From e9392e719cf8562a0b3fd06efc2ece9cbedf120d Mon Sep 17 00:00:00 2001 From: Jason Woltje Date: Mon, 9 Feb 2026 12:36:38 -0600 Subject: [PATCH] fix(ci): gate Docker builds on all quality checks and fix prod image names Build step now depends on lint, typecheck, test, and security-audit so Docker images cannot be pushed when quality gates fail. Also corrects docker-compose.prod.yml image names to match pipeline (stack-api, stack-web, stack-postgres) and replaces hardcoded :latest with ${IMAGE_TAG:-latest}. Co-Authored-By: Claude Opus 4.6 --- .woodpecker.yml | 5 +++-- docker-compose.prod.yml | 6 +++--- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 2c9fdbd..a74ab25 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -100,9 +100,10 @@ steps: - *use_deps - pnpm build depends_on: - - typecheck # Only block on critical checks + - lint + - typecheck + - test - security-audit - - prisma-generate # ====================== # Docker Build & Push (main/develop only) diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index dd346a9..fe4f799 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -16,7 +16,7 @@ services: # PostgreSQL Database # ====================== postgres: - image: git.mosaicstack.dev/mosaic/postgres:latest + image: git.mosaicstack.dev/mosaic/stack-postgres:${IMAGE_TAG:-latest} container_name: mosaic-postgres restart: unless-stopped environment: @@ -70,7 +70,7 @@ services: # Mosaic API # ====================== api: - image: git.mosaicstack.dev/mosaic/api:latest + image: git.mosaicstack.dev/mosaic/stack-api:${IMAGE_TAG:-latest} container_name: mosaic-api restart: unless-stopped environment: @@ -121,7 +121,7 @@ services: # Mosaic Web # ====================== web: - image: git.mosaicstack.dev/mosaic/web:latest + image: git.mosaicstack.dev/mosaic/stack-web:${IMAGE_TAG:-latest} container_name: mosaic-web restart: unless-stopped environment: