This directory contains documentation for the SPIFFE/SPIRE Zero Trust Demo.
| Document | Description |
|---|---|
| DEMO_GUIDE.md | Step-by-step guide to running the demo |
| LEARNING_GUIDE.md | Educational materials on Zero Trust and SPIFFE |
| API_TESTING.md | API reference and testing examples |
| ARCHITECTURE.md | System architecture and design |
| Document | Description |
|---|---|
| SECURITY.md | Security model, threat analysis, trust boundaries |
| OPERATIONS.md | Operational runbook, monitoring, troubleshooting |
See adr/ for architectural decisions and their rationale:
- ADR-0001 - SPIFFE/SPIRE for Workload Identity
- ADR-0002 - Permission Intersection for AI Agent Delegation
- ADR-0003 - OPA for Policy Evaluation
- ADR-0004 - Kustomize for Deployment Variants
- ADR-0005 - Separate Health Ports for mTLS Services
| Document | Description |
|---|---|
| deployment/OPENSHIFT_VS_KUBERNETES.md | Platform comparison and considerations |
| deployment/ZERO_TRUST_OPENSHIFT.md | OpenShift-specific Zero Trust implementation |
Internal development process documentation:
| Document | Description |
|---|---|
| dev/PHASE2_SPIRE_INTEGRATION.md | Phase 2 implementation notes |
| dev/PHASE3_PRODUCTION_READINESS.md | Phase 3 implementation notes |
| dev/SESSION_LOG_2026-01-22.md | Development session log |
- Main README - Project overview and quick start
- CLAUDE.md - AI assistant project guide
- CONTRIBUTING.md - Contribution guidelines