A Kubernetes operator that bridges Hardware Security Module (HSM) data storage with Kubernetes Secrets, providing true secret portability th
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

chore: bump version to 0.6.20

+18 -8
+3 -3
Dockerfile
··· 20 20 && rm -rf /var/lib/apt/lists/* 21 21 22 22 # Create necessary runtime directories 23 - RUN mkdir -p /var/run/pcscd /var/lock/pcsc && \ 24 - chmod 755 /var/run/pcscd /var/lock/pcsc 23 + RUN mkdir -p /run/pcscd /var/lock/pcsc && \ 24 + chmod 755 /run/pcscd /var/lock/pcsc 25 25 26 26 WORKDIR /workspace 27 27 # Copy the Go Modules manifests ··· 78 78 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ 79 79 80 80 # Copy runtime directories 81 - COPY --from=builder /var/run/pcscd /var/run/pcscd 81 + COPY --from=builder /var/run/pcscd /run/pcscd 82 82 COPY --from=builder /var/lock/pcsc /var/lock/pcsc 83 83 84 84 # Copy application binary and entrypoint
+1 -1
Makefile
··· 3 3 # To re-generate a bundle for another specific version without changing the standard setup, you can: 4 4 # - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2) 5 5 # - use environment variables to overwrite this value (e.g export VERSION=0.0.2) 6 - VERSION ?= 0.6.19 6 + VERSION ?= 0.6.20 7 7 8 8 # CHANNELS define the bundle channels used in the bundle. 9 9 # Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")
-1
entrypoint.sh
··· 23 23 fi 24 24 25 25 # Start pcscd with debug output 26 - # Use /tmp for runtime files if root filesystem is readonly 27 26 echo "Starting pcscd..." 28 27 pcscd -f -d -a & 29 28 PCSCD_PID=$!
+2 -2
helm/hsm-secrets-operator/Chart.yaml
··· 2 2 name: hsm-secrets-operator 3 3 description: A Kubernetes operator that bridges Pico HSM binary data storage with Kubernetes Secrets 4 4 type: application 5 - version: 0.6.19 6 - appVersion: v0.6.19 5 + version: 0.6.20 6 + appVersion: v0.6.20 7 7 icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/kubernetes/icon/color/kubernetes-icon-color.svg 8 8 home: https://github.com/evanjarrett/hsm-secrets-operator 9 9 sources:
+12 -1
internal/controller/hsmpool_agent_controller.go
··· 690 690 }, 691 691 { 692 692 Name: "pcscd-run", 693 - MountPath: "/var/run/pcscd", 693 + MountPath: "/run/pcscd", 694 694 ReadOnly: false, // Required for pcscd socket 695 + }, 696 + { 697 + Name: "pcscd-lock", 698 + MountPath: "/var/lock/pcsc", 699 + ReadOnly: false, // Required for pcscd locking 695 700 }, 696 701 }, 697 702 }, ··· 714 719 }, 715 720 { 716 721 Name: "pcscd-run", 722 + VolumeSource: corev1.VolumeSource{ 723 + EmptyDir: &corev1.EmptyDirVolumeSource{}, 724 + }, 725 + }, 726 + { 727 + Name: "pcscd-lock", 717 728 VolumeSource: corev1.VolumeSource{ 718 729 EmptyDir: &corev1.EmptyDirVolumeSource{}, 719 730 },