jordan/rdev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d505aba804
rdev/README.md
jordan 538ea57ed4 feat: Add claude-config API, security hardening, and testing infrastructure 
Claude Config API (v0.6):
- Add CRUD endpoints for commands, skills, and agents
- Commands/skills/agents stored in /workspace/.claude/ (per-project, in git)
- Credentials shared via PVC at /root/.claude/ (shared across pods)
- Use base64 encoding for file writes (prevents shell injection)
- Add content size limits (1MB max)

Security Hardening:
- Add sanitize package for command/prompt validation
- Add rate limiting middleware (token bucket algorithm)
- Add concurrent command limiting
- Add input sanitization to all command handlers
- Gitignore secrets.yaml and credentials.yaml
- Add *.example templates for secrets

Testing Infrastructure:
- Add testutil package with mocks and fixtures
- Add unit tests for auth package (63% coverage)
- Add unit tests for executor (47% coverage)
- Add handler integration tests (40% coverage)
- Add 100% coverage for sanitize, cmdlimit packages
- Add 96% coverage for ratelimit package

Infrastructure:
- Shared Claude credentials PVC (ReadWriteMany)
- Reduced workspace PVC size from 20Gi to 5Gi
- Add init container cleanup before git clone
- Document Longhorn RWX requirements

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-25 01:29:13 -07:00

84 lines
1.6 KiB
Markdown
Raw Blame History

# rdev - Remote Developer
Run Claude Code in isolated Kubernetes pods on your k3s cluster.
## Quick Start
```bash
# 1. Set kubeconfig (REQUIRED - this is k3s, not GKE)
export KUBECONFIG=~/.kube/orchard9-k3sf.yaml
# 2. Authenticate Claude locally (if not already)
claude
# 3. Create credentials secret
./scripts/create-credentials-secret.sh
# 4. Deploy
./scripts/deploy.sh
# 5. Verify
./scripts/verify.sh
```
## Usage
```bash
# Check Claude version
kubectl exec -n rdev claudebox-0 -- claude --version
# Interactive Claude session
kubectl exec -it -n rdev claudebox-0 -- claude "what can you help me with?"
# Run in workspace
kubectl exec -it -n rdev claudebox-0 -- bash
cd /workspace
claude "create a hello world go program"
```
## Architecture
```
k3s cluster
└── rdev namespace
└── claudebox-0 (StatefulSet)
├── Claude Code CLI
├── /workspace (20Gi PVC via Longhorn)
└── /root/.claude (credentials from secret)
```
## Roadmap
- [x] v0.1: Base case - single claudebox pod
- [ ] v0.2: Real workspace mounting (pantheon, aeries)
- [ ] v0.3: Git integration (push/pull)
- [ ] v0.4: Discord bot control
- [ ] v0.5: Streaming output
- [ ] v0.6: Multi-project routing
## Development
```bash
# Build image locally
docker build -t rdev-claudebox:dev .
# Build and push to Artifact Registry
./scripts/build-push.sh v0.1.0
```
## Troubleshooting
```bash
# Check pod status
kubectl get pods -n rdev
# View pod logs
kubectl logs claudebox-0 -n rdev
# Describe pod for events
kubectl describe pod claudebox-0 -n rdev
# Check credentials mount
kubectl exec -n rdev claudebox-0 -- ls -la /root/.claude/
```
Reference in New Issue View Git Blame Copy Permalink