Fix production CI deployment namespace

Change prod namespace from orch-prod-namespace to orch-namespace.

.gitlab-ci.yml

@@ -36,68 +36,9 @@ stages:
   - analyze
   - deploy
 
-# Override Prosper template jobs to exclude tag pipelines
-# Tags only run deploy_prod and smoke_test_prod (image already built on main)
-build_image:
-  rules:
-    - if: '$CI_COMMIT_TAG'
-      when: never
-    - when: on_success
-
-test_image:
-  rules:
-    - if: '$CI_COMMIT_TAG'
-      when: never
-    - when: on_success
-
-hadolint:
-  rules:
-    - if: '$CI_COMMIT_TAG'
-      when: never
-    - when: on_success
-
 kics:
   variables:
     KICS_CONFIG: kics.config
-  rules:
-    - if: '$CI_COMMIT_TAG'
-      when: never
-    - when: on_success
-
-secrets:
-  rules:
-    - if: '$CI_COMMIT_TAG'
-      when: never
-    - when: on_success
-
-app_deps_scan:
-  rules:
-    - if: '$CI_COMMIT_TAG'
-      when: never
-    - when: on_success
-
-cve_scan:
-  rules:
-    - if: '$CI_COMMIT_TAG'
-      when: never
-    - when: on_success
-
-app_sbom_analysis:
-  rules:
-    - if: '$CI_COMMIT_TAG'
-      when: never
-    - when: on_success
-
-cve_sbom_analysis:
-  rules:
-    - if: '$CI_COMMIT_TAG'
-      when: never
-    - when: on_success
-
-# Override release job to wait for stage integration tests before creating tag
-# This ensures the tag (which triggers prod deploy) is only created after stage passes
-release:
-  needs: [integration_test_stage, changelog]
 
 # Full integration test suite template (for feature/stage deployments)
 # Runs the complete pytest integration test suite against the deployed environment
@@ -328,10 +269,6 @@ python_unit_tests:
         coverage_format: cobertura
         path: backend/coverage.xml
   coverage: '/TOTAL.*\s+(\d+%)/'
-  rules:
-    - if: '$CI_COMMIT_TAG'
-      when: never
-    - when: on_success
 
 # Run frontend tests
 frontend_tests:
@@ -361,10 +298,6 @@ frontend_tests:
         coverage_format: cobertura
         path: frontend/coverage/cobertura-coverage.xml
   coverage: '/All files[^|]*\|[^|]*\s+([\d\.]+)/'
-  rules:
-    - if: '$CI_COMMIT_TAG'
-      when: never
-    - when: on_success
 
 # Shared deploy configuration
 .deploy_template: &deploy_template
@@ -492,8 +425,9 @@ cleanup_feature:
 # Deploy to production (version tags only)
 deploy_prod:
   stage: deploy
-  # For tag pipelines, no other jobs run - image was already built when commit was on main
+  # For tag pipelines, most jobs don't run (trusting main was tested)
-  needs: []
+  # We only need build_image to have the image available
+  needs: [build_image]
   image: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12
   variables:
     NAMESPACE: orch-namespace

.gitleaksignore

@@ -16,4 +16,3 @@ bccbc71c13570d14b8b26a11335c45f102fe3072:backend/tests/unit/test_storage.py:gene
 08dce6cbb836b687002751fed4159bfc2da61f8b:backend/tests/unit/test_storage.py:generic-api-key:381
 617bcbe89cff9a009d77e4f1f1864efed1820e63:backend/tests/unit/test_storage.py:generic-api-key:381
 1cbd33544388e0fe6db752fa8886fab33cf9ce7c:backend/tests/unit/test_storage.py:generic-api-key:381
-7cfad28f678f5a5b8b927d694a17b9ba446b7138:backend/tests/unit/test_storage.py:generic-api-key:381

CHANGELOG.md

@@ -6,9 +6,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
-### Changed
-- Simplified tag pipeline to only run deploy and smoke tests (image already built on main) (#54)
-
 ### Fixed
 - Fixed production CI deployment namespace to use correct `orch-namespace` (#54)