicKey)
 		prompt := promptui.Prompt{
 			Label:     "Have you added the deploy key to your repository",
 			IsConfirm: true,
 		}
 		if _, err := prompt.Run(); err != nil {
 			return fmt.Errorf("aborting")
 		}
 		logger.Actionf("collecting preferred public key from SSH server")
 		hostKey, err := scanHostKey(ctx, u)
 		if err != nil {
 			return err
 		}
 		logger.Successf("collected public key from SSH server:\n%s", hostKey)
 		logger.Actionf("applying secret with keys")
 		secret := corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
 				Name:      name,
 				Namespace: rootArgs.namespace,
 				Labels:    sourceLabels,
 			},
 			StringData: map[string]string{
 				"identity":     string(pair.PrivateKey),
 				"identity.pub": string(pair.PublicKey),
 				"known_hosts":  string(hostKey),
 			},
 		}
 		if err := upsertSecret(ctx, kubeClient, secret); err != nil {
 			return err
 		}
 		withAuth = true
 	} else if sourceGitArgs.username != "" && sourceGitArgs.password != "" {
 		logger.Actionf("applying secret with basic auth credentials")
 		secret := corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
 				Name:      name,
 				Namespace: rootArgs.namespace,
 				Labels:    sourceLabels,
 			},
 			StringData: map[string]string{
 				"username": sourceGitArgs.username,
 				"password": sourceGitArgs.password,
 			},
 		}
 		if sourceGitArgs.caFile != "" {
 			ca, err := ioutil.ReadFile(sourceGitArgs.caFile)
 			if err != nil {
 				return fmt.Errorf("failed to read CA file '%s': %w", sourceGitArgs.caFile, err)
 			}
 			secret.StringData["caFile"] = string(ca)
 		}
 		if err := upsertSecret(ctx, kubeClient, secret); err != nil {
 			return err
 		}
 		withAuth = true
 	}
 	if withAuth {
 		logger.Successf("authentication configured")
 	}
 	logger.Generatef("generating GitRepository source")
 	if withAuth {
 		secretName := name
 		if sourceGitArgs.secretRef != "" {
 			secretName = sourceGitArgs.secretRef
 		}
 		gitRepository.Spec.SecretRef = &meta.LocalObjectReference{
 			Name: secretName,
 		}
 	}
 	logger.Actionf("applying GitRepository source")
 	namespacedName, err := upsertGitRepository(ctx, kubeClient, &gitRepository)
 	if err != nil {
 		return err
 	}
 	logger.Waitingf("waiting for GitRepository source reconciliation")
 	if err := wait.PollImmediate(rootArgs.pollInterval, rootArgs.timeout,
 		isGitRepositoryReady(ctx, kubeClient, namespacedName, &gitRepository)); err != nil {
 		return err
 	}
 	logger.Successf("GitRepository source reconciliation completed")
 	if gitRepository.Status.Artifact == nil {
 		return fmt.Errorf("GitRepository source reconciliation completed but no artifact was found")
 	}
 	logger.Successf("fetched revision: %s", gitRepository.Status.Artifact.Revision)
 	return nil
 }
 func upsertGitRepository(ctx context.Context, kubeClient client.Client,
 	gitRepository *sourcev1.GitRepository) (types.NamespacedName, error) {
 	namespacedName := types.NamespacedName{
 		Namespace: gitRepository.GetNamespace(),
 		Name:      gitRepository.GetName(),
 	}
 	var existing sourcev1.GitRepository
 	err := kubeClient.Get(ctx, namespacedName, &existing)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			if err := kubeClient.Create(ctx, gitRepository); err != nil {
 				return namespacedName, err
 			} else {
 				logger.Successf("GitRepository source created")
 				return namespacedName, nil
 			}
 		}
 		return namespacedName, err
 	}
 	existing.Labels = gitRepository.Labels
 	existing.Spec = gitRepository.Spec
 	if err := kubeClient.Update(ctx, &existing); err != nil {
 		return namespacedName, err
 	}
 	gitRepository = &existing
 	logger.Successf("GitRepository source updated")
 	return namespacedName, nil
 }
 func isGitRepositoryReady(ctx context.Context, kubeClient client.Client,
 	namespacedName types.NamespacedName, gitRepository *sourcev1.GitRepository) wait.ConditionFunc {
 	return func() (bool, error) {
 		err := kubeClient.Get(ctx, namespacedName, gitRepository)
 		if err != nil {
 			return false, err
 		}
 		if c := apimeta.FindStatusCondition(gitRepository.Status.Conditions, meta.ReadyCondition); c != nil {
 			switch c.Status {
 			case metav1.ConditionTrue:
 				return true, nil
 			case metav1.ConditionFalse:
 				return false, fmt.Errorf(c.Message)
 			}
 		}
 		return false, nil
 	}
 }
--- a/cmd/flux/create_source_helm.go
+++ b/cmd/flux/create_source_helm.go
@@ -0,0 +1,275 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"io/ioutil"
 	"net/url"
 	"os"
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var createSourceHelmCmd = &cobra.Command{
 	Use:   "helm [name]",
 	Short: "Create or update a HelmRepository source",
 	Long: `
 The create source helm command generates a HelmRepository resource and waits for it to fetch the index.
 For private Helm repositories, the basic authentication credentials are stored in a Kubernetes secret.`,
 	Example: `  # Create a source from a public Helm repository
  flux create source helm podinfo \
    --url=https://stefanprodan.github.io/podinfo \
    --interval=10m
  # Create a source from a Helm repository using basic authentication
  flux create source helm podinfo \
    --url=https://stefanprodan.github.io/podinfo \
    --username=username \
    --password=password
  # Create a source from a Helm repository using TLS authentication
  flux create source helm podinfo \
    --url=https://stefanprodan.github.io/podinfo \
    --cert-file=./cert.crt \
    --key-file=./key.crt \
    --ca-file=./ca.crt
 `,
 	RunE: createSourceHelmCmdRun,
 }
 type sourceHelmFlags struct {
 	url       string
 	username  string
 	password  string
 	certFile  string
 	keyFile   string
 	caFile    string
 	secretRef string
 }
 var sourceHelmArgs sourceHelmFlags
 func init() {
 	createSourceHelmCmd.Flags().StringVar(&sourceHelmArgs.url, "url", "", "Helm repository address")
 	createSourceHelmCmd.Flags().StringVarP(&sourceHelmArgs.username, "username", "u", "", "basic authentication username")
 	createSourceHelmCmd.Flags().StringVarP(&sourceHelmArgs.password, "password", "p", "", "basic authentication password")
 	createSourceHelmCmd.Flags().StringVar(&sourceHelmArgs.certFile, "cert-file", "", "TLS authentication cert file path")
 	createSourceHelmCmd.Flags().StringVar(&sourceHelmArgs.keyFile, "key-file", "", "TLS authentication key file path")
 	createSourceHelmCmd.Flags().StringVar(&sourceHelmArgs.caFile, "ca-file", "", "TLS authentication CA file path")
 	createSourceHelmCmd.Flags().StringVarP(&sourceHelmArgs.secretRef, "secret-ref", "", "", "the name of an existing secret containing TLS or basic auth credentials")
 	createSourceCmd.AddCommand(createSourceHelmCmd)
 }
 func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("HelmRepository source name is required")
 	}
 	name := args[0]
 	if sourceHelmArgs.url == "" {
 		return fmt.Errorf("url is required")
 	}
 	sourceLabels, err := parseLabels()
 	if err != nil {
 		return err
 	}
 	tmpDir, err := ioutil.TempDir("", name)
 	if err != nil {
 		return err
 	}
 	defer os.RemoveAll(tmpDir)
 	if _, err := url.Parse(sourceHelmArgs.url); err != nil {
 		return fmt.Errorf("url parse failed: %w", err)
 	}
 	helmRepository := &sourcev1.HelmRepository{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
 			Namespace: rootArgs.namespace,
 			Labels:    sourceLabels,
 		},
 		Spec: sourcev1.HelmRepositorySpec{
 			URL: sourceHelmArgs.url,
 			Interval: metav1.Duration{
 				Duration: createArgs.interval,
 			},
 		},
 	}
 	if sourceHelmArgs.secretRef != "" {
 		helmRepository.Spec.SecretRef = &meta.LocalObjectReference{
 			Name: sourceHelmArgs.secretRef,
 		}
 	}
 	if createArgs.export {
 		return exportHelmRepository(*helmRepository)
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	logger.Generatef("generating HelmRepository source")
 	if sourceHelmArgs.secretRef == "" {
 		secretName := fmt.Sprintf("helm-%s", name)
 		secret := corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
 				Name:      secretName,
 				Namespace: rootArgs.namespace,
 				Labels:    sourceLabels,
 			},
 			StringData: map[string]string{},
 		}
 		if sourceHelmArgs.username != "" && sourceHelmArgs.password != "" {
 			secret.StringData["username"] = sourceHelmArgs.username
 			secret.StringData["password"] = sourceHelmArgs.password
 		}
 		if sourceHelmArgs.certFile != "" && sourceHelmArgs.keyFile != "" {
 			cert, err := ioutil.ReadFile(sourceHelmArgs.certFile)
 			if err != nil {
 				return fmt.Errorf("failed to read repository cert file '%s': %w", sourceHelmArgs.certFile, err)
 			}
 			secret.StringData["certFile"] = string(cert)
 			key, err := ioutil.ReadFile(sourceHelmArgs.keyFile)
 			if err != nil {
 				return fmt.Errorf("failed to read repository key file '%s': %w", sourceHelmArgs.keyFile, err)
 			}
 			secret.StringData["keyFile"] = string(key)
 		}
 		if sourceHelmArgs.caFile != "" {
 			ca, err := ioutil.ReadFile(sourceHelmArgs.caFile)
 			if err != nil {
 				return fmt.Errorf("failed to read repository CA file '%s': %w", sourceHelmArgs.caFile, err)
 			}
 			secret.StringData["caFile"] = string(ca)
 		}
 		if len(secret.StringData) > 0 {
 			logger.Actionf("applying secret with repository credentials")
 			if err := upsertSecret(ctx, kubeClient, secret); err != nil {
 				return err
 			}
 			helmRepository.Spec.SecretRef = &meta.LocalObjectReference{
 				Name: secretName,
 			}
 			logger.Successf("authentication configured")
 		}
 	}
 	logger.Actionf("applying HelmRepository source")
 	namespacedName, err := upsertHelmRepository(ctx, kubeClient, helmRepository)
 	if err != nil {
 		return err
 	}
 	logger.Waitingf("waiting for HelmRepository source reconciliation")
 	if err := wait.PollImmediate(rootArgs.pollInterval, rootArgs.timeout,
 		isHelmRepositoryReady(ctx, kubeClient, namespacedName, helmRepository)); err != nil {
 		return err
 	}
 	logger.Successf("HelmRepository source reconciliation completed")
 	if helmRepository.Status.Artifact == nil {
 		return fmt.Errorf("HelmRepository source reconciliation completed but no artifact was found")
 	}
 	logger.Successf("fetched revision: %s", helmRepository.Status.Artifact.Revision)
 	return nil
 }
 func upsertHelmRepository(ctx context.Context, kubeClient client.Client,
 	helmRepository *sourcev1.HelmRepository) (types.NamespacedName, error) {
 	namespacedName := types.NamespacedName{
 		Namespace: helmRepository.GetNamespace(),
 		Name:      helmRepository.GetName(),
 	}
 	var existing sourcev1.HelmRepository
 	err := kubeClient.Get(ctx, namespacedName, &existing)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			if err := kubeClient.Create(ctx, helmRepository); err != nil {
 				return namespacedName, err
 			} else {
 				logger.Successf("source created")
 				return namespacedName, nil
 			}
 		}
 		return namespacedName, err
 	}
 	existing.Labels = helmRepository.Labels
 	existing.Spec = helmRepository.Spec
 	if err := kubeClient.Update(ctx, &existing); err != nil {
 		return namespacedName, err
 	}
 	helmRepository = &existing
 	logger.Successf("source updated")
 	return namespacedName, nil
 }
 func isHelmRepositoryReady(ctx context.Context, kubeClient client.Client,
 	namespacedName types.NamespacedName, helmRepository *sourcev1.HelmRepository) wait.ConditionFunc {
 	return func() (bool, error) {
 		err := kubeClient.Get(ctx, namespacedName, helmRepository)
 		if err != nil {
 			return false, err
 		}
 		// Confirm the state we are observing is for the current generation
 		if helmRepository.Generation != helmRepository.Status.ObservedGeneration {
 			return false, nil
 		}
 		if c := apimeta.FindStatusCondition(helmRepository.Status.Conditions, meta.ReadyCondition); c != nil {
 			switch c.Status {
 			case metav1.ConditionTrue:
 				return true, nil
 			case metav1.ConditionFalse:
 				return false, fmt.Errorf(c.Message)
 			}
 		}
 		return false, nil
 	}
 }
--- a/cmd/flux/create_tenant.go
+++ b/cmd/flux/create_tenant.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -21,6 +21,7 @@ import (
 	"context"
 	"fmt"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	rbacv1 "k8s.io/api/rbac/v1"
@@ -37,15 +38,15 @@ var createTenantCmd = &cobra.Command{
 	Use:   "tenant",
 	Short: "Create or update a tenant",
 	Long: `
-The create tenant command generates namespaces and role bindings to limit the
+The create tenant command generates namespaces, service accounts and role bindings to limit the
 reconcilers scope to the tenant namespaces.`,
 	Example: `  # Create a tenant with access to a namespace 
-  gotk create tenant dev-team \
+  flux create tenant dev-team \
    --with-namespace=frontend \
    --label=environment=dev
  # Generate tenant namespaces and role bindings in YAML format
-  gotk create tenant dev-team \
+  flux create tenant dev-team \
    --with-namespace=frontend \
    --with-namespace=backend \
 	--export > dev-team.yaml
@@ -54,19 +55,19 @@ reconcilers scope to the tenant namespaces.`,
 }
 const (
-	tenantLabel       = "toolkit.fluxcd.io/tenant"
+	tenantLabel = "toolkit.fluxcd.io/tenant"
 	tenantRoleBinding = "gotk-reconciler"
 )
-var (
+type tenantFlags struct {
-	tenantNamespaces  []string
+	namespaces  []string
-	tenantClusterRole string
+	clusterRole string
-)
+}
 var tenantArgs tenantFlags
 func init() {
-	createTenantCmd.Hidden = true
+	createTenantCmd.Flags().StringSliceVar(&tenantArgs.namespaces, "with-namespace", nil, "namespace belonging to this tenant")
-	createTenantCmd.Flags().StringSliceVar(&tenantNamespaces, "with-namespace", nil, "namespace belonging to this tenant")
+	createTenantCmd.Flags().StringVar(&tenantArgs.clusterRole, "cluster-role", "cluster-admin", "cluster role of the tenant role binding")
 	createTenantCmd.Flags().StringVar(&tenantClusterRole, "cluster-role", "cluster-admin", "cluster role of the tenant role binding")
 	createCmd.AddCommand(createTenantCmd)
 }
@@ -79,18 +80,19 @@ func createTenantCmdRun(cmd *cobra.Command, args []string) error {
 		return fmt.Errorf("invalid tenant name '%s': %v", tenant, err)
 	}
-	if tenantClusterRole == "" {
+	if tenantArgs.clusterRole == "" {
 		return fmt.Errorf("cluster-role is required")
 	}
-	if tenantNamespaces == nil {
+	if tenantArgs.namespaces == nil {
 		return fmt.Errorf("with-namespace is required")
 	}
 	var namespaces []corev1.Namespace
 	var accounts []corev1.ServiceAccount
 	var roleBindings []rbacv1.RoleBinding
-	for _, ns := range tenantNamespaces {
+	for _, ns := range tenantArgs.namespaces {
 		if err := validation.IsQualifiedName(ns); len(err) > 0 {
 			return fmt.Errorf("invalid namespace '%s': %v", ns, err)
 		}
@@ -110,9 +112,19 @@ func createTenantCmdRun(cmd *cobra.Command, args []string) error {
 		}
 		namespaces = append(namespaces, namespace)
 		account := corev1.ServiceAccount{
 			ObjectMeta: metav1.ObjectMeta{
 				Name:      tenant,
 				Namespace: ns,
 				Labels:    objLabels,
 			},
 		}
 		accounts = append(accounts, account)
 		roleBinding := rbacv1.RoleBinding{
 			ObjectMeta: metav1.ObjectMeta{
-				Name:      tenantRoleBinding,
+				Name:      fmt.Sprintf("%s-reconciler", tenant),
 				Namespace: ns,
 				Labels:    objLabels,
 			},
@@ -122,39 +134,49 @@ func createTenantCmdRun(cmd *cobra.Command, args []string) error {
 					Kind:     "User",
 					Name:     fmt.Sprintf("gotk:%s:reconciler", ns),
 				},
 				{
 					Kind:      "ServiceAccount",
 					Name:      tenant,
 					Namespace: ns,
 				},
 			},
 			RoleRef: rbacv1.RoleRef{
 				APIGroup: "rbac.authorization.k8s.io",
 				Kind:     "ClusterRole",
-				Name:     tenantClusterRole,
+				Name:     tenantArgs.clusterRole,
 			},
 		}
 		roleBindings = append(roleBindings, roleBinding)
 	}
-	if export {
+	if createArgs.export {
-		for i, _ := range tenantNamespaces {
+		for i, _ := range tenantArgs.namespaces {
-			if err := exportTenant(namespaces[i], roleBindings[1]); err != nil {
+			if err := exportTenant(namespaces[i], accounts[i], roleBindings[i]); err != nil {
 				return err
 			}
 		}
 		return nil
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
-	for i, _ := range tenantNamespaces {
+	for i, _ := range tenantArgs.namespaces {
 		logger.Actionf("applying namespace %s", namespaces[i].Name)
 		if err := upsertNamespace(ctx, kubeClient, namespaces[i]); err != nil {
 			return err
 		}
 		logger.Actionf("applying service account %s", accounts[i].Name)
 		if err := upsertServiceAccount(ctx, kubeClient, accounts[i]); err != nil {
 			return err
 		}
 		logger.Actionf("applying role binding %s", roleBindings[i].Name)
 		if err := upsertRoleBinding(ctx, kubeClient, roleBindings[i]); err != nil {
 			return err
@@ -194,6 +216,35 @@ func upsertNamespace(ctx context.Context, kubeClient client.Client, namespace co
 	return nil
 }
 func upsertServiceAccount(ctx context.Context, kubeClient client.Client, account corev1.ServiceAccount) error {
 	namespacedName := types.NamespacedName{
 		Namespace: account.GetNamespace(),
 		Name:      account.GetName(),
 	}
 	var existing corev1.ServiceAccount
 	err := kubeClient.Get(ctx, namespacedName, &existing)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			if err := kubeClient.Create(ctx, &account); err != nil {
 				return err
 			} else {
 				return nil
 			}
 		}
 		return err
 	}
 	if !equality.Semantic.DeepDerivative(account.Labels, existing.Labels) {
 		existing.Labels = account.Labels
 		if err := kubeClient.Update(ctx, &existing); err != nil {
 			return err
 		}
 	}
 	return nil
 }
 func upsertRoleBinding(ctx context.Context, kubeClient client.Client, roleBinding rbacv1.RoleBinding) error {
 	namespacedName := types.NamespacedName{
 		Namespace: roleBinding.GetNamespace(),
@@ -227,7 +278,7 @@ func upsertRoleBinding(ctx context.Context, kubeClient client.Client, roleBindin
 	return nil
 }
-func exportTenant(namespace corev1.Namespace, roleBinding rbacv1.RoleBinding) error {
+func exportTenant(namespace corev1.Namespace, account corev1.ServiceAccount, roleBinding rbacv1.RoleBinding) error {
 	namespace.TypeMeta = metav1.TypeMeta{
 		APIVersion: "v1",
 		Kind:       "Namespace",
@@ -241,6 +292,19 @@ func exportTenant(namespace corev1.Namespace, roleBinding rbacv1.RoleBinding) er
 	data = bytes.Replace(data, []byte("spec: {}\n"), []byte(""), 1)
 	fmt.Println(resourceToString(data))
 	account.TypeMeta = metav1.TypeMeta{
 		APIVersion: "v1",
 		Kind:       "ServiceAccount",
 	}
 	data, err = yaml.Marshal(account)
 	if err != nil {
 		return err
 	}
 	fmt.Println("---")
 	data = bytes.Replace(data, []byte("spec: {}\n"), []byte(""), 1)
 	fmt.Println(resourceToString(data))
 	roleBinding.TypeMeta = metav1.TypeMeta{
 		APIVersion: "rbac.authorization.k8s.io/v1",
 		Kind:       "RoleBinding",
--- a/cmd/flux/delete.go
+++ b/cmd/flux/delete.go
@@ -0,0 +1,96 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"github.com/manifoldco/promptui"
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/types"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var deleteCmd = &cobra.Command{
 	Use:   "delete",
 	Short: "Delete sources and resources",
 	Long:  "The delete sub-commands delete sources and resources.",
 }
 type deleteFlags struct {
 	silent bool
 }
 var deleteArgs deleteFlags
 func init() {
 	deleteCmd.PersistentFlags().BoolVarP(&deleteArgs.silent, "silent", "s", false,
 		"delete resource without asking for confirmation")
 	rootCmd.AddCommand(deleteCmd)
 }
 type deleteCommand struct {
 	apiType
 	object adapter // for getting the value, and later deleting it
 }
 func (del deleteCommand) run(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("%s name is required", del.humanKind)
 	}
 	name := args[0]
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	namespacedName := types.NamespacedName{
 		Namespace: rootArgs.namespace,
 		Name:      name,
 	}
 	err = kubeClient.Get(ctx, namespacedName, del.object.asClientObject())
 	if err != nil {
 		return err
 	}
 	if !deleteArgs.silent {
 		prompt := promptui.Prompt{
 			Label:     "Are you sure you want to delete this " + del.humanKind,
 			IsConfirm: true,
 		}
 		if _, err := prompt.Run(); err != nil {
 			return fmt.Errorf("aborting")
 		}
 	}
 	logger.Actionf("deleting %s %s in %s namespace", del.humanKind, name, rootArgs.namespace)
 	err = kubeClient.Delete(ctx, del.object.asClientObject())
 	if err != nil {
 		return err
 	}
 	logger.Successf("%s deleted", del.humanKind)
 	return nil
 }
--- a/cmd/flux/delete_alert.go
+++ b/cmd/flux/delete_alert.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -24,6 +24,7 @@ import (
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/types"
 	"github.com/fluxcd/flux2/internal/utils"
 	notificationv1 "github.com/fluxcd/notification-controller/api/v1beta1"
 )
@@ -32,7 +33,7 @@ var deleteAlertCmd = &cobra.Command{
 	Short: "Delete a Alert resource",
 	Long:  "The delete alert command removes the given Alert from the cluster.",
 	Example: `  # Delete an Alert and the Kubernetes resources created by it
-  gotk delete alert main
+  flux delete alert main
 `,
 	RunE: deleteAlertCmdRun,
 }
@@ -47,16 +48,16 @@ func deleteAlertCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	name := args[0]
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	namespacedName := types.NamespacedName{
-		Namespace: namespace,
+		Namespace: rootArgs.namespace,
 		Name:      name,
 	}
@@ -66,7 +67,7 @@ func deleteAlertCmdRun(cmd *cobra.Command, args []string) error {
 		return err
 	}
-	if !deleteSilent {
+	if !deleteArgs.silent {
 		prompt := promptui.Prompt{
 			Label:     "Are you sure you want to delete this Alert",
 			IsConfirm: true,
@@ -76,7 +77,7 @@ func deleteAlertCmdRun(cmd *cobra.Command, args []string) error {
 		}
 	}
-	logger.Actionf("deleting alert %s in %s namespace", name, namespace)
+	logger.Actionf("deleting alert %s in %s namespace", name, rootArgs.namespace)
 	err = kubeClient.Delete(ctx, &alert)
 	if err != nil {
 		return err
--- a/cmd/flux/delete_alertprovider.go
+++ b/cmd/flux/delete_alertprovider.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -24,6 +24,7 @@ import (
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/types"
 	"github.com/fluxcd/flux2/internal/utils"
 	notificationv1 "github.com/fluxcd/notification-controller/api/v1beta1"
 )
@@ -32,7 +33,7 @@ var deleteAlertProviderCmd = &cobra.Command{
 	Short: "Delete a Provider resource",
 	Long:  "The delete alert-provider command removes the given Provider from the cluster.",
 	Example: `  # Delete a Provider and the Kubernetes resources created by it
-  gotk delete alert-provider slack
+  flux delete alert-provider slack
 `,
 	RunE: deleteAlertProviderCmdRun,
 }
@@ -47,16 +48,16 @@ func deleteAlertProviderCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	name := args[0]
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	namespacedName := types.NamespacedName{
-		Namespace: namespace,
+		Namespace: rootArgs.namespace,
 		Name:      name,
 	}
@@ -66,7 +67,7 @@ func deleteAlertProviderCmdRun(cmd *cobra.Command, args []string) error {
 		return err
 	}
-	if !deleteSilent {
+	if !deleteArgs.silent {
 		prompt := promptui.Prompt{
 			Label:     "Are you sure you want to delete this Provider",
 			IsConfirm: true,
@@ -76,7 +77,7 @@ func deleteAlertProviderCmdRun(cmd *cobra.Command, args []string) error {
 		}
 	}
-	logger.Actionf("deleting provider %s in %s namespace", name, namespace)
+	logger.Actionf("deleting provider %s in %s namespace", name, rootArgs.namespace)
 	err = kubeClient.Delete(ctx, &alertProvider)
 	if err != nil {
 		return err
--- a/cmd/flux/delete_helmrelease.go
+++ b/cmd/flux/delete_helmrelease.go
@@ -0,0 +1,40 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	helmv2 "github.com/fluxcd/helm-controller/api/v2beta1"
 	"github.com/spf13/cobra"
 )
 var deleteHelmReleaseCmd = &cobra.Command{
 	Use:     "helmrelease [name]",
 	Aliases: []string{"hr"},
 	Short:   "Delete a HelmRelease resource",
 	Long:    "The delete helmrelease command removes the given HelmRelease from the cluster.",
 	Example: `  # Delete a Helm release and the Kubernetes resources created by it
  flux delete hr podinfo
 `,
 	RunE: deleteCommand{
 		apiType: helmReleaseType,
 		object:  universalAdapter{&helmv2.HelmRelease{}},
 	}.run,
 }
 func init() {
 	deleteCmd.AddCommand(deleteHelmReleaseCmd)
 }
--- a/cmd/flux/delete_image.go
+++ b/cmd/flux/delete_image.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -20,19 +20,12 @@ import (
 	"github.com/spf13/cobra"
 )
-var deleteCmd = &cobra.Command{
+var deleteImageCmd = &cobra.Command{
-	Use:   "delete",
+	Use:   "image",
-	Short: "Delete sources and resources",
+	Short: "Delete image automation objects",
-	Long:  "The delete sub-commands delete sources and resources.",
+	Long:  "The delete image sub-commands delete image automation objects.",
 }
 var (
 	deleteSilent bool
 )
 func init() {
-	deleteCmd.PersistentFlags().BoolVarP(&deleteSilent, "silent", "s", false,
+	deleteCmd.AddCommand(deleteImageCmd)
 		"delete resource without asking for confirmation")
 	rootCmd.AddCommand(deleteCmd)
 }
--- a/cmd/flux/delete_image_policy.go
+++ b/cmd/flux/delete_image_policy.go
@@ -0,0 +1,40 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 	imagev1 "github.com/fluxcd/image-reflector-controller/api/v1alpha1"
 )
 var deleteImagePolicyCmd = &cobra.Command{
 	Use:   "policy [name]",
 	Short: "Delete an ImagePolicy object",
 	Long:  "The delete image policy command deletes the given ImagePolicy from the cluster.",
 	Example: `  # Delete an image policy
  flux delete image policy alpine3.x
 `,
 	RunE: deleteCommand{
 		apiType: imagePolicyType,
 		object:  universalAdapter{&imagev1.ImagePolicy{}},
 	}.run,
 }
 func init() {
 	deleteImageCmd.AddCommand(deleteImagePolicyCmd)
 }
--- a/cmd/flux/delete_image_repository.go
+++ b/cmd/flux/delete_image_repository.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -17,29 +17,24 @@ limitations under the License.
 package main
 import (
 	"bytes"
 	"github.com/spf13/cobra"
 	imagev1 "github.com/fluxcd/image-reflector-controller/api/v1alpha1"
 )
-var exportCmd = &cobra.Command{
+var deleteImageRepositoryCmd = &cobra.Command{
-	Use:   "export",
+	Use:   "repository [name]",
-	Short: "Export resources in YAML format",
+	Short: "Delete an ImageRepository object",
-	Long:  "The export sub-commands export resources in YAML format.",
+	Long:  "The delete image repository command deletes the given ImageRepository from the cluster.",
 	Example: `  # Delete an image repository
  flux delete image repository alpine
 `,
 	RunE: deleteCommand{
 		apiType: imageRepositoryType,
 		object:  universalAdapter{&imagev1.ImageRepository{}},
 	}.run,
 }
 var (
 	exportAll bool
 )
 func init() {
-	exportCmd.PersistentFlags().BoolVar(&exportAll, "all", false, "select all resources")
+	deleteImageCmd.AddCommand(deleteImageRepositoryCmd)
 	rootCmd.AddCommand(exportCmd)
 }
 func resourceToString(data []byte) string {
 	data = bytes.Replace(data, []byte("  creationTimestamp: null\n"), []byte(""), 1)
 	data = bytes.Replace(data, []byte("status: {}\n"), []byte(""), 1)
 	return string(data)
 }
--- a/cmd/flux/delete_image_updateauto.go
+++ b/cmd/flux/delete_image_updateauto.go
@@ -0,0 +1,40 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 	autov1 "github.com/fluxcd/image-automation-controller/api/v1alpha1"
 )
 var deleteImageUpdateCmd = &cobra.Command{
 	Use:   "update [name]",
 	Short: "Delete an ImageUpdateAutomation object",
 	Long:  "The delete image update command deletes the given ImageUpdateAutomation from the cluster.",
 	Example: `  # Delete an image update automation
  flux delete image update latest-images
 `,
 	RunE: deleteCommand{
 		apiType: imageUpdateAutomationType,
 		object:  universalAdapter{&autov1.ImageUpdateAutomation{}},
 	}.run,
 }
 func init() {
 	deleteImageCmd.AddCommand(deleteImageUpdateCmd)
 }
--- a/cmd/flux/delete_kustomization.go
+++ b/cmd/flux/delete_kustomization.go
@@ -0,0 +1,40 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1beta1"
 	"github.com/spf13/cobra"
 )
 var deleteKsCmd = &cobra.Command{
 	Use:     "kustomization [name]",
 	Aliases: []string{"ks"},
 	Short:   "Delete a Kustomization resource",
 	Long:    "The delete kustomization command deletes the given Kustomization from the cluster.",
 	Example: `  # Delete a kustomization and the Kubernetes resources created by it
  flux delete kustomization podinfo
 `,
 	RunE: deleteCommand{
 		apiType: kustomizationType,
 		object:  universalAdapter{&kustomizev1.Kustomization{}},
 	}.run,
 }
 func init() {
 	deleteCmd.AddCommand(deleteKsCmd)
 }
--- a/cmd/flux/delete_receiver.go
+++ b/cmd/flux/delete_receiver.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -24,6 +24,7 @@ import (
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/types"
 	"github.com/fluxcd/flux2/internal/utils"
 	notificationv1 "github.com/fluxcd/notification-controller/api/v1beta1"
 )
@@ -32,7 +33,7 @@ var deleteReceiverCmd = &cobra.Command{
 	Short: "Delete a Receiver resource",
 	Long:  "The delete receiver command removes the given Receiver from the cluster.",
 	Example: `  # Delete an Receiver and the Kubernetes resources created by it
-  gotk delete receiver main
+  flux delete receiver main
 `,
 	RunE: deleteReceiverCmdRun,
 }
@@ -47,16 +48,16 @@ func deleteReceiverCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	name := args[0]
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	namespacedName := types.NamespacedName{
-		Namespace: namespace,
+		Namespace: rootArgs.namespace,
 		Name:      name,
 	}
@@ -66,7 +67,7 @@ func deleteReceiverCmdRun(cmd *cobra.Command, args []string) error {
 		return err
 	}
-	if !deleteSilent {
+	if !deleteArgs.silent {
 		prompt := promptui.Prompt{
 			Label:     "Are you sure you want to delete this Receiver",
 			IsConfirm: true,
@@ -76,7 +77,7 @@ func deleteReceiverCmdRun(cmd *cobra.Command, args []string) error {
 		}
 	}
-	logger.Actionf("deleting receiver %s in %s namespace", name, namespace)
+	logger.Actionf("deleting receiver %s in %s namespace", name, rootArgs.namespace)
 	err = kubeClient.Delete(ctx, &receiver)
 	if err != nil {
 		return err
--- a/cmd/flux/delete_source.go
+++ b/cmd/flux/delete_source.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
--- a/cmd/flux/delete_source_bucket.go
+++ b/cmd/flux/delete_source_bucket.go
@@ -0,0 +1,39 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"github.com/spf13/cobra"
 )
 var deleteSourceBucketCmd = &cobra.Command{
 	Use:   "bucket [name]",
 	Short: "Delete a Bucket source",
 	Long:  "The delete source bucket command deletes the given Bucket from the cluster.",
 	Example: `  # Delete a Bucket source
  flux delete source bucket podinfo
 `,
 	RunE: deleteCommand{
 		apiType: bucketType,
 		object:  universalAdapter{&sourcev1.Bucket{}},
 	}.run,
 }
 func init() {
 	deleteSourceCmd.AddCommand(deleteSourceBucketCmd)
 }
--- a/cmd/flux/delete_source_git.go
+++ b/cmd/flux/delete_source_git.go
@@ -0,0 +1,39 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"github.com/spf13/cobra"
 )
 var deleteSourceGitCmd = &cobra.Command{
 	Use:   "git [name]",
 	Short: "Delete a GitRepository source",
 	Long:  "The delete source git command deletes the given GitRepository from the cluster.",
 	Example: `  # Delete a Git repository
  flux delete source git podinfo
 `,
 	RunE: deleteCommand{
 		apiType: gitRepositoryType,
 		object:  universalAdapter{&sourcev1.GitRepository{}},
 	}.run,
 }
 func init() {
 	deleteSourceCmd.AddCommand(deleteSourceGitCmd)
 }
--- a/cmd/flux/delete_source_helm.go
+++ b/cmd/flux/delete_source_helm.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -20,6 +20,7 @@ import (
 	"context"
 	"fmt"
 	"github.com/fluxcd/flux2/internal/utils"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"github.com/manifoldco/promptui"
 	"github.com/spf13/cobra"
@@ -31,9 +32,12 @@ var deleteSourceHelmCmd = &cobra.Command{
 	Short: "Delete a HelmRepository source",
 	Long:  "The delete source helm command deletes the given HelmRepository from the cluster.",
 	Example: `  # Delete a Helm repository
-  gotk delete source helm podinfo
+  flux delete source helm podinfo
 `,
-	RunE: deleteSourceHelmCmdRun,
+	RunE: deleteCommand{
 		apiType: helmRepositoryType,
 		object:  universalAdapter{&sourcev1.HelmRepository{}},
 	}.run,
 }
 func init() {
@@ -46,16 +50,16 @@ func deleteSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	name := args[0]
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	namespacedName := types.NamespacedName{
-		Namespace: namespace,
+		Namespace: rootArgs.namespace,
 		Name:      name,
 	}
@@ -65,7 +69,7 @@ func deleteSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 		return err
 	}
-	if !deleteSilent {
+	if !deleteArgs.silent {
 		prompt := promptui.Prompt{
 			Label:     "Are you sure you want to delete this source",
 			IsConfirm: true,
@@ -75,7 +79,7 @@ func deleteSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 		}
 	}
-	logger.Actionf("deleting source %s in %s namespace", name, namespace)
+	logger.Actionf("deleting source %s in %s namespace", name, rootArgs.namespace)
 	err = kubeClient.Delete(ctx, &helmRepository)
 	if err != nil {
 		return err
--- a/cmd/flux/export.go
+++ b/cmd/flux/export.go
@@ -0,0 +1,127 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"bytes"
 	"context"
 	"fmt"
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/types"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var exportCmd = &cobra.Command{
 	Use:   "export",
 	Short: "Export resources in YAML format",
 	Long:  "The export sub-commands export resources in YAML format.",
 }
 type exportFlags struct {
 	all bool
 }
 var exportArgs exportFlags
 func init() {
 	exportCmd.PersistentFlags().BoolVar(&exportArgs.all, "all", false, "select all resources")
 	rootCmd.AddCommand(exportCmd)
 }
 // exportable represents a type that you can fetch from the Kubernetes
 // API, then tidy up for serialising.
 type exportable interface {
 	adapter
 	export() interface{}
 }
 // exportableList represents a type that has a list of values, each of
 // which is exportable.
 type exportableList interface {
 	listAdapter
 	exportItem(i int) interface{}
 }
 type exportCommand struct {
 	object exportable
 	list   exportableList
 }
 func (export exportCommand) run(cmd *cobra.Command, args []string) error {
 	if !exportArgs.all && len(args) < 1 {
 		return fmt.Errorf("name is required")
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	if exportArgs.all {
 		err = kubeClient.List(ctx, export.list.asClientList(), client.InNamespace(rootArgs.namespace))
 		if err != nil {
 			return err
 		}
 		if export.list.len() == 0 {
 			logger.Failuref("no objects found in %s namespace", rootArgs.namespace)
 			return nil
 		}
 		for i := 0; i < export.list.len(); i++ {
 			if err = printExport(export.list.exportItem(i)); err != nil {
 				return err
 			}
 		}
 	} else {
 		name := args[0]
 		namespacedName := types.NamespacedName{
 			Namespace: rootArgs.namespace,
 			Name:      name,
 		}
 		err = kubeClient.Get(ctx, namespacedName, export.object.asClientObject())
 		if err != nil {
 			return err
 		}
 		return printExport(export.object.export())
 	}
 	return nil
 }
 func printExport(export interface{}) error {
 	data, err := yaml.Marshal(export)
 	if err != nil {
 		return err
 	}
 	fmt.Println("---")
 	fmt.Println(resourceToString(data))
 	return nil
 }
 func resourceToString(data []byte) string {
 	data = bytes.Replace(data, []byte("  creationTimestamp: null\n"), []byte(""), 1)
 	data = bytes.Replace(data, []byte("status: {}\n"), []byte(""), 1)
 	return string(data)
 }
--- a/cmd/flux/export_alert.go
+++ b/cmd/flux/export_alert.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -26,6 +26,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 	"github.com/fluxcd/flux2/internal/utils"
 	notificationv1 "github.com/fluxcd/notification-controller/api/v1beta1"
 )
@@ -34,10 +35,10 @@ var exportAlertCmd = &cobra.Command{
 	Short: "Export Alert resources in YAML format",
 	Long:  "The export alert command exports one or all Alert resources in YAML format.",
 	Example: `  # Export all Alert resources
-  gotk export alert --all > alerts.yaml
+  flux export alert --all > alerts.yaml
  # Export a Alert
-  gotk export alert main > main.yaml
+  flux export alert main > main.yaml
 `,
 	RunE: exportAlertCmdRun,
 }
@@ -47,27 +48,27 @@ func init() {
 }
 func exportAlertCmdRun(cmd *cobra.Command, args []string) error {
-	if !exportAll && len(args) < 1 {
+	if !exportArgs.all && len(args) < 1 {
 		return fmt.Errorf("name is required")
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
-	if exportAll {
+	if exportArgs.all {
 		var list notificationv1.AlertList
-		err = kubeClient.List(ctx, &list, client.InNamespace(namespace))
+		err = kubeClient.List(ctx, &list, client.InNamespace(rootArgs.namespace))
 		if err != nil {
 			return err
 		}
 		if len(list.Items) == 0 {
-			logger.Failuref("no alerts found in %s namespace", namespace)
+			logger.Failuref("no alerts found in %s namespace", rootArgs.namespace)
 			return nil
 		}
@@ -79,7 +80,7 @@ func exportAlertCmdRun(cmd *cobra.Command, args []string) error {
 	} else {
 		name := args[0]
 		namespacedName := types.NamespacedName{
-			Namespace: namespace,
+			Namespace: rootArgs.namespace,
 			Name:      name,
 		}
 		var alert notificationv1.Alert
--- a/cmd/flux/export_alertprovider.go
+++ b/cmd/flux/export_alertprovider.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -26,6 +26,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 	"github.com/fluxcd/flux2/internal/utils"
 	notificationv1 "github.com/fluxcd/notification-controller/api/v1beta1"
 )
@@ -34,10 +35,10 @@ var exportAlertProviderCmd = &cobra.Command{
 	Short: "Export Provider resources in YAML format",
 	Long:  "The export alert-provider command exports one or all Provider resources in YAML format.",
 	Example: `  # Export all Provider resources
-  gotk export alert-provider --all > alert-providers.yaml
+  flux export alert-provider --all > alert-providers.yaml
  # Export a Provider
-  gotk export alert-provider slack > slack.yaml
+  flux export alert-provider slack > slack.yaml
 `,
 	RunE: exportAlertProviderCmdRun,
 }
@@ -47,27 +48,27 @@ func init() {
 }
 func exportAlertProviderCmdRun(cmd *cobra.Command, args []string) error {
-	if !exportAll && len(args) < 1 {
+	if !exportArgs.all && len(args) < 1 {
 		return fmt.Errorf("name is required")
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
-	if exportAll {
+	if exportArgs.all {
 		var list notificationv1.ProviderList
-		err = kubeClient.List(ctx, &list, client.InNamespace(namespace))
+		err = kubeClient.List(ctx, &list, client.InNamespace(rootArgs.namespace))
 		if err != nil {
 			return err
 		}
 		if len(list.Items) == 0 {
-			logger.Failuref("no alertproviders found in %s namespace", namespace)
+			logger.Failuref("no alertproviders found in %s namespace", rootArgs.namespace)
 			return nil
 		}
@@ -79,7 +80,7 @@ func exportAlertProviderCmdRun(cmd *cobra.Command, args []string) error {
 	} else {
 		name := args[0]
 		namespacedName := types.NamespacedName{
-			Namespace: namespace,
+			Namespace: rootArgs.namespace,
 			Name:      name,
 		}
 		var alertProvider notificationv1.Provider
--- a/cmd/flux/export_helmrelease.go
+++ b/cmd/flux/export_helmrelease.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -26,6 +26,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 	"github.com/fluxcd/flux2/internal/utils"
 	helmv2 "github.com/fluxcd/helm-controller/api/v2beta1"
 )
@@ -35,10 +36,10 @@ var exportHelmReleaseCmd = &cobra.Command{
 	Short:   "Export HelmRelease resources in YAML format",
 	Long:    "The export helmrelease command exports one or all HelmRelease resources in YAML format.",
 	Example: `  # Export all HelmRelease resources
-  gotk export helmrelease --all > kustomizations.yaml
+  flux export helmrelease --all > kustomizations.yaml
  # Export a HelmRelease
-  gotk export hr my-app > app-release.yaml
+  flux export hr my-app > app-release.yaml
 `,
 	RunE: exportHelmReleaseCmdRun,
 }
@@ -48,27 +49,27 @@ func init() {
 }
 func exportHelmReleaseCmdRun(cmd *cobra.Command, args []string) error {
-	if !exportAll && len(args) < 1 {
+	if !exportArgs.all && len(args) < 1 {
 		return fmt.Errorf("name is required")
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
-	if exportAll {
+	if exportArgs.all {
 		var list helmv2.HelmReleaseList
-		err = kubeClient.List(ctx, &list, client.InNamespace(namespace))
+		err = kubeClient.List(ctx, &list, client.InNamespace(rootArgs.namespace))
 		if err != nil {
 			return err
 		}
 		if len(list.Items) == 0 {
-			logger.Failuref("no helmrelease found in %s namespace", namespace)
+			logger.Failuref("no helmrelease found in %s namespace", rootArgs.namespace)
 			return nil
 		}
@@ -80,7 +81,7 @@ func exportHelmReleaseCmdRun(cmd *cobra.Command, args []string) error {
 	} else {
 		name := args[0]
 		namespacedName := types.NamespacedName{
-			Namespace: namespace,
+			Namespace: rootArgs.namespace,
 			Name:      name,
 		}
 		var helmRelease helmv2.HelmRelease
--- a/cmd/flux/export_image.go
+++ b/cmd/flux/export_image.go
@@ -0,0 +1,31 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 )
 var exportImageCmd = &cobra.Command{
 	Use:   "image",
 	Short: "Export image automation objects",
 	Long:  "The export image sub-commands export image automation objects in YAML format.",
 }
 func init() {
 	exportCmd.AddCommand(exportImageCmd)
 }
--- a/cmd/flux/export_image_policy.go
+++ b/cmd/flux/export_image_policy.go
@@ -0,0 +1,72 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	imagev1 "github.com/fluxcd/image-reflector-controller/api/v1alpha1"
 )
 var exportImagePolicyCmd = &cobra.Command{
 	Use:   "policy [name]",
 	Short: "Export ImagePolicy resources in YAML format",
 	Long:  "The export image policy command exports one or all ImagePolicy resources in YAML format.",
 	Example: `  # Export all ImagePolicy resources
  flux export image policy --all > image-policies.yaml
  # Export a specific policy
  flux export image policy alpine1x > alpine1x.yaml
 `,
 	RunE: exportCommand{
 		object: imagePolicyAdapter{&imagev1.ImagePolicy{}},
 		list:   imagePolicyListAdapter{&imagev1.ImagePolicyList{}},
 	}.run,
 }
 func init() {
 	exportImageCmd.AddCommand(exportImagePolicyCmd)
 }
 // Export returns a ImagePolicy value which has extraneous information
 // stripped out.
 func exportImagePolicy(item *imagev1.ImagePolicy) interface{} {
 	gvk := imagev1.GroupVersion.WithKind(imagev1.ImagePolicyKind)
 	export := imagev1.ImagePolicy{
 		TypeMeta: metav1.TypeMeta{
 			Kind:       gvk.Kind,
 			APIVersion: gvk.GroupVersion().String(),
 		},
 		ObjectMeta: metav1.ObjectMeta{
 			Name:        item.Name,
 			Namespace:   item.Namespace,
 			Labels:      item.Labels,
 			Annotations: item.Annotations,
 		},
 		Spec: item.Spec,
 	}
 	return export
 }
 func (ex imagePolicyAdapter) export() interface{} {
 	return exportImagePolicy(ex.ImagePolicy)
 }
 func (ex imagePolicyListAdapter) exportItem(i int) interface{} {
 	return exportImagePolicy(&ex.ImagePolicyList.Items[i])
 }
--- a/cmd/flux/export_image_repository.go
+++ b/cmd/flux/export_image_repository.go
@@ -0,0 +1,70 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	imagev1 "github.com/fluxcd/image-reflector-controller/api/v1alpha1"
 )
 var exportImageRepositoryCmd = &cobra.Command{
 	Use:   "repository [name]",
 	Short: "Export ImageRepository resources in YAML format",
 	Long:  "The export image repository command exports one or all ImageRepository resources in YAML format.",
 	Example: `  # Export all ImageRepository resources
  flux export image repository --all > image-repositories.yaml
  # Export a specific ImageRepository resource
  flux export image repository alpine > alpine.yaml
 `,
 	RunE: exportCommand{
 		object: imageRepositoryAdapter{&imagev1.ImageRepository{}},
 		list:   imageRepositoryListAdapter{&imagev1.ImageRepositoryList{}},
 	}.run,
 }
 func init() {
 	exportImageCmd.AddCommand(exportImageRepositoryCmd)
 }
 func exportImageRepository(repo *imagev1.ImageRepository) interface{} {
 	gvk := imagev1.GroupVersion.WithKind(imagev1.ImageRepositoryKind)
 	export := imagev1.ImageRepository{
 		TypeMeta: metav1.TypeMeta{
 			Kind:       gvk.Kind,
 			APIVersion: gvk.GroupVersion().String(),
 		},
 		ObjectMeta: metav1.ObjectMeta{
 			Name:        repo.Name,
 			Namespace:   repo.Namespace,
 			Labels:      repo.Labels,
 			Annotations: repo.Annotations,
 		},
 		Spec: repo.Spec,
 	}
 	return export
 }
 func (ex imageRepositoryAdapter) export() interface{} {
 	return exportImageRepository(ex.ImageRepository)
 }
 func (ex imageRepositoryListAdapter) exportItem(i int) interface{} {
 	return exportImageRepository(&ex.ImageRepositoryList.Items[i])
 }
--- a/cmd/flux/export_image_updateauto.go
+++ b/cmd/flux/export_image_updateauto.go
@@ -0,0 +1,72 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	autov1 "github.com/fluxcd/image-automation-controller/api/v1alpha1"
 )
 var exportImageUpdateCmd = &cobra.Command{
 	Use:   "update [name]",
 	Short: "Export ImageUpdateAutomation resources in YAML format",
 	Long:  "The export image update command exports one or all ImageUpdateAutomation resources in YAML format.",
 	Example: `  # Export all ImageUpdateAutomation resources
  flux export image update --all > updates.yaml
  # Export a specific automation
  flux export image update latest-images > latest.yaml
 `,
 	RunE: exportCommand{
 		object: imageUpdateAutomationAdapter{&autov1.ImageUpdateAutomation{}},
 		list:   imageUpdateAutomationListAdapter{&autov1.ImageUpdateAutomationList{}},
 	}.run,
 }
 func init() {
 	exportImageCmd.AddCommand(exportImageUpdateCmd)
 }
 // exportImageUpdate returns a value which has extraneous information
 // stripped out.
 func exportImageUpdate(item *autov1.ImageUpdateAutomation) interface{} {
 	gvk := autov1.GroupVersion.WithKind(autov1.ImageUpdateAutomationKind)
 	export := autov1.ImageUpdateAutomation{
 		TypeMeta: metav1.TypeMeta{
 			Kind:       gvk.Kind,
 			APIVersion: gvk.GroupVersion().String(),
 		},
 		ObjectMeta: metav1.ObjectMeta{
 			Name:        item.Name,
 			Namespace:   item.Namespace,
 			Labels:      item.Labels,
 			Annotations: item.Annotations,
 		},
 		Spec: item.Spec,
 	}
 	return export
 }
 func (ex imageUpdateAutomationAdapter) export() interface{} {
 	return exportImageUpdate(ex.ImageUpdateAutomation)
 }
 func (ex imageUpdateAutomationListAdapter) exportItem(i int) interface{} {
 	return exportImageUpdate(&ex.ImageUpdateAutomationList.Items[i])
 }
--- a/cmd/flux/export_kustomization.go
+++ b/cmd/flux/export_kustomization.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -26,6 +26,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 	"github.com/fluxcd/flux2/internal/utils"
 	kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1beta1"
 )
@@ -35,10 +36,10 @@ var exportKsCmd = &cobra.Command{
 	Short:   "Export Kustomization resources in YAML format",
 	Long:    "The export kustomization command exports one or all Kustomization resources in YAML format.",
 	Example: `  # Export all Kustomization resources
-  gotk export kustomization --all > kustomizations.yaml
+  flux export kustomization --all > kustomizations.yaml
  # Export a Kustomization
-  gotk export kustomization my-app > kustomization.yaml
+  flux export kustomization my-app > kustomization.yaml
 `,
 	RunE: exportKsCmdRun,
 }
@@ -48,27 +49,27 @@ func init() {
 }
 func exportKsCmdRun(cmd *cobra.Command, args []string) error {
-	if !exportAll && len(args) < 1 {
+	if !exportArgs.all && len(args) < 1 {
 		return fmt.Errorf("kustomization name is required")
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
-	if exportAll {
+	if exportArgs.all {
 		var list kustomizev1.KustomizationList
-		err = kubeClient.List(ctx, &list, client.InNamespace(namespace))
+		err = kubeClient.List(ctx, &list, client.InNamespace(rootArgs.namespace))
 		if err != nil {
 			return err
 		}
 		if len(list.Items) == 0 {
-			logger.Failuref("no kustomizations found in %s namespace", namespace)
+			logger.Failuref("no kustomizations found in %s namespace", rootArgs.namespace)
 			return nil
 		}
@@ -80,7 +81,7 @@ func exportKsCmdRun(cmd *cobra.Command, args []string) error {
 	} else {
 		name := args[0]
 		namespacedName := types.NamespacedName{
-			Namespace: namespace,
+			Namespace: rootArgs.namespace,
 			Name:      name,
 		}
 		var kustomization kustomizev1.Kustomization
--- a/cmd/flux/export_receiver.go
+++ b/cmd/flux/export_receiver.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -26,6 +26,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 	"github.com/fluxcd/flux2/internal/utils"
 	notificationv1 "github.com/fluxcd/notification-controller/api/v1beta1"
 )
@@ -34,10 +35,10 @@ var exportReceiverCmd = &cobra.Command{
 	Short: "Export Receiver resources in YAML format",
 	Long:  "The export receiver command exports one or all Receiver resources in YAML format.",
 	Example: `  # Export all Receiver resources
-  gotk export receiver --all > receivers.yaml
+  flux export receiver --all > receivers.yaml
  # Export a Receiver
-  gotk export receiver main > main.yaml
+  flux export receiver main > main.yaml
 `,
 	RunE: exportReceiverCmdRun,
 }
@@ -47,27 +48,27 @@ func init() {
 }
 func exportReceiverCmdRun(cmd *cobra.Command, args []string) error {
-	if !exportAll && len(args) < 1 {
+	if !exportArgs.all && len(args) < 1 {
 		return fmt.Errorf("name is required")
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
-	if exportAll {
+	if exportArgs.all {
 		var list notificationv1.ReceiverList
-		err = kubeClient.List(ctx, &list, client.InNamespace(namespace))
+		err = kubeClient.List(ctx, &list, client.InNamespace(rootArgs.namespace))
 		if err != nil {
 			return err
 		}
 		if len(list.Items) == 0 {
-			logger.Failuref("no receivers found in %s namespace", namespace)
+			logger.Failuref("no receivers found in %s namespace", rootArgs.namespace)
 			return nil
 		}
@@ -79,7 +80,7 @@ func exportReceiverCmdRun(cmd *cobra.Command, args []string) error {
 	} else {
 		name := args[0]
 		namespacedName := types.NamespacedName{
-			Namespace: namespace,
+			Namespace: rootArgs.namespace,
 			Name:      name,
 		}
 		var receiver notificationv1.Receiver
--- a/cmd/flux/export_source.go
+++ b/cmd/flux/export_source.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
--- a/cmd/flux/export_source_bucket.go
+++ b/cmd/flux/export_source_bucket.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -27,6 +27,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 	"github.com/fluxcd/flux2/internal/utils"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
@@ -35,10 +36,10 @@ var exportSourceBucketCmd = &cobra.Command{
 	Short: "Export Bucket sources in YAML format",
 	Long:  "The export source git command exports on or all Bucket sources in YAML format.",
 	Example: `  # Export all Bucket sources
-  gotk export source bucket --all > sources.yaml
+  flux export source bucket --all > sources.yaml
  # Export a Bucket source including the static credentials
-  gotk export source bucket my-bucket --with-credentials > source.yaml
+  flux export source bucket my-bucket --with-credentials > source.yaml
 `,
 	RunE: exportSourceBucketCmdRun,
 }
@@ -48,27 +49,27 @@ func init() {
 }
 func exportSourceBucketCmdRun(cmd *cobra.Command, args []string) error {
-	if !exportAll && len(args) < 1 {
+	if !exportArgs.all && len(args) < 1 {
 		return fmt.Errorf("name is required")
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
-	if exportAll {
+	if exportArgs.all {
 		var list sourcev1.BucketList
-		err = kubeClient.List(ctx, &list, client.InNamespace(namespace))
+		err = kubeClient.List(ctx, &list, client.InNamespace(rootArgs.namespace))
 		if err != nil {
 			return err
 		}
 		if len(list.Items) == 0 {
-			logger.Failuref("no source found in %s namespace", namespace)
+			logger.Failuref("no source found in %s namespace", rootArgs.namespace)
 			return nil
 		}
@@ -85,7 +86,7 @@ func exportSourceBucketCmdRun(cmd *cobra.Command, args []string) error {
 	} else {
 		name := args[0]
 		namespacedName := types.NamespacedName{
-			Namespace: namespace,
+			Namespace: rootArgs.namespace,
 			Name:      name,
 		}
 		var bucket sourcev1.Bucket
--- a/cmd/flux/export_source_git.go
+++ b/cmd/flux/export_source_git.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -27,6 +27,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 	"github.com/fluxcd/flux2/internal/utils"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
@@ -35,10 +36,10 @@ var exportSourceGitCmd = &cobra.Command{
 	Short: "Export GitRepository sources in YAML format",
 	Long:  "The export source git command exports on or all GitRepository sources in YAML format.",
 	Example: `  # Export all GitRepository sources
-  gotk export source git --all > sources.yaml
+  flux export source git --all > sources.yaml
  # Export a GitRepository source including the SSH key pair or basic auth credentials
-  gotk export source git my-private-repo --with-credentials > source.yaml
+  flux export source git my-private-repo --with-credentials > source.yaml
 `,
 	RunE: exportSourceGitCmdRun,
 }
@@ -48,27 +49,27 @@ func init() {
 }
 func exportSourceGitCmdRun(cmd *cobra.Command, args []string) error {
-	if !exportAll && len(args) < 1 {
+	if !exportArgs.all && len(args) < 1 {
 		return fmt.Errorf("name is required")
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
-	if exportAll {
+	if exportArgs.all {
 		var list sourcev1.GitRepositoryList
-		err = kubeClient.List(ctx, &list, client.InNamespace(namespace))
+		err = kubeClient.List(ctx, &list, client.InNamespace(rootArgs.namespace))
 		if err != nil {
 			return err
 		}
 		if len(list.Items) == 0 {
-			logger.Failuref("no source found in %s namespace", namespace)
+			logger.Failuref("no source found in %s namespace", rootArgs.namespace)
 			return nil
 		}
@@ -85,7 +86,7 @@ func exportSourceGitCmdRun(cmd *cobra.Command, args []string) error {
 	} else {
 		name := args[0]
 		namespacedName := types.NamespacedName{
-			Namespace: namespace,
+			Namespace: rootArgs.namespace,
 			Name:      name,
 		}
 		var repository sourcev1.GitRepository
--- a/cmd/flux/export_source_helm.go
+++ b/cmd/flux/export_source_helm.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -27,6 +27,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 	"github.com/fluxcd/flux2/internal/utils"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
@@ -35,10 +36,10 @@ var exportSourceHelmCmd = &cobra.Command{
 	Short: "Export HelmRepository sources in YAML format",
 	Long:  "The export source git command exports on or all HelmRepository sources in YAML format.",
 	Example: `  # Export all HelmRepository sources
-  gotk export source helm --all > sources.yaml
+  flux export source helm --all > sources.yaml
  # Export a HelmRepository source including the basic auth credentials
-  gotk export source helm my-private-repo --with-credentials > source.yaml
+  flux export source helm my-private-repo --with-credentials > source.yaml
 `,
 	RunE: exportSourceHelmCmdRun,
 }
@@ -48,27 +49,27 @@ func init() {
 }
 func exportSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
-	if !exportAll && len(args) < 1 {
+	if !exportArgs.all && len(args) < 1 {
 		return fmt.Errorf("name is required")
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
-	if exportAll {
+	if exportArgs.all {
 		var list sourcev1.HelmRepositoryList
-		err = kubeClient.List(ctx, &list, client.InNamespace(namespace))
+		err = kubeClient.List(ctx, &list, client.InNamespace(rootArgs.namespace))
 		if err != nil {
 			return err
 		}
 		if len(list.Items) == 0 {
-			logger.Failuref("no source found in %s namespace", namespace)
+			logger.Failuref("no source found in %s namespace", rootArgs.namespace)
 			return nil
 		}
@@ -85,7 +86,7 @@ func exportSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 	} else {
 		name := args[0]
 		namespacedName := types.NamespacedName{
-			Namespace: namespace,
+			Namespace: rootArgs.namespace,
 			Name:      name,
 		}
 		var repository sourcev1.HelmRepository
--- a/cmd/flux/get.go
+++ b/cmd/flux/get.go
@@ -0,0 +1,116 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"os"
 	"github.com/spf13/cobra"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var getCmd = &cobra.Command{
 	Use:   "get",
 	Short: "Get sources and resources",
 	Long:  "The get sub-commands print the statuses of sources and resources.",
 }
 type GetFlags struct {
 	allNamespaces bool
 }
 var getArgs GetFlags
 func init() {
 	getCmd.PersistentFlags().BoolVarP(&getArgs.allNamespaces, "all-namespaces", "A", false,
 		"list the requested object(s) across all namespaces")
 	rootCmd.AddCommand(getCmd)
 }
 type summarisable interface {
 	listAdapter
 	summariseItem(i int, includeNamespace bool) []string
 	headers(includeNamespace bool) []string
 }
 // --- these help with implementations of summarisable
 func statusAndMessage(conditions []metav1.Condition) (string, string) {
 	if c := apimeta.FindStatusCondition(conditions, meta.ReadyCondition); c != nil {
 		return string(c.Status), c.Message
 	}
 	return string(metav1.ConditionFalse), "waiting to be reconciled"
 }
 func nameColumns(item named, includeNamespace bool) []string {
 	if includeNamespace {
 		return []string{item.GetNamespace(), item.GetName()}
 	}
 	return []string{item.GetName()}
 }
 var namespaceHeader = []string{"Namespace"}
 type getCommand struct {
 	apiType
 	list summarisable
 }
 func (get getCommand) run(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	var listOpts []client.ListOption
 	if !getArgs.allNamespaces {
 		listOpts = append(listOpts, client.InNamespace(rootArgs.namespace))
 	}
 	if len(args) > 0 {
 		listOpts = append(listOpts, client.MatchingFields{"metadata.name": args[0]})
 	}
 	err = kubeClient.List(ctx, get.list.asClientList(), listOpts...)
 	if err != nil {
 		return err
 	}
 	if get.list.len() == 0 {
 		logger.Failuref("no %s objects found in %s namespace", get.kind, rootArgs.namespace)
 		return nil
 	}
 	header := get.list.headers(getArgs.allNamespaces)
 	var rows [][]string
 	for i := 0; i < get.list.len(); i++ {
 		row := get.list.summariseItem(i, getArgs.allNamespaces)
 		rows = append(rows, row)
 	}
 	utils.PrintTable(os.Stdout, header, rows)
 	return nil
 }
--- a/cmd/flux/get_alert.go
+++ b/cmd/flux/get_alert.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -23,19 +23,22 @@ import (
 	"strings"
 	"github.com/spf13/cobra"
-	corev1 "k8s.io/api/core/v1"
+	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"github.com/fluxcd/flux2/internal/utils"
 	notificationv1 "github.com/fluxcd/notification-controller/api/v1beta1"
 	"github.com/fluxcd/pkg/apis/meta"
 )
 var getAlertCmd = &cobra.Command{
-	Use:   "alerts",
+	Use:     "alerts",
-	Short: "Get Alert statuses",
+	Aliases: []string{"alert"},
-	Long:  "The get alert command prints the statuses of the resources.",
+	Short:   "Get Alert statuses",
 	Long:    "The get alert command prints the statuses of the resources.",
 	Example: `  # List all Alerts and their status
-  gotk get alerts
+  flux get alerts
 `,
 	RunE: getAlertCmdRun,
 }
@@ -45,17 +48,17 @@ func init() {
 }
 func getAlertCmdRun(cmd *cobra.Command, args []string) error {
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	var listOpts []client.ListOption
-	if !allNamespaces {
+	if !getArgs.allNamespaces {
-		listOpts = append(listOpts, client.InNamespace(namespace))
+		listOpts = append(listOpts, client.InNamespace(rootArgs.namespace))
 	}
 	var list notificationv1.AlertList
 	err = kubeClient.List(ctx, &list, listOpts...)
@@ -64,39 +67,37 @@ func getAlertCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	if len(list.Items) == 0 {
-		logger.Failuref("no alerts found in %s namespace", namespace)
+		logger.Failuref("no alerts found in %s namespace", rootArgs.namespace)
 		return nil
 	}
-	header := []string{"Name", "Suspended", "Ready", "Message"}
+	header := []string{"Name", "Ready", "Message", "Suspended"}
-	if allNamespaces {
+	if getArgs.allNamespaces {
 		header = append([]string{"Namespace"}, header...)
 	}
 	var rows [][]string
 	for _, alert := range list.Items {
 		row := []string{}
-		if c := meta.GetCondition(alert.Status.Conditions, meta.ReadyCondition); c != nil {
+		if c := apimeta.FindStatusCondition(alert.Status.Conditions, meta.ReadyCondition); c != nil {
 			row = []string{
 				alert.GetName(),
 				//alert.Status.LastAppliedRevision,
 				strings.Title(strconv.FormatBool(alert.Spec.Suspend)),
 				string(c.Status),
 				c.Message,
 				strings.Title(strconv.FormatBool(alert.Spec.Suspend)),
 			}
 		} else {
 			row = []string{
 				alert.GetName(),
-				//alert.Status.LastAppliedRevision,
+				string(metav1.ConditionFalse),
 				strings.Title(strconv.FormatBool(alert.Spec.Suspend)),
 				string(corev1.ConditionFalse),
 				"waiting to be reconciled",
 				strings.Title(strconv.FormatBool(alert.Spec.Suspend)),
 			}
 		}
-		if allNamespaces {
+		if getArgs.allNamespaces {
 			row = append([]string{alert.Namespace}, row...)
 		}
 		rows = append(rows, row)
 	}
-	utils.printTable(os.Stdout, header, rows)
+	utils.PrintTable(os.Stdout, header, rows)
 	return nil
 }
--- a/cmd/flux/get_alertprovider.go
+++ b/cmd/flux/get_alertprovider.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -21,19 +21,22 @@ import (
 	"os"
 	"github.com/spf13/cobra"
-	corev1 "k8s.io/api/core/v1"
+	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"github.com/fluxcd/flux2/internal/utils"
 	notificationv1 "github.com/fluxcd/notification-controller/api/v1beta1"
 	"github.com/fluxcd/pkg/apis/meta"
 )
 var getAlertProviderCmd = &cobra.Command{
-	Use:   "alert-providers",
+	Use:     "alert-providers",
-	Short: "Get Provider statuses",
+	Aliases: []string{"alert-provider"},
-	Long:  "The get alert-provider command prints the statuses of the resources.",
+	Short:   "Get Provider statuses",
 	Long:    "The get alert-provider command prints the statuses of the resources.",
 	Example: `  # List all Providers and their status
-  gotk get alert-providers
+  flux get alert-providers
 `,
 	RunE: getAlertProviderCmdRun,
 }
@@ -43,17 +46,17 @@ func init() {
 }
 func getAlertProviderCmdRun(cmd *cobra.Command, args []string) error {
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	var listOpts []client.ListOption
-	if !allNamespaces {
+	if !getArgs.allNamespaces {
-		listOpts = append(listOpts, client.InNamespace(namespace))
+		listOpts = append(listOpts, client.InNamespace(rootArgs.namespace))
 	}
 	var list notificationv1.ProviderList
 	err = kubeClient.List(ctx, &list, listOpts...)
@@ -62,18 +65,18 @@ func getAlertProviderCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	if len(list.Items) == 0 {
-		logger.Failuref("no providers found in %s namespace", namespace)
+		logger.Failuref("no providers found in %s namespace", rootArgs.namespace)
 		return nil
 	}
 	header := []string{"Name", "Ready", "Message"}
-	if allNamespaces {
+	if getArgs.allNamespaces {
 		header = append([]string{"Namespace"}, header...)
 	}
 	var rows [][]string
 	for _, provider := range list.Items {
 		row := []string{}
-		if c := meta.GetCondition(provider.Status.Conditions, meta.ReadyCondition); c != nil {
+		if c := apimeta.FindStatusCondition(provider.Status.Conditions, meta.ReadyCondition); c != nil {
 			row = []string{
 				provider.GetName(),
 				string(c.Status),
@@ -82,15 +85,15 @@ func getAlertProviderCmdRun(cmd *cobra.Command, args []string) error {
 		} else {
 			row = []string{
 				provider.GetName(),
-				string(corev1.ConditionFalse),
+				string(metav1.ConditionFalse),
 				"waiting to be reconciled",
 			}
 		}
-		if allNamespaces {
+		if getArgs.allNamespaces {
 			row = append([]string{provider.Namespace}, row...)
 		}
 		rows = append(rows, row)
 	}
-	utils.printTable(os.Stdout, header, rows)
+	utils.PrintTable(os.Stdout, header, rows)
 	return nil
 }
--- a/cmd/flux/get_helmrelease.go
+++ b/cmd/flux/get_helmrelease.go
@@ -0,0 +1,59 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"strconv"
 	"strings"
 	helmv2 "github.com/fluxcd/helm-controller/api/v2beta1"
 	"github.com/spf13/cobra"
 )
 var getHelmReleaseCmd = &cobra.Command{
 	Use:     "helmreleases",
 	Aliases: []string{"hr", "helmrelease"},
 	Short:   "Get HelmRelease statuses",
 	Long:    "The get helmreleases command prints the statuses of the resources.",
 	Example: `  # List all Helm releases and their status
  flux get helmreleases
 `,
 	RunE: getCommand{
 		apiType: helmReleaseType,
 		list:    &helmReleaseListAdapter{&helmv2.HelmReleaseList{}},
 	}.run,
 }
 func init() {
 	getCmd.AddCommand(getHelmReleaseCmd)
 }
 func (a helmReleaseListAdapter) summariseItem(i int, includeNamespace bool) []string {
 	item := a.Items[i]
 	revision := item.Status.LastAppliedRevision
 	status, msg := statusAndMessage(item.Status.Conditions)
 	return append(nameColumns(&item, includeNamespace),
 		status, msg, revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (a helmReleaseListAdapter) headers(includeNamespace bool) []string {
 	headers := []string{"Name", "Ready", "Message", "Revision", "Suspended"}
 	if includeNamespace {
 		headers = append([]string{"Namespace"}, headers...)
 	}
 	return headers
 }
--- a/cmd/flux/get_image.go
+++ b/cmd/flux/get_image.go
@@ -0,0 +1,32 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 )
 var getImageCmd = &cobra.Command{
 	Use:     "images",
 	Aliases: []string{"image"},
 	Short:   "Get image automation object status",
 	Long:    "The get image sub-commands print the status of image automation objects.",
 }
 func init() {
 	getCmd.AddCommand(getImageCmd)
 }
--- a/cmd/flux/get_image_policy.go
+++ b/cmd/flux/get_image_policy.go
@@ -0,0 +1,57 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 	imagev1 "github.com/fluxcd/image-reflector-controller/api/v1alpha1"
 )
 var getImagePolicyCmd = &cobra.Command{
 	Use:   "policy",
 	Short: "Get ImagePolicy status",
 	Long:  "The get image policy command prints the status of ImagePolicy objects.",
 	Example: `  # List all image policies and their status
  flux get image policy
 # List image policies from all namespaces
  flux get image policy --all-namespaces
 `,
 	RunE: getCommand{
 		apiType: imagePolicyType,
 		list:    &imagePolicyListAdapter{&imagev1.ImagePolicyList{}},
 	}.run,
 }
 func init() {
 	getImageCmd.AddCommand(getImagePolicyCmd)
 }
 func (s imagePolicyListAdapter) summariseItem(i int, includeNamespace bool) []string {
 	item := s.Items[i]
 	status, msg := statusAndMessage(item.Status.Conditions)
 	return append(nameColumns(&item, includeNamespace), status, msg, item.Status.LatestImage)
 }
 func (s imagePolicyListAdapter) headers(includeNamespace bool) []string {
 	headers := []string{"Name", "Ready", "Message", "Latest image"}
 	if includeNamespace {
 		return append(namespaceHeader, headers...)
 	}
 	return headers
 }
--- a/cmd/flux/get_image_repository.go
+++ b/cmd/flux/get_image_repository.go
@@ -0,0 +1,66 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"strconv"
 	"strings"
 	"time"
 	"github.com/spf13/cobra"
 	imagev1 "github.com/fluxcd/image-reflector-controller/api/v1alpha1"
 )
 var getImageRepositoryCmd = &cobra.Command{
 	Use:   "repository",
 	Short: "Get ImageRepository status",
 	Long:  "The get image repository command prints the status of ImageRepository objects.",
 	Example: `  # List all image repositories and their status
  flux get image repository
 # List image repositories from all namespaces
  flux get image repository --all-namespaces
 `,
 	RunE: getCommand{
 		apiType: imageRepositoryType,
 		list:    imageRepositoryListAdapter{&imagev1.ImageRepositoryList{}},
 	}.run,
 }
 func init() {
 	getImageCmd.AddCommand(getImageRepositoryCmd)
 }
 func (s imageRepositoryListAdapter) summariseItem(i int, includeNamespace bool) []string {
 	item := s.Items[i]
 	status, msg := statusAndMessage(item.Status.Conditions)
 	var lastScan string
 	if item.Status.LastScanResult != nil {
 		lastScan = item.Status.LastScanResult.ScanTime.Time.Format(time.RFC3339)
 	}
 	return append(nameColumns(&item, includeNamespace),
 		status, msg, lastScan, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (s imageRepositoryListAdapter) headers(includeNamespace bool) []string {
 	headers := []string{"Name", "Ready", "Message", "Last scan", "Suspended"}
 	if includeNamespace {
 		return append(namespaceHeader, headers...)
 	}
 	return headers
 }
--- a/cmd/flux/get_image_updateauto.go
+++ b/cmd/flux/get_image_updateauto.go
@@ -0,0 +1,65 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"strconv"
 	"strings"
 	"time"
 	"github.com/spf13/cobra"
 	autov1 "github.com/fluxcd/image-automation-controller/api/v1alpha1"
 )
 var getImageUpdateCmd = &cobra.Command{
 	Use:   "update",
 	Short: "Get ImageUpdateAutomation status",
 	Long:  "The get image update command prints the status of ImageUpdateAutomation objects.",
 	Example: `  # List all image update automation object and their status
  flux get image update
 # List image update automations from all namespaces
  flux get image update --all-namespaces
 `,
 	RunE: getCommand{
 		apiType: imageUpdateAutomationType,
 		list:    &imageUpdateAutomationListAdapter{&autov1.ImageUpdateAutomationList{}},
 	}.run,
 }
 func init() {
 	getImageCmd.AddCommand(getImageUpdateCmd)
 }
 func (s imageUpdateAutomationListAdapter) summariseItem(i int, includeNamespace bool) []string {
 	item := s.Items[i]
 	status, msg := statusAndMessage(item.Status.Conditions)
 	var lastRun string
 	if item.Status.LastAutomationRunTime != nil {
 		lastRun = item.Status.LastAutomationRunTime.Time.Format(time.RFC3339)
 	}
 	return append(nameColumns(&item, includeNamespace), status, msg, lastRun, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (s imageUpdateAutomationListAdapter) headers(includeNamespace bool) []string {
 	headers := []string{"Name", "Ready", "Message", "Last run", "Suspended"}
 	if includeNamespace {
 		return append(namespaceHeader, headers...)
 	}
 	return headers
 }
--- a/cmd/flux/get_kustomization.go
+++ b/cmd/flux/get_kustomization.go
@@ -0,0 +1,59 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"strconv"
 	"strings"
 	kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1beta1"
 	"github.com/spf13/cobra"
 )
 var getKsCmd = &cobra.Command{
 	Use:     "kustomizations",
 	Aliases: []string{"ks", "kustomization"},
 	Short:   "Get Kustomization statuses",
 	Long:    "The get kustomizations command prints the statuses of the resources.",
 	Example: `  # List all kustomizations and their status
  flux get kustomizations
 `,
 	RunE: getCommand{
 		apiType: kustomizationType,
 		list:    &kustomizationListAdapter{&kustomizev1.KustomizationList{}},
 	}.run,
 }
 func init() {
 	getCmd.AddCommand(getKsCmd)
 }
 func (a kustomizationListAdapter) summariseItem(i int, includeNamespace bool) []string {
 	item := a.Items[i]
 	revision := item.Status.LastAppliedRevision
 	status, msg := statusAndMessage(item.Status.Conditions)
 	return append(nameColumns(&item, includeNamespace),
 		status, msg, revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (a kustomizationListAdapter) headers(includeNamespace bool) []string {
 	headers := []string{"Name", "Ready", "Message", "Revision", "Suspended"}
 	if includeNamespace {
 		headers = append([]string{"Namespace"}, headers...)
 	}
 	return headers
 }
--- a/cmd/flux/get_receiver.go
+++ b/cmd/flux/get_receiver.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -23,19 +23,22 @@ import (
 	"strings"
 	"github.com/spf13/cobra"
-	corev1 "k8s.io/api/core/v1"
+	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"github.com/fluxcd/flux2/internal/utils"
 	notificationv1 "github.com/fluxcd/notification-controller/api/v1beta1"
 	"github.com/fluxcd/pkg/apis/meta"
 )
 var getReceiverCmd = &cobra.Command{
-	Use:   "receivers",
+	Use:     "receivers",
-	Short: "Get Receiver statuses",
+	Aliases: []string{"receiver"},
-	Long:  "The get receiver command prints the statuses of the resources.",
+	Short:   "Get Receiver statuses",
 	Long:    "The get receiver command prints the statuses of the resources.",
 	Example: `  # List all Receiver and their status
-  gotk get receivers
+  flux get receivers
 `,
 	RunE: getReceiverCmdRun,
 }
@@ -45,17 +48,17 @@ func init() {
 }
 func getReceiverCmdRun(cmd *cobra.Command, args []string) error {
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.kubeClient(kubeconfig)
+	kubeClient, err := utils.KubeClient(rootArgs.kubeconfig, rootArgs.kubecontext)
 	if err != nil {
 		return err
 	}
 	var listOpts []client.ListOption
-	if !allNamespaces {
+	if !getArgs.allNamespaces {
-		listOpts = append(listOpts, client.InNamespace(namespace))
+		listOpts = append(listOpts, client.InNamespace(rootArgs.namespace))
 	}
 	var list notificationv1.ReceiverList
 	err = kubeClient.List(ctx, &list, listOpts...)
@@ -64,34 +67,34 @@ func getReceiverCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	if len(list.Items) == 0 {
-		logger.Failuref("no receivers found in %s namespace", namespace)
+		logger.Failuref("no receivers found in %s namespace", rootArgs.namespace)
 		return nil
 	}
-	header := []string{"Name", "Suspended", "Ready", "Message"}
+	header := []string{"Name", "Ready", "Message", "Suspended"}
-	if allNamespaces {
+	if getArgs.allNamespaces {
 		header = append([]string{"Namespace"}, header...)
 	}
 	var rows [][]string
 	for _, receiver := range list.Items {
 		row := []string{}
-		if c := meta.GetCondition(receiver.Status.Conditions, meta.ReadyCondition); c != nil {
+		if c := apimeta.FindStatusCondition(receiver.Status.Conditions, meta.ReadyCondition); c != nil {
 			row = []string{
 				receiver.GetName(),
 				strings.Title(strconv.FormatBool(receiver.Spec.Suspend)),
 				string(c.Status),
 				c.Message,
 				strings.Title(strconv.FormatBool(receiver.Spec.Suspend)),
 			}
 		} else {
 			row = []string{
 				receiver.GetName(),
-				strings.Title(strconv.FormatBool(receiver.Spec.Suspend)),
+				string(metav1.ConditionFalse),
 				string(corev1.ConditionFalse),
 				"waiting to be reconciled",
 				strings.Title(strconv.FormatBool(receiver.Spec.Suspend)),
 			}
 		}
 		rows = append(rows, row)
 	}
-	utils.printTable(os.Stdout, header, rows)
+	utils.PrintTable(os.Stdout, header, rows)
 	return nil
 }
--- a/cmd/flux/get_source.go
+++ b/cmd/flux/get_source.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2020 The Flux CD contributors.
+Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -21,9 +21,10 @@ import (
 )
 var getSourceCmd = &cobra.Command{
-	Use:   "sources",
+	Use:     "sources",
-	Short: "Get source statuses",
+	Aliases: []string{"source"},
-	Long:  "The get source sub-commands print the statuses of the sources.",
+	Short:   "Get source statuses",
 	Long:    "The get source sub-commands print the statuses of the sources.",
 }
 func init() {
--- a/cmd/flux/get_source_bucket.go
+++ b/cmd/flux/get_source_bucket.go
@@ -0,0 +1,64 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"strconv"
 	"strings"
 	"github.com/spf13/cobra"
 )
 var getSourceBucketCmd = &cobra.Command{
 	Use:   "bucket",
 	Short: "Get Bucket source statuses",
 	Long:  "The get sources bucket command prints the status of the Bucket sources.",
 	Example: `  # List all Buckets and their status
  flux get sources bucket
 # List buckets from all namespaces
  flux get sources helm --all-namespaces
 `,
 	RunE: getCommand{
 		apiType: bucketType,
 		list:    &bucketListAdapter{&sourcev1.BucketList{}},
 	}.run,
 }
 func init() {
 	getSourceCmd.AddCommand(getSourceBucketCmd)
 }
 func (a *bucketListAdapter) summariseItem(i int, includeNamespace bool) []string {
 	item := a.Items[i]
 	var revision string
 	if item.GetArtifact() != nil {
 		revision = item.GetArtifact().Revision
 	}
 	status, msg := statusAndMessage(item.Status.Conditions)
 	return append(nameColumns(&item, includeNamespace),
 		status, msg, revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (a bucketListAdapter) headers(includeNamespace bool) []string {
 	headers := []string{"Name", "Ready", "Message", "Revision", "Suspended"}
 	if includeNamespace {
 		headers = append([]string{"Namespace"}, headers...)
 	}
 	return headers
 }
--- a/cmd/flux/get_source_chart.go
+++ b/cmd/flux/get_source_chart.go
@@ -0,0 +1,64 @@
 /*
 Copyright 2020 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"strconv"
 	"strings"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"github.com/spf13/cobra"
 )
 var getSourceHelmChartCmd = &cobra.Command{
 	Use:   "chart",
 	Short: "Get HelmChart statuses",
 	Long:  "The get sources chart command prints the status of the HelmCharts.",
 	Example: `  # List all Helm charts and their status
  flux get sources chart
 # List Helm charts from all namespaces
  flux get sources chart --all-namespaces
 `,
 	RunE: getCommand{
 		apiType: helmChartType,
 		list:    &helmChartListAdapter{&sourcev1.HelmChartList{}},
 	}.run,
 }
 func init() {
 	getSourceCmd.AddCommand(getSourceHelmChartCmd)
 }
 func (a *helmChartListAdapter) summariseItem(i int, includeNamespace bool) []string {
 	item := a.Items[i]
 	var revision string
 	if item.GetArtifact() != nil {
 		revision = item.GetArtifact().Revision
 	}
 	status, msg := statusAndMessage(item.Status.Conditions)
 	return append(nameColumns(&item, includeNamespace),
 		status, msg, revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (a helmChartListAdapter) headers(includeNamespace bool) []string {
 	headers := []string{"Name", "Ready", "Message", "Revision", "Suspended"}
 	if includeNamespace {
 		headers = append([]string{"Namespace"}, headers...)
 	}
 	return headers
 }
--- a/Show More
+++ b/Show More