diff --git a/infrastructure/kustomization.yaml b/infrastructure/kustomization.yaml
index 169bd6e1d70a7c5c2d3747067555edf2ecdaa764..d03694ee6b054d4275f21a9503097cef2000f7ce 100644
--- a/infrastructure/kustomization.yaml
+++ b/infrastructure/kustomization.yaml
@@ -16,3 +16,4 @@ resources:
   - postgres
   - kubenav
   - starboard
+  - tekton
diff --git a/infrastructure/tekton/kustomization.yaml b/infrastructure/tekton/kustomization.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..87ba6bab48ba82b7294418560a8a48618772cbc0
--- /dev/null
+++ b/infrastructure/tekton/kustomization.yaml
@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: tekton-system
+resources:
+  - namespace.yaml
+  - repository.yaml
+  - release.yaml
+  - ../../shared/networkpolicies/allow-from-same-namespace.yaml
+  - ../../shared/networkpolicies/allow-from-monitoring.yaml
+patchesStrategicMerge:
+  - networkpolicy.yaml
diff --git a/infrastructure/tekton/namespace.yaml b/infrastructure/tekton/namespace.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..938b95398054e724119e3dd82b3b925ac1f07bf8
--- /dev/null
+++ b/infrastructure/tekton/namespace.yaml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: tekton-system
+  labels:
+    name: tekton-system
+    kyverno.shivering-isles.com/class: "system" 
diff --git a/infrastructure/tekton/networkpolicy.yaml b/infrastructure/tekton/networkpolicy.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1e6652a63633eac7d5a8655e2a4c70aedc34f442
--- /dev/null
+++ b/infrastructure/tekton/networkpolicy.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-from-monitoring
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/component: operator
diff --git a/infrastructure/tekton/release.yaml b/infrastructure/tekton/release.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..68d9ee3313ba683e187f4e0fe48ec542c5db0dae
--- /dev/null
+++ b/infrastructure/tekton/release.yaml
@@ -0,0 +1,32 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: tekton-operator
+  namespace: tekton-system
+spec:
+  releaseName: tekton-operator
+  chart:
+    spec:
+      chart: tekton-operator
+      sourceRef:
+        kind: GitRepository
+        name: tekton
+        namespace: tekton-system
+  interval: 5m
+  install:
+    crds: CreateReplace
+  upgrade:
+    crds: CreateReplace
+  values:
+    installCRDs: true
+    operator:
+      defaultTargetNamespace: tekton-system
+    service:
+      createServiceMonitor: true
+    securityContext:
+        capabilities:
+          drop:
+          - ALL
+        readOnlyRootFilesystem: true
+        runAsNonRoot: true
+        runAsUser: 1000
diff --git a/infrastructure/tekton/repository.yaml b/infrastructure/tekton/repository.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1bb79ad2c19c07e7feb92affb8050f2ffd1ae518
--- /dev/null
+++ b/infrastructure/tekton/repository.yaml
@@ -0,0 +1,16 @@
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: GitRepository
+metadata:
+  name: tekton
+  namespace: tekton-system
+spec:
+spec:
+  interval: 30m
+  ref:
+    commit: 8dad037328193d6694f4d8365765d8a31e32c712
+  url: https://github.com/tektoncd/operator.git
+  ignore: |
+    # exclude all
+    /*
+    # include deploy dir
+    !/chart