Sandboxing Docker like a Pro.
A deeper build systems note on nsjail sandbox profiles, BuildKit and Docker builder topology, S3 cache import/export, cache warming, hermetic mode, Docker auth boundaries, and agent-safe build evidence.
Build, verify, plan, apply
Agent-first Kubernetes delivery CLI.
torque is CI in a box for Kubernetes delivery: a file-first loop to build, verify, plan, apply, capture evidence, and inspect what happened. Captures, verifier reports, and chart archives are portable SQLite artifacts for CI, review, and later debugging without a running service.
curl -fsSL https://ingresslabs.github.io/torque/install.sh | sh
Canary and blue-green release promotion
Complex DAG stack orchestration
Ship subcommand release flow
DAG performance scheduling
Sandboxed builds and secrets
Helmer archives and verifier gates
Helmer HTML plan reports
Kubernetes logs and evidence capture
Remote agent mirror sessions
Capture explain drilldown
Secret-safe build and log evidence
Drift and plan comparison
Stack resume and rerun failed
Atlassian Data Center as a Torque stack.
A field note on taking the Atlassian Data Center Helm charts through stack orchestration, secret:// references, verifier gates, Helmer plans, custom image builds, and proof-backed promotion examples.
One Torque talking to another.
The MCP and S3 cache showcase moved into a dedicated blog entry: a shorter field note on agent-driven delivery, the symbolic remote bridge, and the S3 BuildKit cache advisor path.
Secret-safe delivery path
Verifier and agent safety matrix
