Initialize repository snapshot

Containerfile

@@ -0,0 +1,40 @@
+# VaultMesh Sentinel Verifier
+# Minimal image for deterministic verification tasks
+# No daemon, no ports, stateless
+
+FROM python:3.12-slim
+
+LABEL org.opencontainers.image.title="VaultMesh Sentinel"
+LABEL org.opencontainers.image.description="Deterministic seal bundle verifier"
+LABEL org.opencontainers.image.source="https://gitlab.com/vaultsovereign/ops"
+
+# Avoid interactive prompts
+ENV DEBIAN_FRONTEND=noninteractive
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
+
+# Install minimal dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    git \
+    && rm -rf /var/lib/apt/lists/*
+
+# Create non-root user
+RUN useradd --create-home --shell /bin/bash sentinel
+USER sentinel
+WORKDIR /home/sentinel
+
+# Install Python dependencies
+COPY --chown=sentinel:sentinel pyproject.toml requirements.txt* ./
+RUN pip install --user --no-cache-dir click blake3
+
+# Copy application code
+COPY --chown=sentinel:sentinel cli/ ./cli/
+COPY --chown=sentinel:sentinel tools/ ./tools/
+COPY --chown=sentinel:sentinel ledger/ ./ledger/
+
+# Set PATH for user-installed packages
+ENV PATH="/home/sentinel/.local/bin:${PATH}"
+
+# Default entrypoint - verifier help
+ENTRYPOINT ["python3"]
+CMD ["tools/vm_verify_sentinel_bundle.py", "--help"]