orchard

bitforge/orchard

Fork 0

Commit Graph

Author	SHA1	Message	Date
Mondo Diaz	1a7fb3e5ba	Fix security scan issues and harden docker-compose Hadolint fixes: - Use printf instead of echo for escape sequences - Add hadolint ignore for apt pin version (DL3008) KICS fixes (docker-compose): - Add security_opt: no-new-privileges to all services - Add mem_limit and cpus to prevent resource exhaustion - Add healthcheck to orchard-server in docker-compose.yml Gitleaks: - Add .gitleaksignore for false positive (s3_key attribute name) - Remove allow_failure from secrets job (now blocking) Also: - Remove \|\| echo fallback from python_tests (tests should fail pipeline)	2026-01-14 18:15:25 +00:00
Mondo Diaz	617bcbe89c	Implement authentication system with access control UI	2026-01-12 09:52:35 -07:00
Mondo Diaz	3fd2747ae4	Store SHA256 checksums with artifacts and add multiple hash support	2025-12-15 14:47:30 -06:00

Author

SHA1

Message

Date

Mondo Diaz

1a7fb3e5ba

Fix security scan issues and harden docker-compose

Hadolint fixes:
- Use printf instead of echo for escape sequences
- Add hadolint ignore for apt pin version (DL3008)

KICS fixes (docker-compose):
- Add security_opt: no-new-privileges to all services
- Add mem_limit and cpus to prevent resource exhaustion
- Add healthcheck to orchard-server in docker-compose.yml

Gitleaks:
- Add .gitleaksignore for false positive (s3_key attribute name)
- Remove allow_failure from secrets job (now blocking)

Also:
- Remove || echo fallback from python_tests (tests should fail pipeline)

2026-01-14 18:15:25 +00:00

Mondo Diaz

617bcbe89c

Implement authentication system with access control UI

2026-01-12 09:52:35 -07:00

Mondo Diaz

3fd2747ae4

Store SHA256 checksums with artifacts and add multiple hash support

2025-12-15 14:47:30 -06:00

3 Commits