+4

CLAUDE.md

reviewed

··· 2 2 3 3 This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository. 4 4 5 5 + ## ⚠️ Important Development Context 6 6 + 7 7 + **Remote Kubernetes Environment**: The Kubernetes cluster is running remotely, NOT on this local development system. Any local device checks (like `ls /dev/tty*` or local USB device detection) will NOT work and will not reflect the actual state of devices on the remote cluster nodes. 8 8 + 5 9 ## Development Commands 6 10 7 11 ### Building and Testing

+9 -4

Dockerfile.discovery

reviewed

··· 19 19 # Build discovery binary only 20 20 RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o discovery cmd/discovery/main.go 21 21 22 22 - # Use distroless for minimal attack surface and size 23 23 - FROM gcr.io/distroless/static:nonroot 22 22 + FROM alpine:3.22 23 23 + RUN apk add --no-cache opensc-dev ccid pcsc-lite openssl libtool libusb 24 24 + 25 25 + COPY --from=base /usr/lib/libssl.so* /usr/lib/ 26 26 + COPY --from=base /usr/lib/libcrypto.so* /usr/lib/ 27 27 + COPY --from=base /usr/local/ /usr/local/ 28 28 + 24 29 WORKDIR / 25 25 - COPY --from=builder /workspace/discovery . 30 30 + COPY --from=builder /workspace/manager . 26 31 USER 65532:65532 27 32 28 28 - ENTRYPOINT ["/discovery"] 33 33 + ENTRYPOINT ["/manager"]

+2 -2

helm/hsm-secrets-operator/Chart.yaml

reviewed

··· 2 2 name: hsm-secrets-operator 3 3 description: A Kubernetes operator that bridges Pico HSM binary data storage with Kubernetes Secrets 4 4 type: application 5 5 - version: 0.2.9 6 6 - appVersion: v0.2.9 5 5 + version: 0.2.10 6 6 + appVersion: v0.2.10 7 7 icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/kubernetes/icon/color/kubernetes-icon-color.svg 8 8 home: https://github.com/evanjarrett/hsm-secrets-operator 9 9 sources: