This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
This is a UDS (Unicorn Delivery Service) package for SocketZero, following the Defense Unicorns UDS package template structure. The package deploys SocketZero application using Zarf and UDS bundle configurations with Helm charts.
Use the UDS CLI with these tasks defined in tasks.yaml:
uds run- Setup k3d cluster and deploy package (default)uds run dev- Create and deploy bundle on existing cluster (faster iteration)uds run create-dev-package- Create package with--skip-sbomflaguds run test-install- Test deploying current branch to new clusteruds run test-upgrade- Test upgrade from latest released packageuds run publish-package- Build, test, and publish packages
uds run test:all- Run all tests (health check, ingress, UI tests)uds run test:health-check- Verify SocketZero deployment is availableuds run test:ingress- Check SocketZero UI accessibility at https://socketzero.uds.devuds run test:ui- Run Playwright tests in Docker container
To run Playwright tests locally without Docker:
cd tests && npm ci && npx playwright test
# Run a single test file:
npx playwright test socketzero.test.ts
# Run with specific browser:
npx playwright test --project=chromiumThe repository uses common UDS tasks imported from uds-common v1.23.0:
create:package,create:test-bundle- Package creationdeploy:test-bundle- Bundle deploymentsetup:k3d-test-cluster- Test cluster setuplint,pull,upgrade,compliance- Standard operations
uds zarf package create
uds create bundle --confirm
uds deploy bundle/uds-bundle-socketzero-<arch>-0.0.1.tar.zst --confirm \
--set socketzero_license_org="<org>" \
--set socketzero_license_key="<key>" \
--set socketzero_config="$(cat config.json | base64)"- Root
zarf.yaml- Main package definition importing fromcommon/zarf.yaml common/zarf.yaml- Core component definition with SocketZero Helm chart and UDS config chartbundle/uds-bundle.yaml- UDS bundle for testing with variable overrideschart/- UDS Package custom resources (SSO, network policies, virtual services)
- SocketZero Application - Deployed via Helm chart from https://github.com/radiusmethod/socketzero-helm.git (v0.7.1)
- Redis - Bundled dependency using Iron Bank image (
registry1.dso.mil/ironbank/bitnami/redis:8.0.3) - UDS Package Resource - Configures SSO integration and network policies in
chart/templates/uds-package.yaml - Values Files - Environment-specific configurations in
values/directory
- SSO Integration - Keycloak-based authentication with authservice selector on
app.kubernetes.io/name: socketzero - Network Policies - Ambient mesh mode with intra-namespace ingress/egress rules
- Service Exposure - SocketZero service exposed via tenant gateway on port 9997 at
socketzero.{{ domain }}
Uses Registry1 Iron Bank images:
registry1.dso.mil/ironbank/radiusmethod/socketzero/receiver:0.7.1registry1.dso.mil/ironbank/bitnami/redis:8.0.3
Key Zarf variables defined in root zarf.yaml:
DOMAIN(default: "uds.dev")SOCKETZERO_CONFIG- Base64-encoded JSON configurationSOCKETZERO_LICENSE_ORG- Organization name for licenseSOCKETZERO_LICENSE_KEY- License key
This repository uses Conventional Commits format. The CI workflow (.github/workflows/commitlint.yaml) validates PR titles against this format.
<type>(<optional scope>): <description>
feat- New featurefix- Bug fixdocs- Documentation onlystyle- Formatting, missing semicolons, etc.refactor- Code change that neither fixes a bug nor adds a featureperf- Performance improvementtest- Adding or updating testsbuild- Changes to build system or dependenciesci- CI configuration changeschore- Other changes that don't modify src or test filesrevert- Reverts a previous commit
feat: add redis support
fix(sso): correct keycloak redirect URL
chore: sync with uds package template
docs: update deployment instructions
Run commitlint locally:
echo "your commit message" | npx commitlintThe configuration is in commitlint.config.js.