orchard

bitforge/orchard

Fork 0

Commit Graph

Author	SHA1	Message	Date
Mondo Diaz	ece5341199	Allow external access to local dev server - Bind orchard-server port to 0.0.0.0 for LAN testing - Add KICS exception for unbound port (local dev only)	2026-01-15 15:46:43 +00:00
Mondo Diaz	7f7ac44c46	Fix local docker-compose security settings for stock images Remove cap_drop: ALL and no-new-privileges from postgres, redis, minio, and minio-init services. These stock images require certain capabilities (SETUID, SETGID, CHOWN) to switch users during initialization. Added KICS exceptions with documentation explaining these are local development only settings - production Kubernetes uses securityContext.	2026-01-15 15:46:43 +00:00
Mondo Diaz	4b3d2fd41d	Add feature branch deployment pipeline	2026-01-14 12:29:37 -06:00

Author

SHA1

Message

Date

Mondo Diaz

ece5341199

Allow external access to local dev server

- Bind orchard-server port to 0.0.0.0 for LAN testing
- Add KICS exception for unbound port (local dev only)

2026-01-15 15:46:43 +00:00

Mondo Diaz

7f7ac44c46

Fix local docker-compose security settings for stock images

Remove cap_drop: ALL and no-new-privileges from postgres, redis, minio,
and minio-init services. These stock images require certain capabilities
(SETUID, SETGID, CHOWN) to switch users during initialization.

Added KICS exceptions with documentation explaining these are local
development only settings - production Kubernetes uses securityContext.

2026-01-15 15:46:43 +00:00

Mondo Diaz

4b3d2fd41d

Add feature branch deployment pipeline

2026-01-14 12:29:37 -06:00

3 Commits