evan.jarrett.net / hsm-secrets-operator
A Kubernetes operator that bridges Hardware Security Module (HSM) data storage with Kubernetes Secrets, providing true secret portability th
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

update helmchart

Evan Jarrett 5ea339ac 82f30377

+41 -11
+30 -1
CLAUDE.md
··· 26 26 # Run specific test package 27 27 go test ./internal/controller -v 28 28 go test ./internal/hsm -v 29 + go test ./internal/discovery -v 30 + go test ./internal/api -v 29 31 30 32 # Code quality (ALWAYS RUN BEFORE COMMITTING) 31 33 make fmt # Format code (or: gofmt -w .) ··· 56 58 make docker-build-all 57 59 ``` 58 60 61 + ### CRD Management 62 + ```bash 63 + # Generate CRDs and RBAC manifests 64 + make manifests # Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects 65 + make generate # Generate DeepCopy methods for CRD types 66 + 67 + # Install CRDs into cluster 68 + make install # Install CRDs into the K8s cluster 69 + make uninstall # Uninstall CRDs from the K8s cluster 70 + 71 + # Deploy operator to cluster 72 + make deploy IMG=<some-registry>/hsm-secrets-operator:tag 73 + make undeploy # Remove operator from cluster 74 + ``` 75 + 76 + ### Helm Chart Commands 77 + ```bash 78 + # Lint Helm chart 79 + helm lint helm/hsm-secrets-operator 80 + 81 + # Template Helm chart for validation 82 + helm template test helm/hsm-secrets-operator 83 + 84 + # Sync CRDs to Helm after changes 85 + make helm-sync # Copies CRDs from config/crd/bases/ to helm/hsm-secrets-operator/crds/ 86 + ``` 87 + 59 88 ## Code Quality Requirements 60 89 61 90 **⚠️ CRITICAL: Always run these commands before making code changes:** ··· 75 104 76 105 **Why this matters:** 77 106 - `gofmt` ensures consistent formatting across the codebase 78 - - `golangci-lint` catches potential bugs, inefficient code, and style violations 107 + - `golangci-lint` catches potential bugs, inefficient code, and style violations (configured in `.golangci.yml`) 79 108 - Running these tools prevents CI/CD failures and maintains code quality 80 109 - **The status update loop bug** was caught by adding proper linting workflows 81 110
+2 -2
helm/hsm-secrets-operator/Chart.yaml
··· 2 2 name: hsm-secrets-operator 3 3 description: A Kubernetes operator that bridges Pico HSM binary data storage with Kubernetes Secrets 4 4 type: application 5 - version: 0.2.7 6 - appVersion: v0.2.7 5 + version: 0.2.8 6 + appVersion: v0.2.8 7 7 icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/kubernetes/icon/color/kubernetes-icon-color.svg 8 8 home: https://github.com/evanjarrett/hsm-secrets-operator 9 9 sources:
+9 -8
helm/hsm-secrets-operator/templates/resources.yaml
··· 42 42 {{- with .maxDevices }} 43 43 maxDevices: {{ . }} 44 44 {{- end }} 45 - {{- with .pkcs11LibraryPath }} 46 - pkcs11LibraryPath: {{ . }} 45 + {{- with .discovery }} 46 + discovery: 47 + {{- toYaml . | nindent 4 }} 48 + {{- end }} 49 + {{- with .pkcs11 }} 50 + pkcs11: 51 + {{- toYaml . | nindent 4 }} 47 52 {{- end }} 48 53 {{- with .nodeSelector }} 49 54 nodeSelector: 50 55 {{- toYaml . | nindent 4 }} 51 56 {{- end }} 52 - {{- with .usb }} 53 - usb: 54 - {{- toYaml . | nindent 4 }} 55 - {{- end }} 56 - {{- with .devicePath }} 57 - devicePath: 57 + {{- with .mirroring }} 58 + mirroring: 58 59 {{- toYaml . | nindent 4 }} 59 60 {{- end }} 60 61 {{- end }}