Update toolkit components

- helm-controller to v0.17.2 https://github.com/fluxcd/helm-controller/blob/v0.17.2/CHANGELOG.md - notification-controller to v0.22.3 https://github.com/fluxcd/notification-controller/blob/v0.22.3/CHANGELOG.md Signed-off-by: GitHub <noreply@github.com>
2026-03-01 11:16:56 +00:00 · 2022-03-16 03:18:39 +05:30 · 2022-03-01 21:21:03 +05:30
232 changed files with 1759 additions and 6324 deletions
--- a/.github/aur/flux-bin/.SRCINFO.template
+++ b/.github/aur/flux-bin/.SRCINFO.template
@@ -8,15 +8,9 @@ pkgbase = flux-bin
 	arch = armv7h
 	arch = aarch64
 	license = APACHE
-	optdepends = bash-completion: auto-completion for flux in Bash
+	source_x86_64 = flux-bin-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v1/flux_${PKGVER}_linux_amd64.tar.gz
-	optdepends = zsh-completions: auto-completion for flux in ZSH
+	source_armv6h = flux-bin-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v1/flux_${PKGVER}_linux_arm.tar.gz
-	source_x86_64 = ${PKGNAME}-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${PKGVER}/flux_${PKGVER}_linux_amd64.tar.gz
+	source_armv7h = flux-bin-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v1/flux_${PKGVER}_linux_arm.tar.gz
-	sha256sums_x86_64 = ${SHA256SUM_AMD64}
+	source_aarch64 = flux-bin-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v1/flux_${PKGVER}_linux_arm64.tar.gz
 	source_armv6h = ${PKGNAME}-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${PKGVER}/flux_${PKGVER}_linux_arm.tar.gz
 	sha256sums_armv6h = ${SHA256SUM_ARM}
 	source_armv7h = ${PKGNAME}-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${PKGVER}/flux_${PKGVER}_linux_arm.tar.gz
 	sha256sums_armv7h = ${SHA256SUM_ARM}
 	source_aarch64 = ${PKGNAME}-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${PKGVER}/flux_${PKGVER}_linux_arm64.tar.gz
 	sha256sums_aarch64 = ${SHA256SUM_ARM64}
 pkgname = flux-bin
--- a/.github/aur/flux-bin/PKGBUILD.template
+++ b/.github/aur/flux-bin/PKGBUILD.template
@@ -8,8 +8,8 @@ pkgdesc="Open and extensible continuous delivery solution for Kubernetes"
 url="https://fluxcd.io/"
 arch=("x86_64" "armv6h" "armv7h" "aarch64")
 license=("APACHE")
-optdepends=('bash-completion: auto-completion for flux in Bash'
+optdepends=('bash-completion: auto-completion for flux in Bash',
-            'zsh-completions: auto-completion for flux in ZSH')
+'zsh-completions: auto-completion for flux in ZSH')
 source_x86_64=(
  "${pkgname}-${pkgver}.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${pkgver}/flux_${pkgver}_linux_amd64.tar.gz"
 )
--- a/.github/runners/prereq.sh
+++ b/.github/runners/prereq.sh
@@ -18,11 +18,11 @@
 set -eu
-KIND_VERSION=0.14.0
+KIND_VERSION=0.11.1
-KUBECTL_VERSION=1.24.0
+KUBECTL_VERSION=1.21.2
-KUSTOMIZE_VERSION=4.5.4
+KUSTOMIZE_VERSION=4.1.3
-HELM_VERSION=3.8.2
+HELM_VERSION=3.7.2
-GITHUB_RUNNER_VERSION=2.291.1
+GITHUB_RUNNER_VERSION=2.285.1
 PACKAGES="apt-transport-https ca-certificates software-properties-common build-essential libssl-dev gnupg lsb-release jq pkg-config"
 # install prerequisites
--- a/.github/workflows/bootstrap.yaml
+++ b/.github/workflows/bootstrap.yaml
@@ -12,18 +12,18 @@ jobs:
    if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
      - name: Restore Go cache
-        uses: actions/cache@v3
+        uses: actions/cache@v1
        with:
          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go1.18-${{ hashFiles('**/go.sum') }}
+          key: ${{ runner.os }}-go1.17-${{ hashFiles('**/go.sum') }}
          restore-keys: |
-            ${{ runner.os }}-go1.18-
+            ${{ runner.os }}-go1.17-
      - name: Setup Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v2
        with:
-          go-version: 1.18.x
+          go-version: 1.17.x
      - name: Setup Kubernetes
        uses: engineerd/setup-kind@v0.5.0
        with:
--- a/.github/workflows/e2e-arm64.yaml
+++ b/.github/workflows/e2e-arm64.yaml
@@ -3,7 +3,7 @@ name: e2e-arm64
 on:
  workflow_dispatch:
  push:
-    branches: [ main, update-components ]
+    branches: [ main, update-components, equinix-runners ]
 jobs:
  test:
@@ -12,11 +12,11 @@ jobs:
    runs-on: [self-hosted, Linux, ARM64, equinix]
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
      - name: Setup Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v2
        with:
-          go-version: 1.18.x
+          go-version: 1.17.x
      - name: Prepare
        id: prep
        run: |
--- a/.github/workflows/e2e-azure.yaml
+++ b/.github/workflows/e2e-azure.yaml
@@ -12,18 +12,18 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
      - name: Restore Go cache
-        uses: actions/cache@v3
+        uses: actions/cache@v1
        with:
          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go1.18-${{ hashFiles('**/go.sum') }}
+          key: ${{ runner.os }}-go1.17-${{ hashFiles('**/go.sum') }}
          restore-keys: |
-            ${{ runner.os }}-go1.18-
+            ${{ runner.os }}-go1.17-
      - name: Setup Go
        uses: actions/setup-go@v2
        with:
-          go-version: 1.18.x
+          go-version: 1.17.x
      - name: Install libgit2
        run: |
          sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138
--- a/.github/workflows/e2e.yaml
+++ b/.github/workflows/e2e.yaml
@@ -2,32 +2,27 @@ name: e2e
 on:
  push:
-    branches: [ main ]
+    branches: [ main, e2e* ]
  pull_request:
-    branches: [ main, oci ]
+    branches: [ main ]
 jobs:
  kind:
    runs-on: ubuntu-latest
    services:
      registry:
        image: registry:2
        ports:
          - 5000:5000
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
      - name: Restore Go cache
-        uses: actions/cache@v3
+        uses: actions/cache@v1
        with:
          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go1.18-${{ hashFiles('**/go.sum') }}
+          key: ${{ runner.os }}-go1.17-${{ hashFiles('**/go.sum') }}
          restore-keys: |
-            ${{ runner.os }}-go1.18-
+            ${{ runner.os }}-go1.17-
      - name: Setup Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v2
        with:
-          go-version: 1.18.x
+          go-version: 1.17.x
      - name: Setup Kubernetes
        uses: engineerd/setup-kind@v0.5.0
        with:
@@ -173,36 +168,6 @@ jobs:
      - name: flux delete source git
        run: |
          /tmp/flux delete source git podinfo --silent
      - name: flux oci artifacts
        run: |
          /tmp/flux push artifact oci://localhost:5000/fluxcd/flux:${{ github.sha }} \
            --path="./manifests" \
            --source="${{ github.repositoryUrl }}" \
            --revision="${{ github.ref }}/${{ github.sha }}"
          /tmp/flux tag artifact oci://localhost:5000/fluxcd/flux:${{ github.sha }} \
            --tag latest
          /tmp/flux list artifacts oci://localhost:5000/fluxcd/flux
      - name: flux oci repositories
        run: |
          /tmp/flux create source oci podinfo-oci \
            --url oci://ghcr.io/stefanprodan/manifests/podinfo \
            --tag-semver 6.1.x \
            --interval 10m
          /tmp/flux create kustomization podinfo-oci \
            --source=OCIRepository/podinfo-oci \
            --path="./kustomize" \
            --prune=true \
            --interval=5m \
            --target-namespace=default \
            --wait=true \
            --health-check-timeout=3m
          /tmp/flux reconcile source oci podinfo-oci
          /tmp/flux suspend source oci podinfo-oci
          /tmp/flux get sources oci
          /tmp/flux resume source oci podinfo-oci
          /tmp/flux export source oci podinfo-oci
          /tmp/flux delete ks podinfo-oci --silent
          /tmp/flux delete source oci podinfo-oci --silent
      - name: flux create tenant
        run: |
          /tmp/flux create tenant dev-team --with-namespace=apps
--- a/.github/workflows/rebase.yaml
+++ b/.github/workflows/rebase.yaml
@@ -0,0 +1,21 @@
 name: rebase
 on:
  pull_request:
    types: [ opened ]
  issue_comment:
    types: [ created ]
 jobs:
  rebase:
    if: github.event.issue.pull_request != '' && contains(github.event.comment.body, '/rebase') && (github.event.comment.author_association == 'CONTRIBUTOR' || github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'OWNER')
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the latest code
        uses: actions/checkout@v2
        with:
          fetch-depth: 0
      - name: Automatic Rebase
        uses: cirrus-actions/rebase@1.3.1
        env:
          GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }}
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -14,18 +14,18 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
      - name: Unshallow
        run: git fetch --prune --unshallow
      - name: Setup Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v2
        with:
-          go-version: 1.18.x
+          go-version: 1.17.x
      - name: Setup QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v1
      - name: Setup Docker Buildx
        id: buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v1
      - name: Setup Syft
        uses: anchore/sbom-action/download-syft@v0
      - name: Setup Cosign
@@ -33,13 +33,13 @@ jobs:
      - name: Setup Kustomize
        uses: fluxcd/pkg//actions/kustomize@main
      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
+        uses: docker/login-action@v1
        with:
          registry: ghcr.io
          username: fluxcdbot
          password: ${{ secrets.GHCR_TOKEN }}
      - name: Login to Docker Hub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v1
        with:
          username: fluxcdbot
          password: ${{ secrets.DOCKER_FLUXCD_PASSWORD }}
@@ -73,7 +73,7 @@ jobs:
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v3
+        uses: goreleaser/goreleaser-action@v1
        with:
          version: latest
          args: release --release-notes=output/notes.md --skip-validate
--- a/.github/workflows/scan.yaml
+++ b/.github/workflows/scan.yaml
@@ -1,4 +1,4 @@
-name: scan
+name: Scan
 on:
  push:
@@ -8,16 +8,12 @@ on:
  schedule:
    - cron: '18 10 * * 3'
 permissions:
  contents: read # for actions/checkout to fetch code
  security-events: write # for codeQL to write security events
 jobs:
  fossa:
    name: FOSSA
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v2
      - name: Run FOSSA scan and upload build data
        uses: fossa-contrib/fossa-action@v1
        with:
@@ -30,7 +26,7 @@ jobs:
    runs-on: ubuntu-latest
    if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v2
      - name: Setup Kustomize
        uses: fluxcd/pkg//actions/kustomize@main
      - name: Build manifests
@@ -53,12 +49,12 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v1
        with:
          languages: go
      - name: Autobuild
-        uses: github/codeql-action/autobuild@v2
+        uses: github/codeql-action/autobuild@v1
      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v1
--- a/.github/workflows/update.yaml
+++ b/.github/workflows/update.yaml
@@ -12,11 +12,11 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
      - name: Setup Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v2
        with:
-          go-version: 1.18.x
+          go-version: 1.17.x
      - name: Update component versions
        id: update
        run: |
@@ -42,7 +42,8 @@ jobs:
            if [[ "${MOD_VERSION}" != "${LATEST_VERSION}" ]]; then
              go mod edit -require="github.com/fluxcd/$1/api@${LATEST_VERSION}"
-              make tidy
+              rm go.sum
              go mod tidy
              changed=true
            fi
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -70,7 +70,6 @@ Prerequisites:
 * go >= 1.17
 * kubectl >= 1.20
 * kustomize >= 4.4
 * coreutils (on Mac OS)
 Install the [controller-runtime/envtest](https://github.com/kubernetes-sigs/controller-runtime/tree/master/tools/setup-envtest) binaries with:
@@ -97,25 +96,6 @@ Then you can run the end-to-end tests with:
 make e2e
 ```
 When the output of the Flux CLI changes, to automatically update the golden
 files used in the test, pass `-update` flag to the test as:
 ```bash
 make e2e TEST_ARGS="-update"
 ```
 Since not all packages use golden files for testing, `-update` argument must be
 passed only for the packages that use golden files. Use the variables
 `TEST_PKG_PATH` for unit tests and `E2E_TEST_PKG_PATH` for e2e tests, to set the
 path of the target test package:
 ```bash
 # Unit test
 make test TEST_PKG_PATH="./cmd/flux" TEST_ARGS="-update"
 # e2e test
 make e2e E2E_TEST_PKG_PATH="./cmd/flux" TEST_ARGS="-update"
 ```
 Teardown the e2e environment with:
 ```bash
--- a/6
+++ b/6
@@ -1,15 +1,15 @@
-FROM alpine:3.16 as builder
+FROM alpine:3.15 as builder
 RUN apk add --no-cache ca-certificates curl
 ARG ARCH=linux/amd64
-ARG KUBECTL_VER=1.24.1
+ARG KUBECTL_VER=1.23.1
 RUN curl -sL https://storage.googleapis.com/kubernetes-release/release/v${KUBECTL_VER}/bin/${ARCH}/kubectl \
    -o /usr/local/bin/kubectl && chmod +x /usr/local/bin/kubectl && \
    kubectl version --client=true
-FROM alpine:3.16 as flux-cli
+FROM alpine:3.15 as flux-cli
 # Create minimal nsswitch.conf file to prioritize the usage of /etc/hosts over DNS queries.
 # https://github.com/gliderlabs/docker-alpine/issues/367#issuecomment-354316460
--- a/18
+++ b/18
@@ -2,7 +2,19 @@ The maintainers are generally available in Slack at
 https://cloud-native.slack.com in #flux (https://cloud-native.slack.com/messages/CLAJ40HV3)
 (obtain an invitation at https://slack.cncf.io/).
-The Flux2 maintainers team is identical with the core maintainers of the project
+These maintainers are shared with other Flux v2-related git
-as listed in
+repositories under https://github.com/fluxcd, as noted in their
 respective MAINTAINERS files.
-    https://github.com/fluxcd/community/blob/main/CORE-MAINTAINERS
+For convenience, they are reflected in the GitHub team
@fluxcd/flux2-maintainers -- if the list here changes, that team also
 should.
 In alphabetical order:
 Aurel Canciu, NexHealth <aurel.canciu@nexhealth.com> (github: @relu, slack: relu)
 Hidde Beydals, Weaveworks <hidde@weave.works> (github: @hiddeco, slack: hidde)
 Max Jonas Werner, D2iQ <max@e13.dev> (github: @makkes, slack: max)
 Philip Laine, Xenit <philip.laine@xenit.se> (github: @phillebaba, slack: phillebaba)
 Stefan Prodan, Weaveworks <stefan@weave.works> (github: @stefanprodan, slack: stefanprodan)
 Sunny, Weaveworks <sunny@weave.works> (github: @darkowlzz, slack: darkowlzz)
--- a/14
+++ b/14
@@ -1,5 +1,4 @@
 VERSION?=$(shell grep 'VERSION' cmd/flux/main.go | awk '{ print $$4 }' | head -n 1 | tr -d '"')
 DEV_VERSION?=0.0.0-$(shell git rev-parse --abbrev-ref HEAD)-$(shell git rev-parse --short HEAD)-$(shell date +%s)
 EMBEDDED_MANIFESTS_TARGET=cmd/flux/.manifests.done
 TEST_KUBECONFIG?=/tmp/flux-e2e-test-kubeconfig
 # Architecture to use envtest with
@@ -17,8 +16,8 @@ rwildcard=$(foreach d,$(wildcard $(addsuffix *,$(1))),$(call rwildcard,$(d)/,$(2
 all: test build
 tidy:
-	go mod tidy -compat=1.17
+	go mod tidy
-	cd tests/azure && go mod tidy -compat=1.17
+	cd tests/azure && go mod tidy
 fmt:
 	go fmt ./...
@@ -36,13 +35,11 @@ cleanup-kind:
 	rm $(TEST_KUBECONFIG)
 KUBEBUILDER_ASSETS?="$(shell $(ENVTEST) --arch=$(ENVTEST_ARCH) use -i $(ENVTEST_KUBERNETES_VERSION) --bin-dir=$(ENVTEST_ASSETS_DIR) -p path)"
 TEST_PKG_PATH="./..."
 test: $(EMBEDDED_MANIFESTS_TARGET) tidy fmt vet install-envtest
-	KUBEBUILDER_ASSETS="$(KUBEBUILDER_ASSETS)" go test $(TEST_PKG_PATH) -coverprofile cover.out --tags=unit $(TEST_ARGS)
+	KUBEBUILDER_ASSETS="$(KUBEBUILDER_ASSETS)" go test ./... -coverprofile cover.out --tags=unit
 E2E_TEST_PKG_PATH="./cmd/flux/..."
 e2e: $(EMBEDDED_MANIFESTS_TARGET) tidy fmt vet
-	TEST_KUBECONFIG=$(TEST_KUBECONFIG) go test $(E2E_TEST_PKG_PATH) -coverprofile e2e.cover.out --tags=e2e -v -failfast $(TEST_ARGS)
+	TEST_KUBECONFIG=$(TEST_KUBECONFIG) go test ./cmd/flux/... -coverprofile e2e.cover.out --tags=e2e -v -failfast
 test-with-kind: install-envtest
 	make setup-kind
@@ -56,9 +53,6 @@ $(EMBEDDED_MANIFESTS_TARGET): $(call rwildcard,manifests/,*.yaml *.json)
 build: $(EMBEDDED_MANIFESTS_TARGET)
 	CGO_ENABLED=0 go build -ldflags="-s -w -X main.VERSION=$(VERSION)" -o ./bin/flux ./cmd/flux
 build-dev: $(EMBEDDED_MANIFESTS_TARGET)
 	CGO_ENABLED=0 go build -ldflags="-s -w -X main.VERSION=$(DEV_VERSION)" -o ./bin/flux ./cmd/flux
 .PHONY: install
 install:
 	CGO_ENABLED=0 go install ./cmd/flux
--- a/action/README.md
+++ b/action/README.md
@@ -32,7 +32,7 @@ You can download a specific version with:
      - name: Setup Flux CLI
        uses: fluxcd/flux2/action@main
        with:
-          version: 0.32.0
+          version: 0.8.0
 ```
 ### Automate Flux updates
@@ -74,92 +74,6 @@ jobs:
              ${{ steps.update.outputs.flux_version }}
 ```
 ### Push Kubernetes manifests to container registries
 Example workflow for publishing Kubernetes manifests bundled as OCI artifacts to GitHub Container Registry:
 ```yaml
 name: push-artifact-staging
 on:
  push:
    branches:
      - 'main'
 permissions:
  packages: write # needed for ghcr.io access
 env:
  OCI_REPO: "oci://ghcr.io/my-org/manifests/${{ github.event.repository.name }}"
 jobs:
  kubernetes:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Setup Flux CLI
        uses: fluxcd/flux2/action@main
      - name: Login to GHCR
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Generate manifests
        run: |
          kustomize build ./manifests/staging > ./deploy/app.yaml
      - name: Push manifests
        run: |
          flux push artifact $OCI_REPO:$(git rev-parse --short HEAD) \
            --path="./deploy" \
            --source="$(git config --get remote.origin.url)" \
            --revision="$(git branch --show-current)/$(git rev-parse HEAD)"
      - name: Deploy manifests to staging
        run: |
          flux tag artifact $OCI_REPO:$(git rev-parse --short HEAD) --tag staging
 ```
 Example workflow for publishing Kubernetes manifests bundled as OCI artifacts to Docker Hub:
 ```yaml
 name: push-artifact-production
 on:
  push:
    tags:
      - '*'
 env:
  OCI_REPO: "oci://docker.io/my-org/app-config"
 jobs:
  kubernetes:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Setup Flux CLI
        uses: fluxcd/flux2/action@main
      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
      - name: Generate manifests
        run: |
          kustomize build ./manifests/production > ./deploy/app.yaml
      - name: Push manifests
        run: |
          flux push artifact $OCI_REPO:$(git tag --points-at HEAD) \
            --path="./deploy" \
            --source="$(git config --get remote.origin.url)" \
            --revision="$(git tag --points-at HEAD)/$(git rev-parse HEAD)"
      - name: Deploy manifests to production
        run: |
          flux tag artifact $OCI_REPO:$(git tag --points-at HEAD) --tag production
 ```
 ### End-to-end testing
 Example workflow for running Flux in Kubernetes Kind:
--- a/cmd/flux/bootstrap.go
+++ b/cmd/flux/bootstrap.go
@@ -19,13 +19,13 @@ package main
 import (
 	"crypto/elliptic"
 	"fmt"
 	"os"
 	"strings"
 	"github.com/spf13/cobra"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/flux2/pkg/manifestgen"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sourcesecret"
 )
@@ -88,7 +88,7 @@ func init() {
 	bootstrapCmd.PersistentFlags().StringSliceVar(&bootstrapArgs.defaultComponents, "components", rootArgs.defaults.Components,
 		"list of components, accepts comma-separated values")
 	bootstrapCmd.PersistentFlags().StringSliceVar(&bootstrapArgs.extraComponents, "components-extra", nil,
-		"list of components in addition to those supplied or defaulted, accepts values such as 'image-reflector-controller,image-automation-controller'")
+		"list of components in addition to those supplied or defaulted, accepts comma-separated values")
 	bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.registry, "registry", "ghcr.io/fluxcd",
 		"container registry where the toolkit images are published")
@@ -154,7 +154,7 @@ func buildEmbeddedManifestBase() (string, error) {
 	if !isEmbeddedVersion(bootstrapArgs.version) {
 		return "", nil
 	}
-	tmpBaseDir, err := manifestgen.MkdirTempAbs("", "flux-manifests-")
+	tmpBaseDir, err := os.MkdirTemp("", "flux-manifests-")
 	if err != nil {
 		return "", err
 	}
--- a/cmd/flux/bootstrap_bitbucket_server.go
+++ b/cmd/flux/bootstrap_bitbucket_server.go
@@ -30,7 +30,6 @@ import (
 	"github.com/fluxcd/flux2/internal/bootstrap/provider"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/flux2/pkg/manifestgen"
 	"github.com/fluxcd/flux2/pkg/manifestgen/install"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sourcesecret"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sync"
@@ -122,7 +121,7 @@ func bootstrapBServerCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
@@ -166,7 +165,7 @@ func bootstrapBServerCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	// Lazy go-git repository
-	tmpDir, err := manifestgen.MkdirTempAbs("", "flux-bootstrap-")
+	tmpDir, err := os.MkdirTemp("", "flux-bootstrap-")
 	if err != nil {
 		return fmt.Errorf("failed to create temporary working dir: %w", err)
 	}
@@ -252,7 +251,7 @@ func bootstrapBServerCmdRun(cmd *cobra.Command, args []string) error {
 		bootstrap.WithCommitMessageAppendix(bootstrapArgs.commitMessageAppendix),
 		bootstrap.WithProviderTeamPermissions(mapTeamSlice(bServerArgs.teams, bServerDefaultPermission)),
 		bootstrap.WithReadWriteKeyPermissions(bServerArgs.readWriteKey),
-		bootstrap.WithKubeconfig(kubeconfigArgs, kubeclientOptions),
+		bootstrap.WithKubeconfig(kubeconfigArgs),
 		bootstrap.WithLogger(logger),
 		bootstrap.WithCABundle(caBundle),
 		bootstrap.WithGitCommitSigning(bootstrapArgs.gpgKeyRingPath, bootstrapArgs.gpgPassphrase, bootstrapArgs.gpgKeyID),
--- a/cmd/flux/bootstrap_git.go
+++ b/cmd/flux/bootstrap_git.go
@@ -35,7 +35,6 @@ import (
 	"github.com/fluxcd/flux2/internal/bootstrap/git/gogit"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/flux2/pkg/manifestgen"
 	"github.com/fluxcd/flux2/pkg/manifestgen/install"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sourcesecret"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sync"
@@ -54,9 +53,6 @@ command will perform an upgrade if needed.`,
  # Run bootstrap for a Git repository and authenticate using a password
  flux bootstrap git --url=https://example.com/repository.git --password=<password>
  # Run bootstrap for a Git repository and authenticate using a password from environment variable
  GIT_PASSWORD=<password> && flux bootstrap git --url=https://example.com/repository.git
  # Run bootstrap for a Git repository with a passwordless private key
  flux bootstrap git --url=ssh://git@example.com/repository.git --private-key-file=<path/to/private.key>
@@ -67,19 +63,14 @@ command will perform an upgrade if needed.`,
 }
 type gitFlags struct {
-	url                 string
+	url      string
-	interval            time.Duration
+	interval time.Duration
-	path                flags.SafeRelativePath
+	path     flags.SafeRelativePath
-	username            string
+	username string
-	password            string
+	password string
-	silent              bool
+	silent   bool
 	insecureHttpAllowed bool
 }
 const (
 	gitPasswordEnvVar = "GIT_PASSWORD"
 )
 var gitArgs gitFlags
 func init() {
@@ -89,25 +80,11 @@ func init() {
 	bootstrapGitCmd.Flags().StringVarP(&gitArgs.username, "username", "u", "git", "basic authentication username")
 	bootstrapGitCmd.Flags().StringVarP(&gitArgs.password, "password", "p", "", "basic authentication password")
 	bootstrapGitCmd.Flags().BoolVarP(&gitArgs.silent, "silent", "s", false, "assumes the deploy key is already setup, skips confirmation")
 	bootstrapGitCmd.Flags().BoolVar(&gitArgs.insecureHttpAllowed, "allow-insecure-http", false, "allows http git url connections")
 	bootstrapCmd.AddCommand(bootstrapGitCmd)
 }
 func bootstrapGitCmdRun(cmd *cobra.Command, args []string) error {
 	gitPassword := os.Getenv(gitPasswordEnvVar)
 	if gitPassword != "" && gitArgs.password == "" {
 		gitArgs.password = gitPassword
 	}
 	if bootstrapArgs.tokenAuth && gitArgs.password == "" {
 		var err error
 		gitPassword, err = readPasswordFromStdin("Please enter your Git repository password: ")
 		if err != nil {
 			return fmt.Errorf("could not read token: %w", err)
 		}
 		gitArgs.password = gitPassword
 	}
 	if err := bootstrapValidate(); err != nil {
 		return err
 	}
@@ -124,7 +101,7 @@ func bootstrapGitCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
@@ -140,7 +117,7 @@ func bootstrapGitCmdRun(cmd *cobra.Command, args []string) error {
 	defer os.RemoveAll(manifestsBase)
 	// Lazy go-git repository
-	tmpDir, err := manifestgen.MkdirTempAbs("", "flux-bootstrap-")
+	tmpDir, err := os.MkdirTemp("", "flux-bootstrap-")
 	if err != nil {
 		return fmt.Errorf("failed to create temporary working dir: %w", err)
 	}
@@ -248,7 +225,7 @@ func bootstrapGitCmdRun(cmd *cobra.Command, args []string) error {
 		bootstrap.WithBranch(bootstrapArgs.branch),
 		bootstrap.WithAuthor(bootstrapArgs.authorName, bootstrapArgs.authorEmail),
 		bootstrap.WithCommitMessageAppendix(bootstrapArgs.commitMessageAppendix),
-		bootstrap.WithKubeconfig(kubeconfigArgs, kubeclientOptions),
+		bootstrap.WithKubeconfig(kubeconfigArgs),
 		bootstrap.WithPostGenerateSecretFunc(promptPublicKey),
 		bootstrap.WithLogger(logger),
 		bootstrap.WithCABundle(caBundle),
@@ -271,14 +248,6 @@ func bootstrapGitCmdRun(cmd *cobra.Command, args []string) error {
 // SSH-agent is attempted.
 func transportForURL(u *url.URL) (transport.AuthMethod, error) {
 	switch u.Scheme {
 	case "http":
 		if !gitArgs.insecureHttpAllowed {
 			return nil, fmt.Errorf("scheme http is insecure, pass --allow-insecure-http=true to allow it")
 		}
 		return &http.BasicAuth{
 			Username: gitArgs.username,
 			Password: gitArgs.password,
 		}, nil
 	case "https":
 		return &http.BasicAuth{
 			Username: gitArgs.username,
--- a/cmd/flux/bootstrap_github.go
+++ b/cmd/flux/bootstrap_github.go
@@ -30,7 +30,6 @@ import (
 	"github.com/fluxcd/flux2/internal/bootstrap/provider"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/flux2/pkg/manifestgen"
 	"github.com/fluxcd/flux2/pkg/manifestgen/install"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sourcesecret"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sync"
@@ -126,7 +125,7 @@ func bootstrapGitHubCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
@@ -162,7 +161,7 @@ func bootstrapGitHubCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	// Lazy go-git repository
-	tmpDir, err := manifestgen.MkdirTempAbs("", "flux-bootstrap-")
+	tmpDir, err := os.MkdirTemp("", "flux-bootstrap-")
 	if err != nil {
 		return fmt.Errorf("failed to create temporary working dir: %w", err)
 	}
@@ -241,7 +240,7 @@ func bootstrapGitHubCmdRun(cmd *cobra.Command, args []string) error {
 		bootstrap.WithCommitMessageAppendix(bootstrapArgs.commitMessageAppendix),
 		bootstrap.WithProviderTeamPermissions(mapTeamSlice(githubArgs.teams, ghDefaultPermission)),
 		bootstrap.WithReadWriteKeyPermissions(githubArgs.readWriteKey),
-		bootstrap.WithKubeconfig(kubeconfigArgs, kubeclientOptions),
+		bootstrap.WithKubeconfig(kubeconfigArgs),
 		bootstrap.WithLogger(logger),
 		bootstrap.WithCABundle(caBundle),
 		bootstrap.WithGitCommitSigning(bootstrapArgs.gpgKeyRingPath, bootstrapArgs.gpgPassphrase, bootstrapArgs.gpgKeyID),
--- a/cmd/flux/bootstrap_gitlab.go
+++ b/cmd/flux/bootstrap_gitlab.go
@@ -32,7 +32,6 @@ import (
 	"github.com/fluxcd/flux2/internal/bootstrap/provider"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/flux2/pkg/manifestgen"
 	"github.com/fluxcd/flux2/pkg/manifestgen/install"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sourcesecret"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sync"
@@ -130,7 +129,7 @@ func bootstrapGitLabCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
@@ -173,7 +172,7 @@ func bootstrapGitLabCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	// Lazy go-git repository
-	tmpDir, err := manifestgen.MkdirTempAbs("", "flux-bootstrap-")
+	tmpDir, err := os.MkdirTemp("", "flux-bootstrap-")
 	if err != nil {
 		return fmt.Errorf("failed to create temporary working dir: %w", err)
 	}
@@ -255,7 +254,7 @@ func bootstrapGitLabCmdRun(cmd *cobra.Command, args []string) error {
 		bootstrap.WithCommitMessageAppendix(bootstrapArgs.commitMessageAppendix),
 		bootstrap.WithProviderTeamPermissions(mapTeamSlice(gitlabArgs.teams, glDefaultPermission)),
 		bootstrap.WithReadWriteKeyPermissions(gitlabArgs.readWriteKey),
-		bootstrap.WithKubeconfig(kubeconfigArgs, kubeclientOptions),
+		bootstrap.WithKubeconfig(kubeconfigArgs),
 		bootstrap.WithLogger(logger),
 		bootstrap.WithCABundle(caBundle),
 		bootstrap.WithGitCommitSigning(bootstrapArgs.gpgKeyRingPath, bootstrapArgs.gpgPassphrase, bootstrapArgs.gpgKeyID),
--- a/cmd/flux/build_artifact.go
+++ b/cmd/flux/build_artifact.go
@@ -1,73 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"fmt"
 	"os"
 	"github.com/spf13/cobra"
 	oci "github.com/fluxcd/pkg/oci/client"
 )
 var buildArtifactCmd = &cobra.Command{
 	Use:   "artifact",
 	Short: "Build artifact",
 	Long:  `The build artifact command creates a tgz file with the manifests from the given directory.`,
 	Example: `  # Build the given manifests directory into an artifact
  flux build artifact --path ./path/to/local/manifests --output ./path/to/artifact.tgz
  # List the files bundled in the artifact
  tar -ztvf ./path/to/artifact.tgz
 `,
 	RunE: buildArtifactCmdRun,
 }
 type buildArtifactFlags struct {
 	output string
 	path   string
 }
 var buildArtifactArgs buildArtifactFlags
 func init() {
 	buildArtifactCmd.Flags().StringVar(&buildArtifactArgs.path, "path", "", "Path to the directory where the Kubernetes manifests are located.")
 	buildArtifactCmd.Flags().StringVarP(&buildArtifactArgs.output, "output", "o", "artifact.tgz", "Path to where the artifact tgz file should be written.")
 	buildCmd.AddCommand(buildArtifactCmd)
 }
 func buildArtifactCmdRun(cmd *cobra.Command, args []string) error {
 	if buildArtifactArgs.path == "" {
 		return fmt.Errorf("invalid path %q", buildArtifactArgs.path)
 	}
 	if fs, err := os.Stat(buildArtifactArgs.path); err != nil || !fs.IsDir() {
 		return fmt.Errorf("invalid path '%s', must point to an existing directory", buildArtifactArgs.path)
 	}
 	logger.Actionf("building artifact from %s", buildArtifactArgs.path)
 	ociClient := oci.NewLocalClient()
 	if err := ociClient.Build(buildArtifactArgs.output, buildArtifactArgs.path); err != nil {
 		return fmt.Errorf("bulding artifact failed, error: %w", err)
 	}
 	logger.Successf("artifact created at %s", buildArtifactArgs.output)
 	return nil
 }
--- a/cmd/flux/build_kustomization.go
+++ b/cmd/flux/build_kustomization.go
@@ -33,28 +33,21 @@ var buildKsCmd = &cobra.Command{
 	Short:   "Build Kustomization",
 	Long: `The build command queries the Kubernetes API and fetches the specified Flux Kustomization. 
 It then uses the fetched in cluster flux kustomization to perform needed transformation on the local kustomization.yaml
-pointed at by --path. The local kustomization.yaml is generated if it does not exist. Finally it builds the overlays using the local kustomization.yaml, and write the resulting multi-doc YAML to stdout.
+pointed at by --path. The local kustomization.yaml is generated if it does not exist. Finally it builds the overlays using the local kustomization.yaml, and write the resulting multi-doc YAML to stdout.`,
 It is possible to specify a Flux kustomization file using --kustomization-file.`,
 	Example: `# Build the local manifests as they were built on the cluster
-flux build kustomization my-app --path ./path/to/local/manifests
+flux build kustomization my-app --path ./path/to/local/manifests`,
 # Build using a local flux kustomization file
 flux build kustomization my-app --path ./path/to/local/manifests --kustomization-file ./path/to/local/my-app.yaml`,
 	ValidArgsFunction: resourceNamesCompletionFunc(kustomizev1.GroupVersion.WithKind(kustomizev1.KustomizationKind)),
 	RunE:              buildKsCmdRun,
 }
 type buildKsFlags struct {
-	kustomizationFile string
+	path string
 	path              string
 }
 var buildKsArgs buildKsFlags
 func init() {
-	buildKsCmd.Flags().StringVar(&buildKsArgs.path, "path", "", "Path to the manifests location.")
+	buildKsCmd.Flags().StringVar(&buildKsArgs.path, "path", "", "Path to the manifests location.)")
 	buildKsCmd.Flags().StringVar(&buildKsArgs.kustomizationFile, "kustomization-file", "", "Path to the Flux Kustomization YAML file.")
 	buildCmd.AddCommand(buildKsCmd)
 }
@@ -72,13 +65,7 @@ func buildKsCmdRun(cmd *cobra.Command, args []string) error {
 		return fmt.Errorf("invalid resource path %q", buildKsArgs.path)
 	}
-	if buildKsArgs.kustomizationFile != "" {
+	builder, err := build.NewBuilder(kubeconfigArgs, name, buildKsArgs.path, build.WithTimeout(rootArgs.timeout))
 		if fs, err := os.Stat(buildKsArgs.kustomizationFile); os.IsNotExist(err) || fs.IsDir() {
 			return fmt.Errorf("invalid kustomization file %q", buildKsArgs.kustomizationFile)
 		}
 	}
 	builder, err := build.NewBuilder(kubeconfigArgs, kubeclientOptions, name, buildKsArgs.path, build.WithTimeout(rootArgs.timeout), build.WithKustomizationFile(buildKsArgs.kustomizationFile))
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/build_kustomization_test.go
+++ b/cmd/flux/build_kustomization_test.go
@@ -20,10 +20,7 @@ limitations under the License.
 package main
 import (
 	"bytes"
 	"os"
 	"testing"
 	"text/template"
 )
 func setup(t *testing.T, tmpl map[string]string) {
@@ -57,12 +54,6 @@ func TestBuildKustomization(t *testing.T) {
 			resultFile: "./testdata/build-kustomization/podinfo-without-service-result.yaml",
 			assertFunc: "assertGoldenTemplateFile",
 		},
 		{
 			name:       "build deployment and configmap with var substitution",
 			args:       "build kustomization podinfo --path ./testdata/build-kustomization/var-substitution",
 			resultFile: "./testdata/build-kustomization/podinfo-with-var-substitution-result.yaml",
 			assertFunc: "assertGoldenTemplateFile",
 		},
 	}
 	tmpl := map[string]string{
@@ -90,101 +81,3 @@ func TestBuildKustomization(t *testing.T) {
 		})
 	}
 }
 func TestBuildLocalKustomization(t *testing.T) {
 	podinfo := `apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
 kind: Kustomization
 metadata:
  name: podinfo
  namespace: {{ .fluxns }}
 spec:
  interval: 5m0s
  path: ./kustomize
  force: true
  prune: true
  sourceRef:
    kind: GitRepository
    name: podinfo
  targetNamespace: default
  postBuild:
    substitute:
      cluster_env: "prod"
      cluster_region: "eu-central-1"
 `
 	tests := []struct {
 		name       string
 		args       string
 		resultFile string
 		assertFunc string
 	}{
 		{
 			name:       "no args",
 			args:       "build kustomization podinfo --kustomization-file ./wrongfile/ --path ./testdata/build-kustomization/podinfo",
 			resultFile: "invalid kustomization file \"./wrongfile/\"",
 			assertFunc: "assertError",
 		},
 		{
 			name:       "build podinfo",
 			args:       "build kustomization podinfo --kustomization-file ./testdata/build-kustomization/podinfo.yaml --path ./testdata/build-kustomization/podinfo",
 			resultFile: "./testdata/build-kustomization/podinfo-result.yaml",
 			assertFunc: "assertGoldenTemplateFile",
 		},
 		{
 			name:       "build podinfo without service",
 			args:       "build kustomization podinfo --kustomization-file ./testdata/build-kustomization/podinfo.yaml --path ./testdata/build-kustomization/delete-service",
 			resultFile: "./testdata/build-kustomization/podinfo-without-service-result.yaml",
 			assertFunc: "assertGoldenTemplateFile",
 		},
 		{
 			name:       "build deployment and configmap with var substitution",
 			args:       "build kustomization podinfo --kustomization-file ./testdata/build-kustomization/podinfo.yaml --path ./testdata/build-kustomization/var-substitution",
 			resultFile: "./testdata/build-kustomization/podinfo-with-var-substitution-result.yaml",
 			assertFunc: "assertGoldenTemplateFile",
 		},
 	}
 	tmpl := map[string]string{
 		"fluxns": allocateNamespace("flux-system"),
 	}
 	testEnv.CreateObjectFile("./testdata/build-kustomization/podinfo-source.yaml", tmpl, t)
 	temp, err := template.New("podinfo").Parse(podinfo)
 	if err != nil {
 		t.Fatal(err)
 	}
 	var b bytes.Buffer
 	err = temp.Execute(&b, tmpl)
 	if err != nil {
 		t.Fatal(err)
 	}
 	err = os.WriteFile("./testdata/build-kustomization/podinfo.yaml", b.Bytes(), 0666)
 	if err != nil {
 		t.Fatal(err)
 	}
 	defer os.Remove("./testdata/build-kustomization/podinfo.yaml")
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			var assert assertFunc
 			switch tt.assertFunc {
 			case "assertGoldenTemplateFile":
 				assert = assertGoldenTemplateFile(tt.resultFile, tmpl)
 			case "assertError":
 				assert = assertError(tt.resultFile)
 			}
 			cmd := cmdTestCase{
 				args:   tt.args + " -n " + tmpl["fluxns"],
 				assert: assert,
 			}
 			cmd.runTestCmd(t)
 		})
 	}
 }
--- a/cmd/flux/check.go
+++ b/cmd/flux/check.go
@@ -24,7 +24,6 @@ import (
 	"github.com/Masterminds/semver/v3"
 	"github.com/spf13/cobra"
 	v1 "k8s.io/api/apps/v1"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	"k8s.io/client-go/kubernetes"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -96,17 +95,9 @@ func runCheckCmd(cmd *cobra.Command, args []string) error {
 	if !componentsCheck() {
 		checkFailed = true
 	}
 	logger.Actionf("checking crds")
 	if !crdsCheck() {
 		checkFailed = true
 	}
 	if checkFailed {
 		logger.Failuref("check failed")
 		os.Exit(1)
 	}
 	logger.Successf("all checks passed")
 	return nil
 }
@@ -134,7 +125,7 @@ func fluxCheck() {
 }
 func kubernetesCheck(constraints []string) bool {
-	cfg, err := utils.KubeConfig(kubeconfigArgs, kubeclientOptions)
+	cfg, err := utils.KubeConfig(kubeconfigArgs)
 	if err != nil {
 		logger.Failuref("Kubernetes client initialization failed: %s", err.Error())
 		return false
@@ -182,7 +173,7 @@ func componentsCheck() bool {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeConfig, err := utils.KubeConfig(kubeconfigArgs, kubeclientOptions)
+	kubeConfig, err := utils.KubeConfig(kubeconfigArgs)
 	if err != nil {
 		return false
 	}
@@ -192,7 +183,7 @@ func componentsCheck() bool {
 		return false
 	}
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return false
 	}
@@ -200,14 +191,7 @@ func componentsCheck() bool {
 	ok := true
 	selector := client.MatchingLabels{manifestgen.PartOfLabelKey: manifestgen.PartOfLabelValue}
 	var list v1.DeploymentList
-	ns := *kubeconfigArgs.Namespace
+	if err := kubeClient.List(ctx, &list, client.InNamespace(*kubeconfigArgs.Namespace), selector); err == nil {
 	if err := kubeClient.List(ctx, &list, client.InNamespace(ns), selector); err == nil {
 		if len(list.Items) == 0 {
 			logger.Failuref("no controllers found in the '%s' namespace with the label selector '%s=%s'",
 				ns, manifestgen.PartOfLabelKey, manifestgen.PartOfLabelValue)
 			return false
 		}
 		for _, d := range list.Items {
 			if ref, err := buildComponentObjectRefs(d.Name); err == nil {
 				if err := statusChecker.Assess(ref...); err != nil {
@@ -221,34 +205,3 @@ func componentsCheck() bool {
 	}
 	return ok
 }
 func crdsCheck() bool {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
 	if err != nil {
 		return false
 	}
 	ok := true
 	selector := client.MatchingLabels{manifestgen.PartOfLabelKey: manifestgen.PartOfLabelValue}
 	var list apiextensionsv1.CustomResourceDefinitionList
 	if err := kubeClient.List(ctx, &list, client.InNamespace(*kubeconfigArgs.Namespace), selector); err == nil {
 		if len(list.Items) == 0 {
 			logger.Failuref("no crds found with the label selector '%s=%s'",
 				manifestgen.PartOfLabelKey, manifestgen.PartOfLabelValue)
 			return false
 		}
 		for _, crd := range list.Items {
 			if len(crd.Status.StoredVersions) > 0 {
 				logger.Successf(crd.Name + "/" + crd.Status.StoredVersions[0])
 			} else {
 				ok = false
 				logger.Failuref("no stored versions for %s", crd.Name)
 			}
 		}
 	}
 	return ok
 }
--- a/cmd/flux/check_test.go
+++ b/cmd/flux/check_test.go
@@ -26,6 +26,7 @@ import (
 	"testing"
 	"github.com/fluxcd/flux2/internal/utils"
 	"k8s.io/apimachinery/pkg/version"
 )
 func TestCheckPre(t *testing.T) {
@@ -34,19 +35,17 @@ func TestCheckPre(t *testing.T) {
 		t.Fatalf("Error running utils.ExecKubectlCommand: %v", err.Error())
 	}
-	var versions map[string]interface{}
+	var versions map[string]version.Info
 	if err := json.Unmarshal([]byte(jsonOutput), &versions); err != nil {
-		t.Fatalf("Error unmarshalling '%s': %v", jsonOutput, err.Error())
+		t.Fatalf("Error unmarshalling: %v", err.Error())
 	}
-	serverGitVersion := strings.TrimPrefix(
+	serverVersion := strings.TrimPrefix(versions["serverVersion"].GitVersion, "v")
 		versions["serverVersion"].(map[string]interface{})["gitVersion"].(string),
 		"v")
 	cmd := cmdTestCase{
 		args: "check --pre",
 		assert: assertGoldenTemplateFile("testdata/check/check_pre.golden", map[string]string{
-			"serverVersion": serverGitVersion,
+			"serverVersion": serverVersion,
 		}),
 	}
 	cmd.runTestCmd(t)
--- a/cmd/flux/completion.go
+++ b/cmd/flux/completion.go
@@ -60,7 +60,7 @@ func resourceNamesCompletionFunc(gvk schema.GroupVersionKind) func(cmd *cobra.Co
 		ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 		defer cancel()
-		cfg, err := utils.KubeConfig(kubeconfigArgs, kubeclientOptions)
+		cfg, err := utils.KubeConfig(kubeconfigArgs)
 		if err != nil {
 			return completionError(err)
 		}
--- a/cmd/flux/create.go
+++ b/cmd/flux/create.go
@@ -117,7 +117,7 @@ func (names apiType) upsertAndWait(object upsertWaitable, mutate func() error) e
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions) // NB globals
+	kubeClient, err := utils.KubeClient(kubeconfigArgs) // NB globals
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/create_alert.go
+++ b/cmd/flux/create_alert.go
@@ -119,7 +119,7 @@ func createAlertCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/create_alertprovider.go
+++ b/cmd/flux/create_alertprovider.go
@@ -115,7 +115,7 @@ func createAlertProviderCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/create_helmrelease.go
+++ b/cmd/flux/create_helmrelease.go
@@ -21,8 +21,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"os"
 	"strings"
 	"time"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
@@ -110,26 +108,21 @@ var createHelmReleaseCmd = &cobra.Command{
 }
 type helmReleaseFlags struct {
-	name                string
+	name            string
-	source              flags.HelmChartSource
+	source          flags.HelmChartSource
-	dependsOn           []string
+	dependsOn       []string
-	chart               string
+	chart           string
-	chartVersion        string
+	chartVersion    string
-	targetNamespace     string
+	targetNamespace string
-	createNamespace     bool
+	createNamespace bool
-	valuesFiles         []string
+	valuesFiles     []string
-	valuesFrom          []string
+	valuesFrom      flags.HelmReleaseValuesFrom
-	saName              string
+	saName          string
-	crds                flags.CRDsPolicy
+	crds            flags.CRDsPolicy
 	reconcileStrategy   string
 	chartInterval       time.Duration
 	kubeConfigSecretRef string
 }
 var helmReleaseArgs helmReleaseFlags
 var supportedHelmReleaseValuesFromKinds = []string{"Secret", "ConfigMap"}
 func init() {
 	createHelmReleaseCmd.Flags().StringVar(&helmReleaseArgs.name, "release-name", "", "name used for the Helm release, defaults to a composition of '[<target-namespace>-]<HelmRelease-name>'")
 	createHelmReleaseCmd.Flags().Var(&helmReleaseArgs.source, "source", helmReleaseArgs.source.Description())
@@ -139,12 +132,9 @@ func init() {
 	createHelmReleaseCmd.Flags().StringVar(&helmReleaseArgs.targetNamespace, "target-namespace", "", "namespace to install this release, defaults to the HelmRelease namespace")
 	createHelmReleaseCmd.Flags().BoolVar(&helmReleaseArgs.createNamespace, "create-target-namespace", false, "create the target namespace if it does not exist")
 	createHelmReleaseCmd.Flags().StringVar(&helmReleaseArgs.saName, "service-account", "", "the name of the service account to impersonate when reconciling this HelmRelease")
 	createHelmReleaseCmd.Flags().StringVar(&helmReleaseArgs.reconcileStrategy, "reconcile-strategy", "ChartVersion", "the reconcile strategy for helm chart created by the helm release(accepted values: Revision and ChartRevision)")
 	createHelmReleaseCmd.Flags().DurationVarP(&helmReleaseArgs.chartInterval, "chart-interval", "", 0, "the interval of which to check for new chart versions")
 	createHelmReleaseCmd.Flags().StringSliceVar(&helmReleaseArgs.valuesFiles, "values", nil, "local path to values.yaml files, also accepts comma-separated values")
-	createHelmReleaseCmd.Flags().StringSliceVar(&helmReleaseArgs.valuesFrom, "values-from", nil, "a Kubernetes object reference that contains the values.yaml data key in the format '<kind>/<name>', where kind must be one of: (Secret,ConfigMap)")
+	createHelmReleaseCmd.Flags().Var(&helmReleaseArgs.valuesFrom, "values-from", helmReleaseArgs.valuesFrom.Description())
 	createHelmReleaseCmd.Flags().Var(&helmReleaseArgs.crds, "crds", helmReleaseArgs.crds.Description())
 	createHelmReleaseCmd.Flags().StringVar(&helmReleaseArgs.kubeConfigSecretRef, "kubeconfig-secret-ref", "", "the name of the Kubernetes Secret that contains a key with the kubeconfig file for connecting to a remote cluster")
 	createCmd.AddCommand(createHelmReleaseCmd)
 }
@@ -164,11 +154,6 @@ func createHelmReleaseCmdRun(cmd *cobra.Command, args []string) error {
 		logger.Generatef("generating HelmRelease")
 	}
 	if !validateStrategy(helmReleaseArgs.reconcileStrategy) {
 		return fmt.Errorf("'%s' is an invalid reconcile strategy(valid: Revision, ChartVersion)",
 			helmReleaseArgs.reconcileStrategy)
 	}
 	helmRelease := helmv2.HelmRelease{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
@@ -192,27 +177,12 @@ func createHelmReleaseCmdRun(cmd *cobra.Command, args []string) error {
 						Name:      helmReleaseArgs.source.Name,
 						Namespace: helmReleaseArgs.source.Namespace,
 					},
 					ReconcileStrategy: helmReleaseArgs.reconcileStrategy,
 				},
 			},
 			Suspend: false,
 		},
 	}
 	if helmReleaseArgs.kubeConfigSecretRef != "" {
 		helmRelease.Spec.KubeConfig = &helmv2.KubeConfig{
 			SecretRef: meta.SecretKeyReference{
 				Name: helmReleaseArgs.kubeConfigSecretRef,
 			},
 		}
 	}
 	if helmReleaseArgs.chartInterval != 0 {
 		helmRelease.Spec.Chart.Spec.Interval = &metav1.Duration{
 			Duration: helmReleaseArgs.chartInterval,
 		}
 	}
 	if helmReleaseArgs.createNamespace {
 		if helmRelease.Spec.Install == nil {
 			helmRelease.Spec.Install = &helmv2.Install{}
@@ -263,25 +233,11 @@ func createHelmReleaseCmdRun(cmd *cobra.Command, args []string) error {
 		helmRelease.Spec.Values = &apiextensionsv1.JSON{Raw: jsonRaw}
 	}
-	if len(helmReleaseArgs.valuesFrom) != 0 {
+	if helmReleaseArgs.valuesFrom.String() != "" {
-		values := []helmv2.ValuesReference{}
+		helmRelease.Spec.ValuesFrom = []helmv2.ValuesReference{{
-		for _, value := range helmReleaseArgs.valuesFrom {
+			Kind: helmReleaseArgs.valuesFrom.Kind,
-			sourceKind, sourceName := utils.ParseObjectKindName(value)
+			Name: helmReleaseArgs.valuesFrom.Name,
-			if sourceKind == "" {
+		}}
 				return fmt.Errorf("invalid Kubernetes object reference '%s', must be in format <kind>/<name>", value)
 			}
 			cleanSourceKind, ok := utils.ContainsEqualFoldItemString(supportedHelmReleaseValuesFromKinds, sourceKind)
 			if !ok {
 				return fmt.Errorf("reference kind '%s' is not supported, must be one of: %s",
 					sourceKind, strings.Join(supportedHelmReleaseValuesFromKinds, ", "))
 			}
 			values = append(values, helmv2.ValuesReference{
 				Name: sourceName,
 				Kind: cleanSourceKind,
 			})
 		}
 		helmRelease.Spec.ValuesFrom = values
 	}
 	if createArgs.export {
@@ -291,7 +247,7 @@ func createHelmReleaseCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
@@ -360,15 +316,3 @@ func isHelmReleaseReady(ctx context.Context, kubeClient client.Client,
 		return apimeta.IsStatusConditionTrue(helmRelease.Status.Conditions, meta.ReadyCondition), nil
 	}
 }
 func validateStrategy(input string) bool {
 	allowedStrategy := []string{"Revision", "ChartVersion"}
 	for _, strategy := range allowedStrategy {
 		if strategy == input {
 			return true
 		}
 	}
 	return false
 }
--- a/cmd/flux/create_image_update.go
+++ b/cmd/flux/create_image_update.go
@@ -23,7 +23,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	autov1 "github.com/fluxcd/image-automation-controller/api/v1beta1"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var createImageUpdateCmd = &cobra.Command{
--- a/cmd/flux/create_kustomization.go
+++ b/cmd/flux/create_kustomization.go
@@ -42,21 +42,22 @@ var createKsCmd = &cobra.Command{
 	Use:     "kustomization [name]",
 	Aliases: []string{"ks"},
 	Short:   "Create or update a Kustomization resource",
-	Long:    "The create command generates a Kustomization resource for a given source.",
+	Long:    "The kustomization source create command generates a Kustomize resource for a given source.",
 	Example: `  # Create a Kustomization resource from a source at a given path
-  flux create kustomization kyverno \
+  flux create kustomization contour \
-    --source=GitRepository/kyverno \
+    --source=GitRepository/contour \
-    --path="./config/release" \
+    --path="./examples/contour/" \
    --prune=true \
-    --interval=60m \
+    --interval=10m \
-    --wait=true \
+    --health-check="Deployment/contour.projectcontour" \
    --health-check="DaemonSet/envoy.projectcontour" \
    --health-check-timeout=3m
  # Create a Kustomization resource that depends on the previous one
-  flux create kustomization kyverno-policies \
+  flux create kustomization webapp \
-    --depends-on=kyverno \
+    --depends-on=contour \
-    --source=GitRepository/kyverno-policies \
+    --source=GitRepository/webapp \
-    --path="./policies/flux" \
+    --path="./deploy/overlays/dev" \
    --prune=true \
    --interval=5m
@@ -64,14 +65,7 @@ var createKsCmd = &cobra.Command{
  flux create kustomization podinfo \
    --namespace=default \
    --source=GitRepository/podinfo.flux-system \
-    --path="./kustomize" \
+    --path="./deploy/overlays/dev" \
    --prune=true \
    --interval=5m
  # Create a Kustomization resource that references an OCIRepository
  flux create kustomization podinfo \
    --source=OCIRepository/podinfo \
    --target-namespace=default \
    --prune=true \
    --interval=5m
@@ -84,19 +78,18 @@ var createKsCmd = &cobra.Command{
 }
 type kustomizationFlags struct {
-	source              flags.KustomizationSource
+	source             flags.KustomizationSource
-	path                flags.SafeRelativePath
+	path               flags.SafeRelativePath
-	prune               bool
+	prune              bool
-	dependsOn           []string
+	dependsOn          []string
-	validation          string
+	validation         string
-	healthCheck         []string
+	healthCheck        []string
-	healthTimeout       time.Duration
+	healthTimeout      time.Duration
-	saName              string
+	saName             string
-	decryptionProvider  flags.DecryptionProvider
+	decryptionProvider flags.DecryptionProvider
-	decryptionSecret    string
+	decryptionSecret   string
-	targetNamespace     string
+	targetNamespace    string
-	wait                bool
+	wait               bool
 	kubeConfigSecretRef string
 }
 var kustomizationArgs = NewKustomizationFlags()
@@ -114,7 +107,6 @@ func init() {
 	createKsCmd.Flags().Var(&kustomizationArgs.decryptionProvider, "decryption-provider", kustomizationArgs.decryptionProvider.Description())
 	createKsCmd.Flags().StringVar(&kustomizationArgs.decryptionSecret, "decryption-secret", "", "set the Kubernetes secret name that contains the OpenPGP private keys used for sops decryption")
 	createKsCmd.Flags().StringVar(&kustomizationArgs.targetNamespace, "target-namespace", "", "overrides the namespace of all Kustomization objects reconciled by this Kustomization")
 	createKsCmd.Flags().StringVar(&kustomizationArgs.kubeConfigSecretRef, "kubeconfig-secret-ref", "", "the name of the Kubernetes Secret that contains a key with the kubeconfig file for connecting to a remote cluster")
 	createKsCmd.Flags().MarkDeprecated("validation", "this arg is no longer used, all resources are validated using server-side apply dry-run")
 	createCmd.AddCommand(createKsCmd)
@@ -168,14 +160,6 @@ func createKsCmdRun(cmd *cobra.Command, args []string) error {
 		},
 	}
 	if kustomizationArgs.kubeConfigSecretRef != "" {
 		kustomization.Spec.KubeConfig = &kustomizev1.KubeConfig{
 			SecretRef: meta.SecretKeyReference{
 				Name: kustomizationArgs.kubeConfigSecretRef,
 			},
 		}
 	}
 	if len(kustomizationArgs.healthCheck) > 0 && !kustomizationArgs.wait {
 		healthChecks := make([]meta.NamespacedObjectKindReference, 0)
 		for _, w := range kustomizationArgs.healthCheck {
@@ -245,7 +229,7 @@ func createKsCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/create_receiver.go
+++ b/cmd/flux/create_receiver.go
@@ -127,7 +127,7 @@ func createReceiverCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/create_secret_git.go
+++ b/cmd/flux/create_secret_git.go
@@ -173,7 +173,7 @@ func createSecretGitCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/create_secret_helm.go
+++ b/cmd/flux/create_secret_helm.go
@@ -96,7 +96,7 @@ func createSecretHelmCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/create_secret_helm_test.go
+++ b/cmd/flux/create_secret_helm_test.go
@@ -1,19 +1,3 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
--- a/cmd/flux/create_secret_oci.go
+++ b/cmd/flux/create_secret_oci.go
@@ -1,121 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sourcesecret"
 	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	"sigs.k8s.io/yaml"
 )
 var createSecretOCICmd = &cobra.Command{
 	Use:   "oci [name]",
 	Short: "Create or update a Kubernetes image pull secret",
 	Long:  `The create secret oci command generates a Kubernetes secret that can be used for OCIRepository authentication`,
 	Example: `  # Create an OCI authentication secret on disk and encrypt it with Mozilla SOPS
  flux create secret oci podinfo-auth \
    --url=ghcr.io \
    --username=username \
    --password=password \
    --export > repo-auth.yaml
  sops --encrypt --encrypted-regex '^(data|stringData)$' \
    --in-place repo-auth.yaml
 	`,
 	RunE: createSecretOCICmdRun,
 }
 type secretOCIFlags struct {
 	url      string
 	password string
 	username string
 }
 var secretOCIArgs = secretOCIFlags{}
 func init() {
 	createSecretOCICmd.Flags().StringVar(&secretOCIArgs.url, "url", "", "oci repository address e.g ghcr.io/stefanprodan/charts")
 	createSecretOCICmd.Flags().StringVarP(&secretOCIArgs.username, "username", "u", "", "basic authentication username")
 	createSecretOCICmd.Flags().StringVarP(&secretOCIArgs.password, "password", "p", "", "basic authentication password")
 	createSecretCmd.AddCommand(createSecretOCICmd)
 }
 func createSecretOCICmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("name is required")
 	}
 	secretName := args[0]
 	if secretOCIArgs.url == "" {
 		return fmt.Errorf("--url is required")
 	}
 	if secretOCIArgs.username == "" {
 		return fmt.Errorf("--username is required")
 	}
 	if secretOCIArgs.password == "" {
 		return fmt.Errorf("--password is required")
 	}
 	if _, err := name.ParseReference(secretOCIArgs.url); err != nil {
 		return fmt.Errorf("error parsing url: '%s'", err)
 	}
 	opts := sourcesecret.Options{
 		Name:      secretName,
 		Namespace: *kubeconfigArgs.Namespace,
 		Registry:  secretOCIArgs.url,
 		Password:  secretOCIArgs.password,
 		Username:  secretOCIArgs.username,
 	}
 	secret, err := sourcesecret.Generate(opts)
 	if err != nil {
 		return err
 	}
 	if createArgs.export {
 		rootCmd.Println(secret.Content)
 		return nil
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
 	if err != nil {
 		return err
 	}
 	var s corev1.Secret
 	if err := yaml.Unmarshal([]byte(secret.Content), &s); err != nil {
 		return err
 	}
 	if err := upsertSecret(ctx, kubeClient, s); err != nil {
 		return err
 	}
 	logger.Actionf("oci secret '%s' created in '%s' namespace", secretName, *kubeconfigArgs.Namespace)
 	return nil
 }
--- a/cmd/flux/create_secret_oci_test.go
+++ b/cmd/flux/create_secret_oci_test.go
@@ -1,51 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"testing"
 )
 func TestCreateSecretOCI(t *testing.T) {
 	tests := []struct {
 		name   string
 		args   string
 		assert assertFunc
 	}{
 		{
 			args:   "create secret oci",
 			assert: assertError("name is required"),
 		},
 		{
 			args:   "create secret oci ghcr",
 			assert: assertError("--url is required"),
 		},
 		{
 			args:   "create secret oci ghcr --namespace=my-namespace --url ghcr.io --username stefanprodan --password=password --export",
 			assert: assertGoldenFile("testdata/create_secret/oci/create-secret.yaml"),
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			cmd := cmdTestCase{
 				args:   tt.args,
 				assert: tt.assert,
 			}
 			cmd.runTestCmd(t)
 		})
 	}
 }
--- a/cmd/flux/create_secret_tls.go
+++ b/cmd/flux/create_secret_tls.go
@@ -93,7 +93,7 @@ func createSecretTLSCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/create_source_bucket.go
+++ b/cmd/flux/create_source_bucket.go
@@ -20,7 +20,6 @@ import (
 	"context"
 	"fmt"
 	"os"
 	"strings"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
@@ -31,9 +30,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"github.com/fluxcd/pkg/apis/meta"
-	"github.com/fluxcd/pkg/runtime/conditions"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
@@ -64,18 +61,17 @@ For Buckets with static authentication, the credentials are stored in a Kubernet
 }
 type sourceBucketFlags struct {
-	name        string
+	name      string
-	provider    flags.SourceBucketProvider
+	provider  flags.SourceBucketProvider
-	endpoint    string
+	endpoint  string
-	accessKey   string
+	accessKey string
-	secretKey   string
+	secretKey string
-	region      string
+	region    string
-	insecure    bool
+	insecure  bool
-	secretRef   string
+	secretRef string
 	ignorePaths []string
 }
-var sourceBucketArgs = newSourceBucketFlags()
+var sourceBucketArgs = NewSourceBucketFlags()
 func init() {
 	createSourceBucketCmd.Flags().Var(&sourceBucketArgs.provider, "provider", sourceBucketArgs.provider.Description())
@@ -86,12 +82,11 @@ func init() {
 	createSourceBucketCmd.Flags().StringVar(&sourceBucketArgs.region, "region", "", "the bucket region")
 	createSourceBucketCmd.Flags().BoolVar(&sourceBucketArgs.insecure, "insecure", false, "for when connecting to a non-TLS S3 HTTP endpoint")
 	createSourceBucketCmd.Flags().StringVar(&sourceBucketArgs.secretRef, "secret-ref", "", "the name of an existing secret containing credentials")
 	createSourceBucketCmd.Flags().StringSliceVar(&sourceBucketArgs.ignorePaths, "ignore-paths", nil, "set paths to ignore in bucket resource (can specify multiple paths with commas: path1,path2)")
 	createSourceCmd.AddCommand(createSourceBucketCmd)
 }
-func newSourceBucketFlags() sourceBucketFlags {
+func NewSourceBucketFlags() sourceBucketFlags {
 	return sourceBucketFlags{
 		provider: flags.SourceBucketProvider(sourcev1.GenericBucketProvider),
 	}
@@ -119,12 +114,6 @@ func createSourceBucketCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	defer os.RemoveAll(tmpDir)
 	var ignorePaths *string
 	if len(sourceBucketArgs.ignorePaths) > 0 {
 		ignorePathsStr := strings.Join(sourceBucketArgs.ignorePaths, "\n")
 		ignorePaths = &ignorePathsStr
 	}
 	bucket := &sourcev1.Bucket{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
@@ -140,7 +129,6 @@ func createSourceBucketCmdRun(cmd *cobra.Command, args []string) error {
 			Interval: metav1.Duration{
 				Duration: createArgs.interval,
 			},
 			Ignore: ignorePaths,
 		},
 	}
@@ -161,7 +149,7 @@ func createSourceBucketCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
@@ -247,30 +235,3 @@ func upsertBucket(ctx context.Context, kubeClient client.Client,
 	logger.Successf("Bucket source updated")
 	return namespacedName, nil
 }
 func isBucketReady(ctx context.Context, kubeClient client.Client,
 	namespacedName types.NamespacedName, bucket *sourcev1.Bucket) wait.ConditionFunc {
 	return func() (bool, error) {
 		err := kubeClient.Get(ctx, namespacedName, bucket)
 		if err != nil {
 			return false, err
 		}
 		if c := conditions.Get(bucket, meta.ReadyCondition); c != nil {
 			// Confirm the Ready condition we are observing is for the
 			// current generation
 			if c.ObservedGeneration != bucket.GetGeneration() {
 				return false, nil
 			}
 			// Further check the Status
 			switch c.Status {
 			case metav1.ConditionTrue:
 				return true, nil
 			case metav1.ConditionFalse:
 				return false, fmt.Errorf(c.Message)
 			}
 		}
 		return false, nil
 	}
 }
--- a/cmd/flux/create_source_git.go
+++ b/cmd/flux/create_source_git.go
@@ -22,23 +22,20 @@ import (
 	"fmt"
 	"net/url"
 	"os"
 	"strings"
 	"github.com/fluxcd/pkg/apis/meta"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"github.com/manifoldco/promptui"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/fluxcd/pkg/runtime/conditions"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sourcesecret"
@@ -60,7 +57,6 @@ type sourceGitFlags struct {
 	privateKeyFile    string
 	recurseSubmodules bool
 	silent            bool
 	ignorePaths       []string
 }
 var createSourceGitCmd = &cobra.Command{
@@ -117,7 +113,6 @@ For private Git repositories, the basic authentication credentials are stored in
  # Create a source for a Git repository using basic authentication
  flux create source git podinfo \
    --url=https://github.com/stefanprodan/podinfo \
    --branch=master \
    --username=username \
    --password=password`,
 	RunE: createSourceGitCmdRun,
@@ -142,7 +137,6 @@ func init() {
 	createSourceGitCmd.Flags().BoolVar(&sourceGitArgs.recurseSubmodules, "recurse-submodules", false,
 		"when enabled, configures the GitRepository source to initialize and include Git submodules in the artifact it produces")
 	createSourceGitCmd.Flags().BoolVarP(&sourceGitArgs.silent, "silent", "s", false, "assumes the deploy key is already setup, skips confirmation")
 	createSourceGitCmd.Flags().StringSliceVar(&sourceGitArgs.ignorePaths, "ignore-paths", nil, "set paths to ignore in git resource (can specify multiple paths with commas: path1,path2)")
 	createSourceCmd.AddCommand(createSourceGitCmd)
 }
@@ -175,7 +169,7 @@ func createSourceGitCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	if sourceGitArgs.caFile != "" && u.Scheme == "ssh" {
-		return fmt.Errorf("specifying a CA file is not supported for Git over SSH")
+		return fmt.Errorf("specifing a CA file is not supported for Git over SSH")
 	}
 	if sourceGitArgs.recurseSubmodules && sourceGitArgs.gitImplementation == sourcev1.LibGit2Implementation {
@@ -193,12 +187,6 @@ func createSourceGitCmdRun(cmd *cobra.Command, args []string) error {
 		return err
 	}
 	var ignorePaths *string
 	if len(sourceGitArgs.ignorePaths) > 0 {
 		ignorePathsStr := strings.Join(sourceGitArgs.ignorePaths, "\n")
 		ignorePaths = &ignorePathsStr
 	}
 	gitRepository := sourcev1.GitRepository{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
@@ -212,7 +200,6 @@ func createSourceGitCmdRun(cmd *cobra.Command, args []string) error {
 			},
 			RecurseSubmodules: sourceGitArgs.recurseSubmodules,
 			Reference:         &sourcev1.GitRepositoryRef{},
 			Ignore:            ignorePaths,
 		},
 	}
@@ -245,7 +232,7 @@ func createSourceGitCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
@@ -368,14 +355,7 @@ func isGitRepositoryReady(ctx context.Context, kubeClient client.Client,
 			return false, err
 		}
-		if c := conditions.Get(gitRepository, meta.ReadyCondition); c != nil {
+		if c := apimeta.FindStatusCondition(gitRepository.Status.Conditions, meta.ReadyCondition); c != nil {
 			// Confirm the Ready condition we are observing is for the
 			// current generation
 			if c.ObservedGeneration != gitRepository.GetGeneration() {
 				return false, nil
 			}
 			// Further check the Status
 			switch c.Status {
 			case metav1.ConditionTrue:
 				return true, nil
--- a/cmd/flux/create_source_git_test.go
+++ b/cmd/flux/create_source_git_test.go
@@ -21,17 +21,15 @@ package main
 import (
 	"context"
 	"testing"
 	"time"
 	"github.com/fluxcd/pkg/apis/meta"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"testing"
 	"time"
 )
 var pollInterval = 50 * time.Millisecond
@@ -85,31 +83,6 @@ func (r *reconciler) conditionFunc() (bool, error) {
 	return true, err
 }
 func TestCreateSourceGitExport(t *testing.T) {
 	var command = "create source git podinfo --url=https://github.com/stefanprodan/podinfo --branch=master --ignore-paths .cosign,non-existent-dir/ -n default --interval 1m --export --timeout=" + testTimeout.String()
 	cases := []struct {
 		name   string
 		args   string
 		assert assertFunc
 	}{
 		{
 			"ExportSucceeded",
 			command,
 			assertGoldenFile("testdata/create_source_git/export.golden"),
 		},
 	}
 	for _, tc := range cases {
 		t.Run(tc.name, func(t *testing.T) {
 			cmd := cmdTestCase{
 				args:   tc.args,
 				assert: tc.assert,
 			}
 			cmd.runTestCmd(t)
 		})
 	}
 }
 func TestCreateSourceGit(t *testing.T) {
 	// Default command used for multiple tests
 	var command = "create source git podinfo --url=https://github.com/stefanprodan/podinfo --branch=master --timeout=" + testTimeout.String()
@@ -130,14 +103,7 @@ func TestCreateSourceGit(t *testing.T) {
 			command,
 			assertGoldenFile("testdata/create_source_git/success.golden"),
 			func(repo *sourcev1.GitRepository) {
-				newCondition := metav1.Condition{
+				meta.SetResourceCondition(repo, meta.ReadyCondition, metav1.ConditionTrue, sourcev1.GitOperationSucceedReason, "succeeded message")
 					Type:               meta.ReadyCondition,
 					Status:             metav1.ConditionTrue,
 					Reason:             sourcev1.GitOperationSucceedReason,
 					Message:            "succeeded message",
 					ObservedGeneration: repo.GetGeneration(),
 				}
 				apimeta.SetStatusCondition(&repo.Status.Conditions, newCondition)
 				repo.Status.Artifact = &sourcev1.Artifact{
 					Path:     "some-path",
 					Revision: "v1",
@@ -148,14 +114,7 @@ func TestCreateSourceGit(t *testing.T) {
 			command,
 			assertError("failed message"),
 			func(repo *sourcev1.GitRepository) {
-				newCondition := metav1.Condition{
+				meta.SetResourceCondition(repo, meta.ReadyCondition, metav1.ConditionFalse, sourcev1.URLInvalidReason, "failed message")
 					Type:               meta.ReadyCondition,
 					Status:             metav1.ConditionFalse,
 					Reason:             sourcev1.URLInvalidReason,
 					Message:            "failed message",
 					ObservedGeneration: repo.GetGeneration(),
 				}
 				apimeta.SetStatusCondition(&repo.Status.Conditions, newCondition)
 			},
 		}, {
 			"NoArtifact",
@@ -163,14 +122,7 @@ func TestCreateSourceGit(t *testing.T) {
 			assertError("GitRepository source reconciliation completed but no artifact was found"),
 			func(repo *sourcev1.GitRepository) {
 				// Updated with no artifact
-				newCondition := metav1.Condition{
+				meta.SetResourceCondition(repo, meta.ReadyCondition, metav1.ConditionTrue, sourcev1.GitOperationSucceedReason, "succeeded message")
 					Type:               meta.ReadyCondition,
 					Status:             metav1.ConditionTrue,
 					Reason:             sourcev1.GitOperationSucceedReason,
 					Message:            "succeeded message",
 					ObservedGeneration: repo.GetGeneration(),
 				}
 				apimeta.SetStatusCondition(&repo.Status.Conditions, newCondition)
 			},
 		},
 	}
--- a/cmd/flux/create_source_helm.go
+++ b/cmd/flux/create_source_helm.go
@@ -23,17 +23,17 @@ import (
 	"os"
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/fluxcd/pkg/runtime/conditions"
 	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/flux2/pkg/manifestgen/sourcesecret"
@@ -44,34 +44,23 @@ var createSourceHelmCmd = &cobra.Command{
 	Short: "Create or update a HelmRepository source",
 	Long: `The create source helm command generates a HelmRepository resource and waits for it to fetch the index.
 For private Helm repositories, the basic authentication credentials are stored in a Kubernetes secret.`,
-	Example: `  # Create a source for an HTTPS public Helm repository
+	Example: `  # Create a source for a public Helm repository
  flux create source helm podinfo \
    --url=https://stefanprodan.github.io/podinfo \
    --interval=10m
-  # Create a source for an HTTPS Helm repository using basic authentication
+  # Create a source for a Helm repository using basic authentication
  flux create source helm podinfo \
    --url=https://stefanprodan.github.io/podinfo \
    --username=username \
    --password=password
-  # Create a source for an HTTPS Helm repository using TLS authentication
+  # Create a source for a Helm repository using TLS authentication
  flux create source helm podinfo \
    --url=https://stefanprodan.github.io/podinfo \
    --cert-file=./cert.crt \
    --key-file=./key.crt \
-    --ca-file=./ca.crt
+    --ca-file=./ca.crt`,
  # Create a source for an OCI Helm repository
  flux create source helm podinfo \
    --url=oci://ghcr.io/stefanprodan/charts/podinfo
    --username=username \
    --password=password
  # Create a source for an OCI Helm repository using an existing secret with basic auth or dockerconfig credentials
  flux create source helm podinfo \
    --url=oci://ghcr.io/stefanprodan/charts/podinfo
    --secret-ref=docker-config`,
 	RunE: createSourceHelmCmdRun,
 }
@@ -95,7 +84,7 @@ func init() {
 	createSourceHelmCmd.Flags().StringVar(&sourceHelmArgs.certFile, "cert-file", "", "TLS authentication cert file path")
 	createSourceHelmCmd.Flags().StringVar(&sourceHelmArgs.keyFile, "key-file", "", "TLS authentication key file path")
 	createSourceHelmCmd.Flags().StringVar(&sourceHelmArgs.caFile, "ca-file", "", "TLS authentication CA file path")
-	createSourceHelmCmd.Flags().StringVarP(&sourceHelmArgs.secretRef, "secret-ref", "", "", "the name of an existing secret containing TLS, basic auth or docker-config credentials")
+	createSourceHelmCmd.Flags().StringVarP(&sourceHelmArgs.secretRef, "secret-ref", "", "", "the name of an existing secret containing TLS or basic auth credentials")
 	createSourceHelmCmd.Flags().BoolVarP(&sourceHelmArgs.passCredentials, "pass-credentials", "", false, "pass credentials to all domains")
 	createSourceCmd.AddCommand(createSourceHelmCmd)
@@ -137,14 +126,6 @@ func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 		},
 	}
 	url, err := url.Parse(sourceHelmArgs.url)
 	if err != nil {
 		return fmt.Errorf("failed to parse URL: %w", err)
 	}
 	if url.Scheme == sourcev1.HelmRepositoryTypeOCI {
 		helmRepository.Spec.Type = sourcev1.HelmRepositoryTypeOCI
 	}
 	if createSourceArgs.fetchTimeout > 0 {
 		helmRepository.Spec.Timeout = &metav1.Duration{Duration: createSourceArgs.fetchTimeout}
 	}
@@ -163,7 +144,7 @@ func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
@@ -215,11 +196,6 @@ func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 	}
 	logger.Successf("HelmRepository source reconciliation completed")
 	if helmRepository.Spec.Type == sourcev1.HelmRepositoryTypeOCI {
 		// OCI repos don't expose any artifact so we just return early here
 		return nil
 	}
 	if helmRepository.Status.Artifact == nil {
 		return fmt.Errorf("HelmRepository source reconciliation completed but no artifact was found")
 	}
@@ -266,14 +242,12 @@ func isHelmRepositoryReady(ctx context.Context, kubeClient client.Client,
 			return false, err
 		}
-		if c := conditions.Get(helmRepository, meta.ReadyCondition); c != nil {
+		// Confirm the state we are observing is for the current generation
-			// Confirm the Ready condition we are observing is for the
+		if helmRepository.Generation != helmRepository.Status.ObservedGeneration {
-			// current generation
+			return false, nil
-			if c.ObservedGeneration != helmRepository.GetGeneration() {
+		}
 				return false, nil
 			}
-			// Further check the Status
+		if c := apimeta.FindStatusCondition(helmRepository.Status.Conditions, meta.ReadyCondition); c != nil {
 			switch c.Status {
 			case metav1.ConditionTrue:
 				return true, nil
--- a/cmd/flux/create_source_helm_test.go
+++ b/cmd/flux/create_source_helm_test.go
@@ -1,81 +0,0 @@
 //go:build unit
 // +build unit
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"testing"
 )
 func TestCreateSourceHelm(t *testing.T) {
 	tests := []struct {
 		name       string
 		args       string
 		resultFile string
 		assertFunc string
 	}{
 		{
 			name:       "no args",
 			args:       "create source helm",
 			resultFile: "name is required",
 			assertFunc: "assertError",
 		},
 		{
 			name:       "OCI repo",
 			args:       "create source helm podinfo --url=oci://ghcr.io/stefanprodan/charts/podinfo --interval 5m --export",
 			resultFile: "./testdata/create_source_helm/oci.golden",
 			assertFunc: "assertGoldenTemplateFile",
 		},
 		{
 			name:       "OCI repo with Secret ref",
 			args:       "create source helm podinfo --url=oci://ghcr.io/stefanprodan/charts/podinfo --interval 5m --secret-ref=creds --export",
 			resultFile: "./testdata/create_source_helm/oci-with-secret.golden",
 			assertFunc: "assertGoldenTemplateFile",
 		},
 		{
 			name:       "HTTPS repo",
 			args:       "create source helm podinfo --url=https://stefanprodan.github.io/charts/podinfo --interval 5m --export",
 			resultFile: "./testdata/create_source_helm/https.golden",
 			assertFunc: "assertGoldenTemplateFile",
 		},
 	}
 	tmpl := map[string]string{
 		"fluxns": allocateNamespace("flux-system"),
 	}
 	setup(t, tmpl)
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			var assert assertFunc
 			switch tt.assertFunc {
 			case "assertGoldenTemplateFile":
 				assert = assertGoldenTemplateFile(tt.resultFile, tmpl)
 			case "assertError":
 				assert = assertError(tt.resultFile)
 			}
 			cmd := cmdTestCase{
 				args:   tt.args + " -n " + tmpl["fluxns"],
 				assert: assert,
 			}
 			cmd.runTestCmd(t)
 		})
 	}
 }
--- a/cmd/flux/create_source_oci.go
+++ b/cmd/flux/create_source_oci.go
@@ -1,244 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"strings"
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/fluxcd/pkg/runtime/conditions"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 var createSourceOCIRepositoryCmd = &cobra.Command{
 	Use:   "oci [name]",
 	Short: "Create or update an OCIRepository",
 	Long:  `The create source oci command generates an OCIRepository resource and waits for it to be ready.`,
 	Example: `  # Create an OCIRepository for a public container image
  flux create source oci podinfo \
    --url=oci://ghcr.io/stefanprodan/manifests/podinfo \
    --tag=6.1.6 \
    --interval=10m
 `,
 	RunE: createSourceOCIRepositoryCmdRun,
 }
 type sourceOCIRepositoryFlags struct {
 	url            string
 	tag            string
 	semver         string
 	digest         string
 	secretRef      string
 	serviceAccount string
 	certSecretRef  string
 	ignorePaths    []string
 	provider       flags.SourceOCIProvider
 }
 var sourceOCIRepositoryArgs = newSourceOCIFlags()
 func newSourceOCIFlags() sourceOCIRepositoryFlags {
 	return sourceOCIRepositoryFlags{
 		provider: flags.SourceOCIProvider(sourcev1.GenericOCIProvider),
 	}
 }
 func init() {
 	createSourceOCIRepositoryCmd.Flags().Var(&sourceOCIRepositoryArgs.provider, "provider", sourceOCIRepositoryArgs.provider.Description())
 	createSourceOCIRepositoryCmd.Flags().StringVar(&sourceOCIRepositoryArgs.url, "url", "", "the OCI repository URL")
 	createSourceOCIRepositoryCmd.Flags().StringVar(&sourceOCIRepositoryArgs.tag, "tag", "", "the OCI artifact tag")
 	createSourceOCIRepositoryCmd.Flags().StringVar(&sourceOCIRepositoryArgs.semver, "tag-semver", "", "the OCI artifact tag semver range")
 	createSourceOCIRepositoryCmd.Flags().StringVar(&sourceOCIRepositoryArgs.digest, "digest", "", "the OCI artifact digest")
 	createSourceOCIRepositoryCmd.Flags().StringVar(&sourceOCIRepositoryArgs.secretRef, "secret-ref", "", "the name of the Kubernetes image pull secret (type 'kubernetes.io/dockerconfigjson')")
 	createSourceOCIRepositoryCmd.Flags().StringVar(&sourceOCIRepositoryArgs.serviceAccount, "service-account", "", "the name of the Kubernetes service account that refers to an image pull secret")
 	createSourceOCIRepositoryCmd.Flags().StringVar(&sourceOCIRepositoryArgs.certSecretRef, "cert-ref", "", "the name of a secret to use for TLS certificates")
 	createSourceOCIRepositoryCmd.Flags().StringSliceVar(&sourceOCIRepositoryArgs.ignorePaths, "ignore-paths", nil, "set paths to ignore resources (can specify multiple paths with commas: path1,path2)")
 	createSourceCmd.AddCommand(createSourceOCIRepositoryCmd)
 }
 func createSourceOCIRepositoryCmdRun(cmd *cobra.Command, args []string) error {
 	name := args[0]
 	if sourceOCIRepositoryArgs.url == "" {
 		return fmt.Errorf("url is required")
 	}
 	if sourceOCIRepositoryArgs.semver == "" && sourceOCIRepositoryArgs.tag == "" && sourceOCIRepositoryArgs.digest == "" {
 		return fmt.Errorf("--tag, --tag-semver or --digest is required")
 	}
 	sourceLabels, err := parseLabels()
 	if err != nil {
 		return err
 	}
 	var ignorePaths *string
 	if len(sourceOCIRepositoryArgs.ignorePaths) > 0 {
 		ignorePathsStr := strings.Join(sourceOCIRepositoryArgs.ignorePaths, "\n")
 		ignorePaths = &ignorePathsStr
 	}
 	repository := &sourcev1.OCIRepository{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
 			Namespace: *kubeconfigArgs.Namespace,
 			Labels:    sourceLabels,
 		},
 		Spec: sourcev1.OCIRepositorySpec{
 			Provider: sourceOCIRepositoryArgs.provider.String(),
 			URL:      sourceOCIRepositoryArgs.url,
 			Interval: metav1.Duration{
 				Duration: createArgs.interval,
 			},
 			Reference: &sourcev1.OCIRepositoryRef{},
 			Ignore:    ignorePaths,
 		},
 	}
 	if digest := sourceOCIRepositoryArgs.digest; digest != "" {
 		repository.Spec.Reference.Digest = digest
 	}
 	if semver := sourceOCIRepositoryArgs.semver; semver != "" {
 		repository.Spec.Reference.SemVer = semver
 	}
 	if tag := sourceOCIRepositoryArgs.tag; tag != "" {
 		repository.Spec.Reference.Tag = tag
 	}
 	if createSourceArgs.fetchTimeout > 0 {
 		repository.Spec.Timeout = &metav1.Duration{Duration: createSourceArgs.fetchTimeout}
 	}
 	if saName := sourceOCIRepositoryArgs.serviceAccount; saName != "" {
 		repository.Spec.ServiceAccountName = saName
 	}
 	if secretName := sourceOCIRepositoryArgs.secretRef; secretName != "" {
 		repository.Spec.SecretRef = &meta.LocalObjectReference{
 			Name: secretName,
 		}
 	}
 	if secretName := sourceOCIRepositoryArgs.certSecretRef; secretName != "" {
 		repository.Spec.CertSecretRef = &meta.LocalObjectReference{
 			Name: secretName,
 		}
 	}
 	if createArgs.export {
 		return printExport(exportOCIRepository(repository))
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
 	if err != nil {
 		return err
 	}
 	logger.Actionf("applying OCIRepository")
 	namespacedName, err := upsertOCIRepository(ctx, kubeClient, repository)
 	if err != nil {
 		return err
 	}
 	logger.Waitingf("waiting for OCIRepository reconciliation")
 	if err := wait.PollImmediate(rootArgs.pollInterval, rootArgs.timeout,
 		isOCIRepositoryReady(ctx, kubeClient, namespacedName, repository)); err != nil {
 		return err
 	}
 	logger.Successf("OCIRepository reconciliation completed")
 	if repository.Status.Artifact == nil {
 		return fmt.Errorf("no artifact was found")
 	}
 	logger.Successf("fetched revision: %s", repository.Status.Artifact.Revision)
 	return nil
 }
 func upsertOCIRepository(ctx context.Context, kubeClient client.Client,
 	ociRepository *sourcev1.OCIRepository) (types.NamespacedName, error) {
 	namespacedName := types.NamespacedName{
 		Namespace: ociRepository.GetNamespace(),
 		Name:      ociRepository.GetName(),
 	}
 	var existing sourcev1.OCIRepository
 	err := kubeClient.Get(ctx, namespacedName, &existing)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			if err := kubeClient.Create(ctx, ociRepository); err != nil {
 				return namespacedName, err
 			} else {
 				logger.Successf("OCIRepository created")
 				return namespacedName, nil
 			}
 		}
 		return namespacedName, err
 	}
 	existing.Labels = ociRepository.Labels
 	existing.Spec = ociRepository.Spec
 	if err := kubeClient.Update(ctx, &existing); err != nil {
 		return namespacedName, err
 	}
 	ociRepository = &existing
 	logger.Successf("OCIRepository updated")
 	return namespacedName, nil
 }
 func isOCIRepositoryReady(ctx context.Context, kubeClient client.Client,
 	namespacedName types.NamespacedName, ociRepository *sourcev1.OCIRepository) wait.ConditionFunc {
 	return func() (bool, error) {
 		err := kubeClient.Get(ctx, namespacedName, ociRepository)
 		if err != nil {
 			return false, err
 		}
 		if c := conditions.Get(ociRepository, meta.ReadyCondition); c != nil {
 			// Confirm the Ready condition we are observing is for the
 			// current generation
 			if c.ObservedGeneration != ociRepository.GetGeneration() {
 				return false, nil
 			}
 			// Further check the Status
 			switch c.Status {
 			case metav1.ConditionTrue:
 				return true, nil
 			case metav1.ConditionFalse:
 				return false, fmt.Errorf(c.Message)
 			}
 		}
 		return false, nil
 	}
 }
--- a/cmd/flux/create_source_oci_test.go
+++ b/cmd/flux/create_source_oci_test.go
@@ -1,61 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"testing"
 )
 func TestCreateSourceOCI(t *testing.T) {
 	tests := []struct {
 		name       string
 		args       string
 		assertFunc assertFunc
 	}{
 		{
 			name:       "NoArgs",
 			args:       "create source oci",
 			assertFunc: assertError("name is required"),
 		},
 		{
 			name:       "NoURL",
 			args:       "create source oci podinfo",
 			assertFunc: assertError("url is required"),
 		},
 		{
 			name:       "export manifest",
 			args:       "create source oci podinfo --url=oci://ghcr.io/stefanprodan/manifests/podinfo --tag=6.1.6 --interval 10m --export",
 			assertFunc: assertGoldenFile("./testdata/oci/export.golden"),
 		},
 		{
 			name:       "export manifest with secret",
 			args:       "create source oci podinfo --url=oci://ghcr.io/stefanprodan/manifests/podinfo --tag=6.1.6 --interval 10m --secret-ref=creds --export",
 			assertFunc: assertGoldenFile("./testdata/oci/export_with_secret.golden"),
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			cmd := cmdTestCase{
 				args:   tt.args,
 				assert: tt.assertFunc,
 			}
 			cmd.runTestCmd(t)
 		})
 	}
 }
--- a/cmd/flux/create_tenant.go
+++ b/cmd/flux/create_tenant.go
@@ -156,7 +156,7 @@ func createTenantCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/delete.go
+++ b/cmd/flux/delete.go
@@ -60,7 +60,7 @@ func (del deleteCommand) run(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/delete_kustomization.go
+++ b/cmd/flux/delete_kustomization.go
@@ -27,7 +27,7 @@ var deleteKsCmd = &cobra.Command{
 	Aliases: []string{"ks"},
 	Short:   "Delete a Kustomization resource",
 	Long:    "The delete kustomization command deletes the given Kustomization from the cluster.",
-	Example: `  # Delete a kustomization and the Kubernetes resources created by it when prune is enabled
+	Example: `  # Delete a kustomization and the Kubernetes resources created by it
  flux delete kustomization podinfo`,
 	ValidArgsFunction: resourceNamesCompletionFunc(kustomizev1.GroupVersion.WithKind(kustomizev1.KustomizationKind)),
 	RunE: deleteCommand{
--- a/cmd/flux/delete_source_bucket.go
+++ b/cmd/flux/delete_source_bucket.go
@@ -19,7 +19,7 @@ package main
 import (
 	"github.com/spf13/cobra"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var deleteSourceBucketCmd = &cobra.Command{
--- a/cmd/flux/delete_source_git.go
+++ b/cmd/flux/delete_source_git.go
@@ -19,7 +19,7 @@ package main
 import (
 	"github.com/spf13/cobra"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var deleteSourceGitCmd = &cobra.Command{
--- a/cmd/flux/delete_source_helm.go
+++ b/cmd/flux/delete_source_helm.go
@@ -19,7 +19,7 @@ package main
 import (
 	"github.com/spf13/cobra"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var deleteSourceHelmCmd = &cobra.Command{
--- a/cmd/flux/delete_source_oci.go
+++ b/cmd/flux/delete_source_oci.go
@@ -1,40 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
 )
 var deleteSourceOCIRepositoryCmd = &cobra.Command{
 	Use:   "oci [name]",
 	Short: "Delete an OCIRepository source",
 	Long:  "The delete source oci command deletes the given OCIRepository from the cluster.",
 	Example: `  # Delete an OCIRepository 
  flux delete source oci podinfo`,
 	ValidArgsFunction: resourceNamesCompletionFunc(sourcev1.GroupVersion.WithKind(sourcev1.OCIRepositoryKind)),
 	RunE: deleteCommand{
 		apiType: ociRepositoryType,
 		object:  universalAdapter{&sourcev1.OCIRepository{}},
 	}.run,
 }
 func init() {
 	deleteSourceCmd.AddCommand(deleteSourceOCIRepositoryCmd)
 }
--- a/cmd/flux/diff_kustomization.go
+++ b/cmd/flux/diff_kustomization.go
@@ -34,26 +34,21 @@ var diffKsCmd = &cobra.Command{
 	Long: `The diff command does a build, then it performs a server-side dry-run and prints the diff.
 Exit status: 0 No differences were found. 1 Differences were found. >1 diff failed with an error.`,
 	Example: `# Preview local changes as they were applied on the cluster
-flux diff kustomization my-app --path ./path/to/local/manifests
+flux diff kustomization my-app --path ./path/to/local/manifests`,
 # Preview using a local flux kustomization file
 flux diff kustomization my-app --path ./path/to/local/manifests --kustomization-file ./path/to/local/my-app.yaml`,
 	ValidArgsFunction: resourceNamesCompletionFunc(kustomizev1.GroupVersion.WithKind(kustomizev1.KustomizationKind)),
 	RunE:              diffKsCmdRun,
 }
 type diffKsFlags struct {
-	kustomizationFile string
+	path        string
-	path              string
+	progressBar bool
 	progressBar       bool
 }
 var diffKsArgs diffKsFlags
 func init() {
-	diffKsCmd.Flags().StringVar(&diffKsArgs.path, "path", "", "Path to a local directory that matches the specified Kustomization.spec.path.")
+	diffKsCmd.Flags().StringVar(&diffKsArgs.path, "path", "", "Path to a local directory that matches the specified Kustomization.spec.path.)")
 	diffKsCmd.Flags().BoolVar(&diffKsArgs.progressBar, "progress-bar", true, "Boolean to set the progress bar. The default value is true.")
 	diffKsCmd.Flags().StringVar(&diffKsArgs.kustomizationFile, "kustomization-file", "", "Path to the Flux Kustomization YAML file.")
 	diffCmd.AddCommand(diffKsCmd)
 }
@@ -71,18 +66,12 @@ func diffKsCmdRun(cmd *cobra.Command, args []string) error {
 		return &RequestError{StatusCode: 2, Err: fmt.Errorf("invalid resource path %q", diffKsArgs.path)}
 	}
 	if diffKsArgs.kustomizationFile != "" {
 		if fs, err := os.Stat(diffKsArgs.kustomizationFile); os.IsNotExist(err) || fs.IsDir() {
 			return fmt.Errorf("invalid kustomization file %q", diffKsArgs.kustomizationFile)
 		}
 	}
 	var builder *build.Builder
 	var err error
 	if diffKsArgs.progressBar {
-		builder, err = build.NewBuilder(kubeconfigArgs, kubeclientOptions, name, diffKsArgs.path, build.WithTimeout(rootArgs.timeout), build.WithKustomizationFile(diffKsArgs.kustomizationFile), build.WithProgressBar())
+		builder, err = build.NewBuilder(kubeconfigArgs, name, diffKsArgs.path, build.WithTimeout(rootArgs.timeout), build.WithProgressBar())
 	} else {
-		builder, err = build.NewBuilder(kubeconfigArgs, kubeclientOptions, name, diffKsArgs.path, build.WithTimeout(rootArgs.timeout), build.WithKustomizationFile(diffKsArgs.kustomizationFile))
+		builder, err = build.NewBuilder(kubeconfigArgs, name, diffKsArgs.path, build.WithTimeout(rootArgs.timeout))
 	}
 	if err != nil {
--- a/cmd/flux/diff_kustomization_test.go
+++ b/cmd/flux/diff_kustomization_test.go
@@ -97,7 +97,7 @@ func TestDiffKustomization(t *testing.T) {
 		"fluxns": allocateNamespace("flux-system"),
 	}
-	b, _ := build.NewBuilder(kubeconfigArgs, kubeclientOptions, "podinfo", "")
+	b, _ := build.NewBuilder(kubeconfigArgs, "podinfo", "")
 	resourceManager, err := b.Manager()
 	if err != nil {
--- a/cmd/flux/export.go
+++ b/cmd/flux/export.go
@@ -74,7 +74,7 @@ func (export exportCommand) run(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/export_secret.go
+++ b/cmd/flux/export_secret.go
@@ -59,7 +59,7 @@ func (export exportWithSecretCommand) run(cmd *cobra.Command, args []string) err
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/export_source_bucket.go
+++ b/cmd/flux/export_source_bucket.go
@@ -21,7 +21,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var exportSourceBucketCmd = &cobra.Command{
--- a/cmd/flux/export_source_git.go
+++ b/cmd/flux/export_source_git.go
@@ -21,7 +21,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var exportSourceGitCmd = &cobra.Command{
--- a/cmd/flux/export_source_helm.go
+++ b/cmd/flux/export_source_helm.go
@@ -21,7 +21,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var exportSourceHelmCmd = &cobra.Command{
--- a/cmd/flux/export_source_oci.go
+++ b/cmd/flux/export_source_oci.go
@@ -1,92 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
 )
 var exportSourceOCIRepositoryCmd = &cobra.Command{
 	Use:   "oci [name]",
 	Short: "Export OCIRepository sources in YAML format",
 	Long:  "The export source oci command exports one or all OCIRepository sources in YAML format.",
 	Example: `  # Export all OCIRepository sources
  flux export source oci --all > sources.yaml
  # Export a OCIRepository including the static credentials
  flux export source oci my-app --with-credentials > source.yaml`,
 	ValidArgsFunction: resourceNamesCompletionFunc(sourcev1.GroupVersion.WithKind(sourcev1.OCIRepositoryKind)),
 	RunE: exportWithSecretCommand{
 		list:   ociRepositoryListAdapter{&sourcev1.OCIRepositoryList{}},
 		object: ociRepositoryAdapter{&sourcev1.OCIRepository{}},
 	}.run,
 }
 func init() {
 	exportSourceCmd.AddCommand(exportSourceOCIRepositoryCmd)
 }
 func exportOCIRepository(source *sourcev1.OCIRepository) interface{} {
 	gvk := sourcev1.GroupVersion.WithKind(sourcev1.OCIRepositoryKind)
 	export := sourcev1.OCIRepository{
 		TypeMeta: metav1.TypeMeta{
 			Kind:       gvk.Kind,
 			APIVersion: gvk.GroupVersion().String(),
 		},
 		ObjectMeta: metav1.ObjectMeta{
 			Name:        source.Name,
 			Namespace:   source.Namespace,
 			Labels:      source.Labels,
 			Annotations: source.Annotations,
 		},
 		Spec: source.Spec,
 	}
 	return export
 }
 func getOCIRepositorySecret(source *sourcev1.OCIRepository) *types.NamespacedName {
 	if source.Spec.SecretRef != nil {
 		namespacedName := types.NamespacedName{
 			Namespace: source.Namespace,
 			Name:      source.Spec.SecretRef.Name,
 		}
 		return &namespacedName
 	}
 	return nil
 }
 func (ex ociRepositoryAdapter) secret() *types.NamespacedName {
 	return getOCIRepositorySecret(ex.OCIRepository)
 }
 func (ex ociRepositoryListAdapter) secretItem(i int) *types.NamespacedName {
 	return getOCIRepositorySecret(&ex.OCIRepositoryList.Items[i])
 }
 func (ex ociRepositoryAdapter) export() interface{} {
 	return exportOCIRepository(ex.OCIRepository)
 }
 func (ex ociRepositoryListAdapter) exportItem(i int) interface{} {
 	return exportOCIRepository(&ex.OCIRepositoryList.Items[i])
 }
--- a/cmd/flux/get.go
+++ b/cmd/flux/get.go
@@ -33,7 +33,6 @@ import (
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/flux2/pkg/printers"
 )
 type deriveType func(runtime.Object) (summarisable, error)
@@ -136,7 +135,7 @@ func (get getCommand) run(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
@@ -178,10 +177,7 @@ func (get getCommand) run(cmd *cobra.Command, args []string) error {
 		return err
 	}
-	err = printers.TablePrinter(header).Print(cmd.OutOrStdout(), rows)
+	utils.PrintTable(cmd.OutOrStdout(), header, rows)
 	if err != nil {
 		return err
 	}
 	if getAll {
 		fmt.Println()
@@ -246,16 +242,10 @@ func watchUntil(ctx context.Context, w watch.Interface, get *getCommand) (bool,
 			return false, err
 		}
 		if firstIteration {
-			err = printers.TablePrinter(header).Print(os.Stdout, rows)
+			utils.PrintTable(os.Stdout, header, rows)
 			if err != nil {
 				return false, err
 			}
 			firstIteration = false
 		} else {
-			err = printers.TablePrinter([]string{}).Print(os.Stdout, rows)
+			utils.PrintTable(os.Stdout, []string{}, rows)
 			if err != nil {
 				return false, err
 			}
 		}
 		return false, nil
--- a/cmd/flux/get_alert.go
+++ b/cmd/flux/get_alert.go
@@ -77,11 +77,11 @@ func init() {
 func (s alertListAdapter) summariseItem(i int, includeNamespace bool, includeKind bool) []string {
 	item := s.Items[i]
 	status, msg := statusAndMessage(item.Status.Conditions)
-	return append(nameColumns(&item, includeNamespace, includeKind), strings.Title(strconv.FormatBool(item.Spec.Suspend)), status, msg)
+	return append(nameColumns(&item, includeNamespace, includeKind), status, msg, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (s alertListAdapter) headers(includeNamespace bool) []string {
-	headers := []string{"Name", "Suspended", "Ready", "Message"}
+	headers := []string{"Name", "Ready", "Message", "Suspended"}
 	if includeNamespace {
 		return append(namespaceHeader, headers...)
 	}
--- a/cmd/flux/get_helmrelease.go
+++ b/cmd/flux/get_helmrelease.go
@@ -75,11 +75,11 @@ func (a helmReleaseListAdapter) summariseItem(i int, includeNamespace bool, incl
 	revision := item.Status.LastAppliedRevision
 	status, msg := statusAndMessage(item.Status.Conditions)
 	return append(nameColumns(&item, includeNamespace, includeKind),
-		revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)), status, msg)
+		status, msg, revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (a helmReleaseListAdapter) headers(includeNamespace bool) []string {
-	headers := []string{"Name", "Revision", "Suspended", "Ready", "Message"}
+	headers := []string{"Name", "Ready", "Message", "Revision", "Suspended"}
 	if includeNamespace {
 		headers = append([]string{"Namespace"}, headers...)
 	}
--- a/cmd/flux/get_image_policy.go
+++ b/cmd/flux/get_image_policy.go
@@ -74,11 +74,11 @@ func init() {
 func (s imagePolicyListAdapter) summariseItem(i int, includeNamespace bool, includeKind bool) []string {
 	item := s.Items[i]
 	status, msg := statusAndMessage(item.Status.Conditions)
-	return append(nameColumns(&item, includeNamespace, includeKind), item.Status.LatestImage, status, msg)
+	return append(nameColumns(&item, includeNamespace, includeKind), status, msg, item.Status.LatestImage)
 }
 func (s imagePolicyListAdapter) headers(includeNamespace bool) []string {
-	headers := []string{"Name", "Latest image", "Ready", "Message"}
+	headers := []string{"Name", "Ready", "Message", "Latest image"}
 	if includeNamespace {
 		return append(namespaceHeader, headers...)
 	}
--- a/cmd/flux/get_image_repository.go
+++ b/cmd/flux/get_image_repository.go
@@ -82,11 +82,11 @@ func (s imageRepositoryListAdapter) summariseItem(i int, includeNamespace bool,
 		lastScan = item.Status.LastScanResult.ScanTime.Time.Format(time.RFC3339)
 	}
 	return append(nameColumns(&item, includeNamespace, includeKind),
-		lastScan, strings.Title(strconv.FormatBool(item.Spec.Suspend)), status, msg)
+		status, msg, lastScan, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (s imageRepositoryListAdapter) headers(includeNamespace bool) []string {
-	headers := []string{"Name", "Last scan", "Suspended", "Ready", "Message"}
+	headers := []string{"Name", "Ready", "Message", "Last scan", "Suspended"}
 	if includeNamespace {
 		return append(namespaceHeader, headers...)
 	}
--- a/cmd/flux/get_image_update.go
+++ b/cmd/flux/get_image_update.go
@@ -81,11 +81,11 @@ func (s imageUpdateAutomationListAdapter) summariseItem(i int, includeNamespace
 	if item.Status.LastAutomationRunTime != nil {
 		lastRun = item.Status.LastAutomationRunTime.Time.Format(time.RFC3339)
 	}
-	return append(nameColumns(&item, includeNamespace, includeKind), lastRun, strings.Title(strconv.FormatBool(item.Spec.Suspend)), status, msg)
+	return append(nameColumns(&item, includeNamespace, includeKind), status, msg, lastRun, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (s imageUpdateAutomationListAdapter) headers(includeNamespace bool) []string {
-	headers := []string{"Name", "Last run", "Suspended", "Ready", "Message"}
+	headers := []string{"Name", "Ready", "Message", "Last run", "Suspended"}
 	if includeNamespace {
 		return append(namespaceHeader, headers...)
 	}
--- a/cmd/flux/get_kustomization.go
+++ b/cmd/flux/get_kustomization.go
@@ -85,11 +85,11 @@ func (a kustomizationListAdapter) summariseItem(i int, includeNamespace bool, in
 		msg = shortenCommitSha(msg)
 	}
 	return append(nameColumns(&item, includeNamespace, includeKind),
-		revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)), status, msg)
+		status, msg, revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (a kustomizationListAdapter) headers(includeNamespace bool) []string {
-	headers := []string{"Name", "Revision", "Suspended", "Ready", "Message"}
+	headers := []string{"Name", "Ready", "Message", "Revision", "Suspended"}
 	if includeNamespace {
 		headers = append([]string{"Namespace"}, headers...)
 	}
--- a/cmd/flux/get_receiver.go
+++ b/cmd/flux/get_receiver.go
@@ -74,11 +74,11 @@ func init() {
 func (s receiverListAdapter) summariseItem(i int, includeNamespace bool, includeKind bool) []string {
 	item := s.Items[i]
 	status, msg := statusAndMessage(item.Status.Conditions)
-	return append(nameColumns(&item, includeNamespace, includeKind), strings.Title(strconv.FormatBool(item.Spec.Suspend)), status, msg)
+	return append(nameColumns(&item, includeNamespace, includeKind), status, msg, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (s receiverListAdapter) headers(includeNamespace bool) []string {
-	headers := []string{"Name", "Suspended", "Ready", "Message"}
+	headers := []string{"Name", "Ready", "Message", "Suspended"}
 	if includeNamespace {
 		return append(namespaceHeader, headers...)
 	}
--- a/cmd/flux/get_source_all.go
+++ b/cmd/flux/get_source_all.go
@@ -21,7 +21,7 @@ import (
 	"github.com/spf13/cobra"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var getSourceAllCmd = &cobra.Command{
@@ -40,10 +40,6 @@ var getSourceAllCmd = &cobra.Command{
 		}
 		var allSourceCmd = []getCommand{
 			{
 				apiType: ociRepositoryType,
 				list:    &ociRepositoryListAdapter{&sourcev1.OCIRepositoryList{}},
 			},
 			{
 				apiType: bucketType,
 				list:    &bucketListAdapter{&sourcev1.BucketList{}},
--- a/cmd/flux/get_source_bucket.go
+++ b/cmd/flux/get_source_bucket.go
@@ -24,7 +24,7 @@ import (
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/runtime"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var getSourceBucketCmd = &cobra.Command{
@@ -81,11 +81,11 @@ func (a *bucketListAdapter) summariseItem(i int, includeNamespace bool, includeK
 	}
 	status, msg := statusAndMessage(item.Status.Conditions)
 	return append(nameColumns(&item, includeNamespace, includeKind),
-		revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)), status, msg)
+		status, msg, revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (a bucketListAdapter) headers(includeNamespace bool) []string {
-	headers := []string{"Name", "Revision", "Suspended", "Ready", "Message"}
+	headers := []string{"Name", "Ready", "Message", "Revision", "Suspended"}
 	if includeNamespace {
 		headers = append([]string{"Namespace"}, headers...)
 	}
--- a/cmd/flux/get_source_chart.go
+++ b/cmd/flux/get_source_chart.go
@@ -24,7 +24,7 @@ import (
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/runtime"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var getSourceHelmChartCmd = &cobra.Command{
@@ -81,11 +81,11 @@ func (a *helmChartListAdapter) summariseItem(i int, includeNamespace bool, inclu
 	}
 	status, msg := statusAndMessage(item.Status.Conditions)
 	return append(nameColumns(&item, includeNamespace, includeKind),
-		revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)), status, msg)
+		status, msg, revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (a helmChartListAdapter) headers(includeNamespace bool) []string {
-	headers := []string{"Name", "Revision", "Suspended", "Ready", "Message"}
+	headers := []string{"Name", "Ready", "Message", "Revision", "Suspended"}
 	if includeNamespace {
 		headers = append([]string{"Namespace"}, headers...)
 	}
--- a/cmd/flux/get_source_git.go
+++ b/cmd/flux/get_source_git.go
@@ -25,7 +25,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var getSourceGitCmd = &cobra.Command{
@@ -86,11 +86,11 @@ func (a *gitRepositoryListAdapter) summariseItem(i int, includeNamespace bool, i
 		msg = shortenCommitSha(msg)
 	}
 	return append(nameColumns(&item, includeNamespace, includeKind),
-		revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)), status, msg)
+		status, msg, revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (a gitRepositoryListAdapter) headers(includeNamespace bool) []string {
-	headers := []string{"Name", "Revision", "Suspended", "Ready", "Message"}
+	headers := []string{"Name", "Ready", "Message", "Revision", "Suspended"}
 	if includeNamespace {
 		headers = append([]string{"Namespace"}, headers...)
 	}
--- a/cmd/flux/get_source_helm.go
+++ b/cmd/flux/get_source_helm.go
@@ -24,7 +24,7 @@ import (
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/runtime"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var getSourceHelmCmd = &cobra.Command{
@@ -81,11 +81,11 @@ func (a *helmRepositoryListAdapter) summariseItem(i int, includeNamespace bool,
 	}
 	status, msg := statusAndMessage(item.Status.Conditions)
 	return append(nameColumns(&item, includeNamespace, includeKind),
-		revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)), status, msg)
+		status, msg, revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)))
 }
 func (a helmRepositoryListAdapter) headers(includeNamespace bool) []string {
-	headers := []string{"Name", "Revision", "Suspended", "Ready", "Message"}
+	headers := []string{"Name", "Ready", "Message", "Revision", "Suspended"}
 	if includeNamespace {
 		headers = append([]string{"Namespace"}, headers...)
 	}
--- a/cmd/flux/get_source_oci.go
+++ b/cmd/flux/get_source_oci.go
@@ -1,98 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"fmt"
 	"strconv"
 	"strings"
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/runtime"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
 )
 var getSourceOCIRepositoryCmd = &cobra.Command{
 	Use:   "oci",
 	Short: "Get OCIRepository status",
 	Long:  "The get sources oci command prints the status of the OCIRepository sources.",
 	Example: `  # List all OCIRepositories and their status
  flux get sources oci
  # List OCIRepositories from all namespaces
  flux get sources oci --all-namespaces`,
 	ValidArgsFunction: resourceNamesCompletionFunc(sourcev1.GroupVersion.WithKind(sourcev1.OCIRepositoryKind)),
 	RunE: func(cmd *cobra.Command, args []string) error {
 		get := getCommand{
 			apiType: ociRepositoryType,
 			list:    &ociRepositoryListAdapter{&sourcev1.OCIRepositoryList{}},
 			funcMap: make(typeMap),
 		}
 		err := get.funcMap.registerCommand(get.apiType.kind, func(obj runtime.Object) (summarisable, error) {
 			o, ok := obj.(*sourcev1.OCIRepository)
 			if !ok {
 				return nil, fmt.Errorf("impossible to cast type %#v to OCIRepository", obj)
 			}
 			sink := &ociRepositoryListAdapter{&sourcev1.OCIRepositoryList{
 				Items: []sourcev1.OCIRepository{
 					*o,
 				}}}
 			return sink, nil
 		})
 		if err != nil {
 			return err
 		}
 		if err := get.run(cmd, args); err != nil {
 			return err
 		}
 		return nil
 	},
 }
 func init() {
 	getSourceCmd.AddCommand(getSourceOCIRepositoryCmd)
 }
 func (a *ociRepositoryListAdapter) summariseItem(i int, includeNamespace bool, includeKind bool) []string {
 	item := a.Items[i]
 	var revision string
 	if item.GetArtifact() != nil {
 		revision = item.GetArtifact().Revision
 	}
 	status, msg := statusAndMessage(item.Status.Conditions)
 	return append(nameColumns(&item, includeNamespace, includeKind),
 		revision, strings.Title(strconv.FormatBool(item.Spec.Suspend)), status, msg)
 }
 func (a ociRepositoryListAdapter) headers(includeNamespace bool) []string {
 	headers := []string{"Name", "Revision", "Suspended", "Ready", "Message"}
 	if includeNamespace {
 		headers = append([]string{"Namespace"}, headers...)
 	}
 	return headers
 }
 func (a ociRepositoryListAdapter) statusSelectorMatches(i int, conditionType, conditionStatus string) bool {
 	item := a.Items[i]
 	return statusMatches(conditionType, conditionStatus, item.Status.Conditions)
 }
--- a/cmd/flux/image_test.go
+++ b/cmd/flux/image_test.go
@@ -1,22 +1,6 @@
 //go:build e2e
 // +build e2e
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import "testing"
--- a/cmd/flux/install.go
+++ b/cmd/flux/install.go
@@ -27,7 +27,6 @@ import (
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/flux2/pkg/manifestgen"
 	"github.com/fluxcd/flux2/pkg/manifestgen/install"
 	"github.com/fluxcd/flux2/pkg/status"
 )
@@ -38,13 +37,10 @@ var installCmd = &cobra.Command{
 	Long: `The install command deploys Flux in the specified namespace.
 If a previous version is installed, then an in-place upgrade will be performed.`,
 	Example: `  # Install the latest version in the flux-system namespace
-  flux install --namespace=flux-system
+  flux install --version=latest --namespace=flux-system
-  # Install a specific series of components
+  # Install a specific version and a series of components
-  flux install --components="source-controller,kustomize-controller"
+  flux install --version=v0.0.7 --components="source-controller,kustomize-controller"
  # Install all components including the image automation ones
  flux install --components-extra="image-reflector-controller,image-automation-controller"
  # Install Flux onto tainted Kubernetes nodes
  flux install --toleration-keys=node.kubernetes.io/dedicated-to-flux
@@ -88,7 +84,7 @@ func init() {
 	installCmd.Flags().StringSliceVar(&installArgs.defaultComponents, "components", rootArgs.defaults.Components,
 		"list of components, accepts comma-separated values")
 	installCmd.Flags().StringSliceVar(&installArgs.extraComponents, "components-extra", nil,
-		"list of components in addition to those supplied or defaulted, accepts values such as 'image-reflector-controller,image-automation-controller'")
+		"list of components in addition to those supplied or defaulted, accepts comma-separated values")
 	installCmd.Flags().StringVar(&installArgs.manifestsPath, "manifests", "", "path to the manifest directory")
 	installCmd.Flags().StringVar(&installArgs.registry, "registry", rootArgs.defaults.Registry,
 		"container registry where the toolkit images are published")
@@ -135,7 +131,7 @@ func installCmdRun(cmd *cobra.Command, args []string) error {
 		logger.Generatef("generating manifests")
 	}
-	tmpDir, err := manifestgen.MkdirTempAbs("", *kubeconfigArgs.Namespace)
+	tmpDir, err := os.MkdirTemp("", *kubeconfigArgs.Namespace)
 	if err != nil {
 		return err
 	}
@@ -194,14 +190,14 @@ func installCmdRun(cmd *cobra.Command, args []string) error {
 		return nil
 	}
-	applyOutput, err := utils.Apply(ctx, kubeconfigArgs, kubeclientOptions, tmpDir, filepath.Join(tmpDir, manifest.Path))
+	applyOutput, err := utils.Apply(ctx, kubeconfigArgs, filepath.Join(tmpDir, manifest.Path))
 	if err != nil {
 		return fmt.Errorf("install failed: %w", err)
 	}
 	fmt.Fprintln(os.Stderr, applyOutput)
-	kubeConfig, err := utils.KubeConfig(kubeconfigArgs, kubeclientOptions)
+	kubeConfig, err := utils.KubeConfig(kubeconfigArgs)
 	if err != nil {
 		return fmt.Errorf("install failed: %w", err)
 	}
--- a/cmd/flux/install_test.go
+++ b/cmd/flux/install_test.go
@@ -1,53 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import "testing"
 func TestInstall(t *testing.T) {
 	// The pointer to kubeconfigArgs.Namespace is shared across
 	// the tests. When a new value is set, it will linger and
 	// impact subsequent tests.
 	// Given that this test uses an invalid namespace, it ensures
 	// to restore whatever value it had previously.
 	currentNamespace := *kubeconfigArgs.Namespace
 	defer func() {
 		*kubeconfigArgs.Namespace = currentNamespace
 	}()
 	tests := []struct {
 		name   string
 		args   string
 		assert assertFunc
 	}{
 		{
 			name:   "invalid namespace",
 			args:   "install --namespace='@#[]'",
 			assert: assertError("namespace must be a valid DNS label: \"@#[]\""),
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			cmd := cmdTestCase{
 				args:   tt.args,
 				assert: tt.assert,
 			}
 			cmd.runTestCmd(t)
 		})
 	}
 }
--- a/cmd/flux/list.go
+++ b/cmd/flux/list.go
@@ -1,31 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 )
 var listCmd = &cobra.Command{
 	Use:   "list",
 	Short: "List artifacts",
 	Long:  "The list command is used for printing the OCI artifacts metadata.",
 }
 func init() {
 	rootCmd.AddCommand(listCmd)
 }
--- a/cmd/flux/list_artifact.go
+++ b/cmd/flux/list_artifact.go
@@ -1,76 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"github.com/spf13/cobra"
 	oci "github.com/fluxcd/pkg/oci/client"
 	"github.com/fluxcd/flux2/pkg/printers"
 )
 var listArtifactsCmd = &cobra.Command{
 	Use:   "artifacts",
 	Short: "list artifacts",
 	Long: `The list command fetches the tags and their metadata from a remote OCI repository.
 The command uses the credentials from '~/.docker/config.json'.`,
 	Example: `  # List the artifacts stored in an OCI repository
  flux list artifact oci://ghcr.io/org/config/app
 `,
 	RunE: listArtifactsCmdRun,
 }
 func init() {
 	listCmd.AddCommand(listArtifactsCmd)
 }
 func listArtifactsCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("artifact repository URL is required")
 	}
 	ociURL := args[0]
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	ociClient := oci.NewLocalClient()
 	url, err := oci.ParseArtifactURL(ociURL)
 	if err != nil {
 		return err
 	}
 	metas, err := ociClient.List(ctx, url)
 	if err != nil {
 		return err
 	}
 	var rows [][]string
 	for _, meta := range metas {
 		rows = append(rows, []string{meta.URL, meta.Digest, meta.Source, meta.Revision})
 	}
 	err = printers.TablePrinter([]string{"artifact", "digest", "source", "revision"}).Print(cmd.OutOrStdout(), rows)
 	if err != nil {
 		return err
 	}
 	return nil
 }
--- a/cmd/flux/logs.go
+++ b/cmd/flux/logs.go
@@ -80,8 +80,6 @@ var logsArgs = &logsFlags{
 	tail: -1,
 }
 const controllerContainer = "manager"
 func init() {
 	logsCmd.Flags().Var(&logsArgs.logLevel, "level", logsArgs.logLevel.Description())
 	logsCmd.Flags().StringVarP(&logsArgs.kind, "kind", "", logsArgs.kind, "displays errors of a particular toolkit kind e.g GitRepository")
@@ -101,7 +99,7 @@ func logsCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	cfg, err := utils.KubeConfig(kubeconfigArgs, kubeclientOptions)
+	cfg, err := utils.KubeConfig(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
@@ -148,10 +146,6 @@ func logsCmdRun(cmd *cobra.Command, args []string) error {
 	var requests []rest.ResponseWrapper
 	for _, pod := range pods {
 		logOpts := logOpts.DeepCopy()
 		if len(pod.Spec.Containers) > 1 {
 			logOpts.Container = controllerContainer
 		}
 		req := clientset.CoreV1().Pods(logsArgs.fluxNamespace).GetLogs(pod.Name, logOpts)
 		requests = append(requests, req)
 	}
@@ -204,10 +198,12 @@ func parallelPodLogs(ctx context.Context, requests []rest.ResponseWrapper) error
 	wg := &sync.WaitGroup{}
 	wg.Add(len(requests))
 	var mutex = &sync.Mutex{}
 	for _, request := range requests {
 		go func(req rest.ResponseWrapper) {
 			defer wg.Done()
-			if err := logRequest(ctx, req, writer); err != nil {
+			if err := logRequest(mutex, ctx, req, os.Stdout); err != nil {
 				writer.CloseWithError(err)
 				return
 			}
@@ -224,8 +220,9 @@ func parallelPodLogs(ctx context.Context, requests []rest.ResponseWrapper) error
 }
 func podLogs(ctx context.Context, requests []rest.ResponseWrapper) error {
 	mutex := &sync.Mutex{}
 	for _, req := range requests {
-		if err := logRequest(ctx, req, os.Stdout); err != nil {
+		if err := logRequest(mutex, ctx, req, os.Stdout); err != nil {
 			return err
 		}
 	}
@@ -243,7 +240,7 @@ func createLabelStringFromMap(m map[string]string) string {
 	return strings.Join(strArr, ",")
 }
-func logRequest(ctx context.Context, request rest.ResponseWrapper, w io.Writer) error {
+func logRequest(mu *sync.Mutex, ctx context.Context, request rest.ResponseWrapper, w io.Writer) error {
 	stream, err := request.Stream(ctx)
 	if err != nil {
 		return err
@@ -258,7 +255,6 @@ func logRequest(ctx context.Context, request rest.ResponseWrapper, w io.Writer)
 		return fmt.Errorf("unable to create template, err: %s", err)
 	}
 	bw := bufio.NewWriter(w)
 	for scanner.Scan() {
 		line := scanner.Text()
 		if !strings.HasPrefix(line, "{") {
@@ -269,22 +265,26 @@ func logRequest(ctx context.Context, request rest.ResponseWrapper, w io.Writer)
 			logger.Failuref("parse error: %s", err)
 			break
 		}
-		filterPrintLog(t, &l, bw)
+
-		bw.Flush()
+		mu.Lock()
 		filterPrintLog(t, &l)
 		mu.Unlock()
 	}
 	return nil
 }
-func filterPrintLog(t *template.Template, l *ControllerLogEntry, w io.Writer) {
+func filterPrintLog(t *template.Template, l *ControllerLogEntry) {
-	if (logsArgs.logLevel == "" || logsArgs.logLevel == l.Level) &&
+	if logsArgs.logLevel != "" && logsArgs.logLevel != l.Level ||
-		(logsArgs.kind == "" || strings.EqualFold(logsArgs.kind, l.Kind)) &&
+		logsArgs.kind != "" && strings.ToLower(logsArgs.kind) != strings.ToLower(l.Kind) ||
-		(logsArgs.name == "" || strings.EqualFold(logsArgs.name, l.Name)) &&
+		logsArgs.name != "" && strings.ToLower(logsArgs.name) != strings.ToLower(l.Name) ||
-		(logsArgs.allNamespaces || strings.EqualFold(*kubeconfigArgs.Namespace, l.Namespace)) {
+		!logsArgs.allNamespaces && strings.ToLower(*kubeconfigArgs.Namespace) != strings.ToLower(l.Namespace) {
-		err := t.Execute(w, l)
+		return
-		if err != nil {
+	}
-			logger.Failuref("log template error: %s", err)
+
-		}
+	err := t.Execute(os.Stdout, l)
 	if err != nil {
 		logger.Failuref("log template error: %s", err)
 	}
 }
--- a/cmd/flux/logs_test.go
+++ b/cmd/flux/logs_test.go
@@ -20,14 +20,7 @@ limitations under the License.
 package main
 import (
 	"bytes"
 	"context"
 	"io"
 	"os"
 	"strings"
 	"testing"
 	. "github.com/onsi/gomega"
 )
 func TestLogsNoArgs(t *testing.T) {
@@ -85,105 +78,3 @@ func TestLogsSinceOnlyOneAllowed(t *testing.T) {
 	}
 	cmd.runTestCmd(t)
 }
 func TestLogRequest(t *testing.T) {
 	mapper := &testResponseMapper{}
 	tests := []struct {
 		name       string
 		namespace  string
 		flags      *logsFlags
 		assertFile string
 	}{
 		{
 			name: "all logs",
 			flags: &logsFlags{
 				tail:          -1,
 				allNamespaces: true,
 			},
 			assertFile: "testdata/logs/all-logs.txt",
 		},
 		{
 			name:      "filter by namespace",
 			namespace: "default",
 			flags: &logsFlags{
 				tail: -1,
 			},
 			assertFile: "testdata/logs/namespace.txt",
 		},
 		{
 			name: "filter by kind and namespace",
 			flags: &logsFlags{
 				tail: -1,
 				kind: "Kustomization",
 			},
 			assertFile: "testdata/logs/kind.txt",
 		},
 		{
 			name: "filter by loglevel",
 			flags: &logsFlags{
 				tail:          -1,
 				logLevel:      "error",
 				allNamespaces: true,
 			},
 			assertFile: "testdata/logs/log-level.txt",
 		},
 		{
 			name:      "filter by namespace, name, loglevel and kind",
 			namespace: "flux-system",
 			flags: &logsFlags{
 				tail:     -1,
 				logLevel: "error",
 				kind:     "Kustomization",
 				name:     "podinfo",
 			},
 			assertFile: "testdata/logs/multiple-filters.txt",
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			g := NewWithT(t)
 			logsArgs = tt.flags
 			if tt.namespace != "" {
 				*kubeconfigArgs.Namespace = tt.namespace
 			}
 			w := bytes.NewBuffer([]byte{})
 			err := logRequest(context.Background(), mapper, w)
 			g.Expect(err).To(BeNil())
 			got := make([]byte, w.Len())
 			_, err = w.Read(got)
 			g.Expect(err).To(BeNil())
 			expected, err := os.ReadFile(tt.assertFile)
 			g.Expect(err).To(BeNil())
 			g.Expect(string(got)).To(Equal(string(expected)))
 			// reset flags to default
 			*kubeconfigArgs.Namespace = rootArgs.defaults.Namespace
 			logsArgs = &logsFlags{
 				tail: -1,
 			}
 		})
 	}
 }
 var testPodLogs = `{"level":"info","ts":"2022-08-02T12:55:34.419Z","logger":"controller.gitrepository","msg":"no changes since last reconcilation: observed revision","reconciler group":"source.toolkit.fluxcd.io","reconciler kind":"GitRepository","name":"podinfo","namespace":"default"}
 {"level":"error","ts":"2022-08-02T12:56:04.679Z","logger":"controller.gitrepository","msg":"no changes since last reconcilation: observed revision","reconciler group":"source.toolkit.fluxcd.io","reconciler kind":"GitRepository","name":"flux-system","namespace":"flux-system"}
 {"level":"error","ts":"2022-08-02T12:56:34.961Z","logger":"controller.kustomization","msg":"no changes since last reconcilation: observed revision","reconciler group":"kustomize.toolkit.fluxcd.io","reconciler kind":"Kustomization","name":"flux-system","namespace":"flux-system"}
 {"level":"info","ts":"2022-08-02T12:56:34.961Z","logger":"controller.kustomization","msg":"no changes since last reconcilation: observed revision","reconciler group":"kustomize.toolkit.fluxcd.io","reconciler kind":"Kustomization","name":"podinfo","namespace":"default"}
 {"level":"info","ts":"2022-08-02T12:56:34.961Z","logger":"controller.gitrepository","msg":"no changes since last reconcilation: observed revision","reconciler group":"source.toolkit.fluxcd.io","reconciler kind":"GitRepository","name":"podinfo","namespace":"default"}
 {"level":"error","ts":"2022-08-02T12:56:34.961Z","logger":"controller.kustomization","msg":"no changes since last reconcilation: observed revision","reconciler group":"kustomize.toolkit.fluxcd.io","reconciler kind":"Kustomization","name":"podinfo","namespace":"flux-system"}`
 type testResponseMapper struct {
 }
 func (t *testResponseMapper) DoRaw(_ context.Context) ([]byte, error) {
 	return nil, nil
 }
 func (t *testResponseMapper) Stream(_ context.Context) (io.ReadCloser, error) {
 	return io.NopCloser(strings.NewReader(testPodLogs)), nil
 }
--- a/cmd/flux/main.go
+++ b/cmd/flux/main.go
@@ -27,12 +27,9 @@ import (
 	"github.com/spf13/cobra"
 	"golang.org/x/term"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/util/validation"
 	"k8s.io/cli-runtime/pkg/genericclioptions"
 	_ "k8s.io/client-go/plugin/pkg/client/auth"
 	runclient "github.com/fluxcd/pkg/runtime/client"
 	"github.com/fluxcd/flux2/pkg/manifestgen/install"
 )
@@ -97,18 +94,6 @@ Command line utility for assembling Kubernetes CD pipelines the GitOps way.`,
  # Uninstall Flux and delete CRDs
  flux uninstall`,
 	PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
 		ns, err := cmd.Flags().GetString("namespace")
 		if err != nil {
 			return fmt.Errorf("error getting namespace: %w", err)
 		}
 		if e := validation.IsDNS1123Label(ns); len(e) > 0 {
 			return fmt.Errorf("namespace must be a valid DNS label: %q", ns)
 		}
 		return nil
 	},
 }
 var logger = stderrLogger{stderr: os.Stderr}
@@ -132,7 +117,6 @@ func (r *RequestError) Error() string {
 var rootArgs = NewRootFlags()
 var kubeconfigArgs = genericclioptions.NewConfigFlags(false)
 var kubeclientOptions = new(runclient.Options)
 func init() {
 	rootCmd.PersistentFlags().DurationVar(&rootArgs.timeout, "timeout", 5*time.Minute, "timeout for this operation")
@@ -150,8 +134,6 @@ func init() {
 	kubeconfigArgs.APIServer = &apiServer
 	rootCmd.PersistentFlags().StringVar(kubeconfigArgs.APIServer, "server", *kubeconfigArgs.APIServer, "The address and port of the Kubernetes API server")
 	kubeclientOptions.BindFlags(rootCmd.PersistentFlags())
 	rootCmd.RegisterFlagCompletionFunc("context", contextsCompletionFunc)
 	rootCmd.RegisterFlagCompletionFunc("namespace", resourceNamesCompletionFunc(corev1.SchemeGroupVersion.WithKind("Namespace")))
@@ -191,18 +173,17 @@ func configureDefaultNamespace() {
 	*kubeconfigArgs.Namespace = rootArgs.defaults.Namespace
 	fromEnv := os.Getenv("FLUX_SYSTEM_NAMESPACE")
 	if fromEnv != "" {
 		// namespace must be a valid DNS label. Assess against validation
 		// used upstream, and ignore invalid values as environment vars
 		// may not be actively provided by end-user.
 		if e := validation.IsDNS1123Label(fromEnv); len(e) > 0 {
 			logger.Warningf(" ignoring invalid FLUX_SYSTEM_NAMESPACE: %q", fromEnv)
 			return
 		}
 		kubeconfigArgs.Namespace = &fromEnv
 	}
 }
 func homeDir() string {
 	if h := os.Getenv("HOME"); h != "" {
 		return h
 	}
 	return os.Getenv("USERPROFILE") // windows
 }
 // readPasswordFromStdin reads a password from stdin and returns the input
 // with trailing newline and/or carriage return removed. It also makes sure that terminal
 // echoing is turned off if stdin is a terminal.
--- a/cmd/flux/main_test.go
+++ b/cmd/flux/main_test.go
@@ -20,7 +20,6 @@ import (
 	"bufio"
 	"bytes"
 	"context"
 	"flag"
 	"fmt"
 	"io"
 	"os"
@@ -43,9 +42,6 @@ import (
 var nextNamespaceId int64
 // update allows golden files to be updated based on the current output.
 var update = flag.Bool("update", false, "update golden files")
 // Return a unique namespace with the specified prefix, for tests to create
 // objects that won't collide with each other.
 func allocateNamespace(prefix string) string {
@@ -302,18 +298,6 @@ func assertGoldenTemplateFile(goldenFile string, templateValues map[string]strin
 			expectedOutput = string(goldenFileContents)
 		}
 		if assertErr := assertGoldenValue(expectedOutput)(output, err); assertErr != nil {
 			// Update the golden files if comparison fails and the update flag is set.
 			if *update && output != "" {
 				// Skip update if there are template values.
 				if len(templateValues) > 0 {
 					fmt.Println("NOTE: -update flag passed but golden template files can't be updated, please update it manually")
 				} else {
 					if err := os.WriteFile(goldenFile, []byte(output), 0644); err != nil {
 						return fmt.Errorf("failed to update golden file '%s': %v", goldenFile, err)
 					}
 					return nil
 				}
 			}
 			return fmt.Errorf("Mismatch from golden file '%s': %v", goldenFile, assertErr)
 		}
 		return nil
@@ -386,12 +370,7 @@ func executeCommand(cmd string) (string, error) {
 func resetCmdArgs() {
 	createArgs = createFlags{}
 	getArgs = GetFlags{}
 	sourceHelmArgs = sourceHelmFlags{}
 	sourceOCIRepositoryArgs = sourceOCIRepositoryFlags{}
 	sourceGitArgs = sourceGitFlags{}
 	sourceBucketArgs = sourceBucketFlags{}
 	secretGitArgs = NewSecretGitFlags()
 	*kubeconfigArgs.Namespace = rootArgs.defaults.Namespace
 }
 func isChangeError(err error) bool {
--- a/cmd/flux/pull.go
+++ b/cmd/flux/pull.go
@@ -1,31 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 )
 var pullCmd = &cobra.Command{
 	Use:   "pull",
 	Short: "Pull artifacts",
 	Long:  "The pull command is used to download OCI artifacts.",
 }
 func init() {
 	rootCmd.AddCommand(pullCmd)
 }
--- a/cmd/flux/pull_artifact.go
+++ b/cmd/flux/pull_artifact.go
@@ -1,87 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"os"
 	"github.com/spf13/cobra"
 	oci "github.com/fluxcd/pkg/oci/client"
 )
 var pullArtifactCmd = &cobra.Command{
 	Use:   "artifact",
 	Short: "Pull artifact",
 	Long: `The pull artifact command downloads and extracts the OCI artifact content to the given path.
 The pull command uses the credentials from '~/.docker/config.json'.`,
 	Example: `  # Pull an OCI artifact created by flux from GHCR
  flux pull artifact oci://ghcr.io/org/manifests/app:v0.0.1 --output ./path/to/local/manifests
 `,
 	RunE: pullArtifactCmdRun,
 }
 type pullArtifactFlags struct {
 	output string
 }
 var pullArtifactArgs pullArtifactFlags
 func init() {
 	pullArtifactCmd.Flags().StringVarP(&pullArtifactArgs.output, "output", "o", "", "path where the artifact content should be extracted.")
 	pullCmd.AddCommand(pullArtifactCmd)
 }
 func pullArtifactCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("artifact URL is required")
 	}
 	ociURL := args[0]
 	if pullArtifactArgs.output == "" {
 		return fmt.Errorf("invalid output path %s", pullArtifactArgs.output)
 	}
 	if fs, err := os.Stat(pullArtifactArgs.output); err != nil || !fs.IsDir() {
 		return fmt.Errorf("invalid output path %s", pullArtifactArgs.output)
 	}
 	ociClient := oci.NewLocalClient()
 	url, err := oci.ParseArtifactURL(ociURL)
 	if err != nil {
 		return err
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	logger.Actionf("pulling artifact from %s", url)
 	meta, err := ociClient.Pull(ctx, url, pullArtifactArgs.output)
 	if err != nil {
 		return err
 	}
 	logger.Successf("source %s", meta.Source)
 	logger.Successf("revision %s", meta.Revision)
 	logger.Successf("digest %s", meta.Digest)
 	logger.Successf("artifact content extracted to %s", pullArtifactArgs.output)
 	return nil
 }
--- a/cmd/flux/push.go
+++ b/cmd/flux/push.go
@@ -1,31 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"github.com/spf13/cobra"
 )
 var pushCmd = &cobra.Command{
 	Use:   "push",
 	Short: "Push artifacts",
 	Long:  "The push command is used to publish OCI artifacts.",
 }
 func init() {
 	rootCmd.AddCommand(pushCmd)
 }
--- a/cmd/flux/push_artifact.go
+++ b/cmd/flux/push_artifact.go
@@ -1,113 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"os"
 	"github.com/spf13/cobra"
 	oci "github.com/fluxcd/pkg/oci/client"
 )
 var pushArtifactCmd = &cobra.Command{
 	Use:   "artifact",
 	Short: "Push artifact",
 	Long: `The push artifact command creates a tarball from the given directory and uploads the artifact to an OCI repository.
 The command uses the credentials from '~/.docker/config.json'.`,
 	Example: `  # Push manifests to GHCR using the short Git SHA as the OCI artifact tag
  echo $GITHUB_PAT | docker login ghcr.io --username flux --password-stdin
  flux push artifact oci://ghcr.io/org/config/app:$(git rev-parse --short HEAD) \
 	--path="./path/to/local/manifests" \
 	--source="$(git config --get remote.origin.url)" \
 	--revision="$(git branch --show-current)/$(git rev-parse HEAD)"
  # Push manifests to Docker Hub using the Git tag as the OCI artifact tag
  echo $DOCKER_PAT | docker login --username flux --password-stdin
  flux push artifact oci://docker.io/org/app-config:$(git tag --points-at HEAD) \
 	--path="./path/to/local/manifests" \
 	--source="$(git config --get remote.origin.url)" \
 	--revision="$(git tag --points-at HEAD)/$(git rev-parse HEAD)"
 `,
 	RunE: pushArtifactCmdRun,
 }
 type pushArtifactFlags struct {
 	path     string
 	source   string
 	revision string
 }
 var pushArtifactArgs pushArtifactFlags
 func init() {
 	pushArtifactCmd.Flags().StringVar(&pushArtifactArgs.path, "path", "", "path to the directory where the Kubernetes manifests are located")
 	pushArtifactCmd.Flags().StringVar(&pushArtifactArgs.source, "source", "", "the source address, e.g. the Git URL")
 	pushArtifactCmd.Flags().StringVar(&pushArtifactArgs.revision, "revision", "", "the source revision in the format '<branch|tag>/<commit-sha>'")
 	pushCmd.AddCommand(pushArtifactCmd)
 }
 func pushArtifactCmdRun(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("artifact URL is required")
 	}
 	ociURL := args[0]
 	if pushArtifactArgs.source == "" {
 		return fmt.Errorf("--source is required")
 	}
 	if pushArtifactArgs.revision == "" {
 		return fmt.Errorf("--revision is required")
 	}
 	if pushArtifactArgs.path == "" {
 		return fmt.Errorf("invalid path %q", pushArtifactArgs.path)
 	}
 	ociClient := oci.NewLocalClient()
 	url, err := oci.ParseArtifactURL(ociURL)
 	if err != nil {
 		return err
 	}
 	if fs, err := os.Stat(pushArtifactArgs.path); err != nil || !fs.IsDir() {
 		return fmt.Errorf("invalid path %q", pushArtifactArgs.path)
 	}
 	meta := oci.Metadata{
 		Source:   pushArtifactArgs.source,
 		Revision: pushArtifactArgs.revision,
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
 	logger.Actionf("pushing artifact to %s", url)
 	digest, err := ociClient.Push(ctx, url, pushArtifactArgs.path, meta)
 	if err != nil {
 		return fmt.Errorf("pushing artifact failed: %w", err)
 	}
 	logger.Successf("artifact successfully pushed to %s", digest)
 	return nil
 }
--- a/cmd/flux/reconcile.go
+++ b/cmd/flux/reconcile.go
@@ -60,22 +60,13 @@ type reconcilable interface {
 	GetAnnotations() map[string]string
 	SetAnnotations(map[string]string)
 	// this is usually implemented by GOTK types, since it's used for meta.SetResourceCondition
 	GetStatusConditions() *[]metav1.Condition
 	lastHandledReconcileRequest() string // what was the last handled reconcile request?
 	successMessage() string              // what do you want to tell people when successfully reconciled?
 }
 func reconcilableConditions(object reconcilable) []metav1.Condition {
 	if s, ok := object.(meta.ObjectWithConditions); ok {
 		return s.GetConditions()
 	}
 	if s, ok := object.(oldConditions); ok {
 		return *s.GetStatusConditions()
 	}
 	return []metav1.Condition{}
 }
 func (reconcile reconcileCommand) run(cmd *cobra.Command, args []string) error {
 	if len(args) < 1 {
 		return fmt.Errorf("%s name is required", reconcile.kind)
@@ -85,7 +76,7 @@ func (reconcile reconcileCommand) run(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
@@ -127,7 +118,7 @@ func (reconcile reconcileCommand) run(cmd *cobra.Command, args []string) error {
 		reconciliationHandled(ctx, kubeClient, namespacedName, reconcile.object, lastHandledReconcileAt)); err != nil {
 		return err
 	}
-	readyCond := apimeta.FindStatusCondition(reconcilableConditions(reconcile.object), meta.ReadyCondition)
+	readyCond := apimeta.FindStatusCondition(*reconcile.object.GetStatusConditions(), meta.ReadyCondition)
 	if readyCond == nil {
 		return fmt.Errorf("status can't be determined")
 	}
@@ -146,7 +137,7 @@ func reconciliationHandled(ctx context.Context, kubeClient client.Client,
 		if err != nil {
 			return false, err
 		}
-		isProgressing := apimeta.IsStatusConditionPresentAndEqual(reconcilableConditions(obj),
+		isProgressing := apimeta.IsStatusConditionPresentAndEqual(*obj.GetStatusConditions(),
 			meta.ReadyCondition, metav1.ConditionUnknown)
 		return obj.lastHandledReconcileRequest() != lastHandledReconcileAt && !isProgressing, nil
 	}
@@ -183,7 +174,7 @@ func isReconcileReady(ctx context.Context, kubeClient client.Client,
 			return false, err
 		}
-		if c := apimeta.FindStatusCondition(reconcilableConditions(obj), meta.ReadyCondition); c != nil {
+		if c := apimeta.FindStatusCondition(*obj.GetStatusConditions(), meta.ReadyCondition); c != nil {
 			switch c.Status {
 			case metav1.ConditionTrue:
 				return true, nil
--- a/cmd/flux/reconcile_alertprovider.go
+++ b/cmd/flux/reconcile_alertprovider.go
@@ -54,7 +54,7 @@ func reconcileAlertProviderCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/reconcile_helmrelease.go
+++ b/cmd/flux/reconcile_helmrelease.go
@@ -21,7 +21,7 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	helmv2 "github.com/fluxcd/helm-controller/api/v2beta1"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var reconcileHrCmd = &cobra.Command{
--- a/cmd/flux/reconcile_kustomization.go
+++ b/cmd/flux/reconcile_kustomization.go
@@ -21,7 +21,7 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1beta2"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var reconcileKsCmd = &cobra.Command{
@@ -65,11 +65,6 @@ func (obj kustomizationAdapter) reconcileSource() bool {
 func (obj kustomizationAdapter) getSource() (reconcileCommand, types.NamespacedName) {
 	var cmd reconcileCommand
 	switch obj.Spec.SourceRef.Kind {
 	case sourcev1.OCIRepositoryKind:
 		cmd = reconcileCommand{
 			apiType: ociRepositoryType,
 			object:  ociRepositoryAdapter{&sourcev1.OCIRepository{}},
 		}
 	case sourcev1.GitRepositoryKind:
 		cmd = reconcileCommand{
 			apiType: gitRepositoryType,
--- a/cmd/flux/reconcile_receiver.go
+++ b/cmd/flux/reconcile_receiver.go
@@ -54,7 +54,7 @@ func reconcileReceiverCmdRun(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/cmd/flux/reconcile_source_bucket.go
+++ b/cmd/flux/reconcile_source_bucket.go
@@ -17,11 +17,18 @@ limitations under the License.
 package main
 import (
 	"context"
 	"fmt"
 	"github.com/spf13/cobra"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/controller-runtime/pkg/client"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	"github.com/fluxcd/pkg/apis/meta"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var reconcileSourceBucketCmd = &cobra.Command{
@@ -41,6 +48,31 @@ func init() {
 	reconcileSourceCmd.AddCommand(reconcileSourceBucketCmd)
 }
 func isBucketReady(ctx context.Context, kubeClient client.Client,
 	namespacedName types.NamespacedName, bucket *sourcev1.Bucket) wait.ConditionFunc {
 	return func() (bool, error) {
 		err := kubeClient.Get(ctx, namespacedName, bucket)
 		if err != nil {
 			return false, err
 		}
 		// Confirm the state we are observing is for the current generation
 		if bucket.Generation != bucket.Status.ObservedGeneration {
 			return false, nil
 		}
 		if c := apimeta.FindStatusCondition(bucket.Status.Conditions, meta.ReadyCondition); c != nil {
 			switch c.Status {
 			case metav1.ConditionTrue:
 				return true, nil
 			case metav1.ConditionFalse:
 				return false, fmt.Errorf(c.Message)
 			}
 		}
 		return false, nil
 	}
 }
 func (obj bucketAdapter) lastHandledReconcileRequest() string {
 	return obj.Status.GetLastHandledReconcileRequest()
 }
--- a/cmd/flux/reconcile_source_git.go
+++ b/cmd/flux/reconcile_source_git.go
@@ -21,7 +21,7 @@ import (
 	"github.com/spf13/cobra"
-	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 )
 var reconcileSourceGitCmd = &cobra.Command{
--- a/cmd/flux/reconcile_source_helm.go
+++ b/cmd/flux/reconcile_source_helm.go
@@ -21,9 +21,7 @@ import (
 	"github.com/spf13/cobra"
-	"github.com/fluxcd/pkg/apis/meta"
+	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
 	"github.com/fluxcd/pkg/runtime/conditions"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
 )
 var reconcileSourceHelmCmd = &cobra.Command{
@@ -48,15 +46,5 @@ func (obj helmRepositoryAdapter) lastHandledReconcileRequest() string {
 }
 func (obj helmRepositoryAdapter) successMessage() string {
 	// HelmRepository of type OCI don't set an Artifact
 	if obj.Spec.Type == sourcev1.HelmRepositoryTypeOCI {
 		readyCondition := conditions.Get(obj.HelmRepository, meta.ReadyCondition)
 		// This shouldn't happen, successMessage shouldn't be called if
 		// object isn't ready
 		if readyCondition == nil {
 			return ""
 		}
 		return readyCondition.Message
 	}
 	return fmt.Sprintf("fetched revision %s", obj.Status.Artifact.Revision)
 }
--- a/cmd/flux/reconcile_source_oci.go
+++ b/cmd/flux/reconcile_source_oci.go
@@ -1,50 +0,0 @@
 /*
 Copyright 2022 The Flux authors
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"fmt"
 	"github.com/spf13/cobra"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
 )
 var reconcileSourceOCIRepositoryCmd = &cobra.Command{
 	Use:   "oci [name]",
 	Short: "Reconcile an OCIRepository",
 	Long:  `The reconcile source command triggers a reconciliation of an OCIRepository resource and waits for it to finish.`,
 	Example: `  # Trigger a reconciliation for an existing source
  flux reconcile source oci podinfo`,
 	ValidArgsFunction: resourceNamesCompletionFunc(sourcev1.GroupVersion.WithKind(sourcev1.OCIRepositoryKind)),
 	RunE: reconcileCommand{
 		apiType: ociRepositoryType,
 		object:  ociRepositoryAdapter{&sourcev1.OCIRepository{}},
 	}.run,
 }
 func init() {
 	reconcileSourceCmd.AddCommand(reconcileSourceOCIRepositoryCmd)
 }
 func (obj ociRepositoryAdapter) lastHandledReconcileRequest() string {
 	return obj.Status.GetLastHandledReconcileRequest()
 }
 func (obj ociRepositoryAdapter) successMessage() string {
 	return fmt.Sprintf("fetched revision %s", obj.Status.Artifact.Revision)
 }
--- a/cmd/flux/reconcile_with_source.go
+++ b/cmd/flux/reconcile_with_source.go
@@ -10,8 +10,9 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"github.com/fluxcd/flux2/internal/utils"
 	"github.com/fluxcd/pkg/apis/meta"
 	"github.com/fluxcd/flux2/internal/utils"
 )
 type reconcileWithSource interface {
@@ -35,7 +36,7 @@ func (reconcile reconcileWithSourceCommand) run(cmd *cobra.Command, args []strin
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
@@ -82,7 +83,7 @@ func (reconcile reconcileWithSourceCommand) run(cmd *cobra.Command, args []strin
 		return err
 	}
-	readyCond := apimeta.FindStatusCondition(reconcilableConditions(reconcile.object), meta.ReadyCondition)
+	readyCond := apimeta.FindStatusCondition(*reconcile.object.GetStatusConditions(), meta.ReadyCondition)
 	if readyCond == nil {
 		return fmt.Errorf("status can't be determined")
 	}
--- a/cmd/flux/resume.go
+++ b/cmd/flux/resume.go
@@ -76,7 +76,7 @@ func (resume resumeCommand) run(cmd *cobra.Command, args []string) error {
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()
-	kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
+	kubeClient, err := utils.KubeClient(kubeconfigArgs)
 	if err != nil {
 		return err
 	}
--- a/Show More
+++ b/Show More