feat(openclaw-helm): add Artifact Hub link, bump chart to 1.3.7

Author: serhanekicii

openclaw-helm.html/0.md

@@ -19,7 +19,7 @@ That said, container isolation and network policies don't make OpenClaw complete
 
 I run Kubernetes for everything in my homelab. When I saw OpenClaw gaining traction, I realized there wasn't a Helm chart available for deploying it. So I built one. Everything in my homelab is declarative, version-controlled in Git, and managed through ArgoCD, that's just how I operate.
 
-This post walks through deploying OpenClaw on Kubernetes using [my Helm chart](https://github.com/serhanekicii/openclaw-helm).
+This post walks through deploying OpenClaw on Kubernetes using [my Helm chart](https://github.com/serhanekicii/openclaw-helm), also available on [Artifact Hub](https://artifacthub.io/packages/helm/openclaw-helm/openclaw).
 
 ### Deployment Architecture
 
@@ -143,7 +143,7 @@ appVersion: "2026.2.6"
 
 dependencies:
   - name: openclaw
-    version: 1.3.4
+    version: 1.3.7
     repository: https://serhanekicii.github.io/openclaw-helm
 ```
 
@@ -298,7 +298,7 @@ The default policy allows:
 
 - **Ingress** from the `gateway-system` namespace on port 18789
 - **Egress** to kube-dns for DNS resolution
-- **Egress** to all public internet IPs (blocks RFC1918 private ranges)
+- **Egress** to all public internet IPs (blocks RFC1918, link-local, and CGN ranges)
 
 This means OpenClaw can reach external APIs (Anthropic, OpenAI, messaging platforms) but cannot access your internal services, databases, or other workloads. The blast radius of a compromise stays contained.