ShipSecAI · betterclever · Feb 19, 2026 · chatgpt-codex-connector · Feb 19, 2026
diff --git a/deploy/helm/shipsec/templates/dind-deployment.yaml b/deploy/helm/shipsec/templates/dind-deployment.yaml
diff --git a/deploy/helm/shipsec/templates/dind-pvc.yaml b/deploy/helm/shipsec/templates/dind-pvc.yaml
diff --git a/deploy/helm/shipsec/templates/dind-service.yaml b/deploy/helm/shipsec/templates/dind-service.yaml
diff --git a/deploy/helm/shipsec/templates/worker-deployment.yaml b/deploy/helm/shipsec/templates/worker-deployment.yaml
@@ -47,6 +47,11 @@ spec:
             secretKeyRef:
               name: {{ .Values.secrets.name }}
               key: SECRET_STORE_MASTER_KEY
+        - name: INTERNAL_SERVICE_TOKEN
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.secrets.name }}
+              key: INTERNAL_SERVICE_TOKEN
         {{- if eq .Values.execution.mode "k8s" }}
         - name: EXECUTION_MODE
           value: "k8s"
@@ -66,9 +71,6 @@ spec:
         - name: K8S_JOB_SERVICE_ACCOUNT
           value: {{ .Values.execution.k8s.jobServiceAccount | quote }}
         {{- end }}
-        {{- else if .Values.execution.workerDockerHost }}
-        - name: DOCKER_HOST
-          value: {{ .Values.execution.workerDockerHost | quote }}
         {{- end }}
         {{- range $k, $v := .Values.worker.env }}
         - name: {{ $k }}

diff --git a/deploy/helm/shipsec/values.yaml b/deploy/helm/shipsec/values.yaml
@@ -107,17 +107,8 @@ ingress:
     secretName: shipsec-tls
 
 execution:
-  # "docker" = use Docker CLI (local dev / DIND), "k8s" = K8s Jobs (GKE / production)
+  # "docker" = use local Docker socket (local dev), "k8s" = K8s Jobs (GKE / production)
   mode: docker
-  dind:
-    enabled: false
-    serviceName: shipsec-dind
-    namespace: shipsec-workloads
-    port: 2375
-    storage:
-      enabled: true
-      size: 20Gi
-  workerDockerHost: ''
   k8s:
     # Namespace where component Jobs are created
     jobNamespace: shipsec-workloads

diff --git a/deploy/helm/shipsec/values/cloud-generic.yaml b/deploy/helm/shipsec/values/cloud-generic.yaml
@@ -8,9 +8,3 @@ backend:
 frontend:
   service:
     type: ClusterIP
-
-execution:
-  dind:
-    enabled: false
-  workerDockerHost: ""
-
diff --git a/deploy/helm/shipsec/values/dind.yaml b/deploy/helm/shipsec/values/dind.yaml
diff --git a/deploy/helm/shipsec/values/no-dind.yaml b/deploy/helm/shipsec/values/no-dind.yaml