diff --git a/.woodpecker.yaml b/.woodpecker/.build.yaml
similarity index 83%
rename from .woodpecker.yaml
rename to .woodpecker/.build.yaml
index ffb8897..f59d616 100644
--- a/.woodpecker.yaml
+++ b/.woodpecker/.build.yaml
@@ -1,5 +1,5 @@
 steps:
-  build-main:
+  build main:
     when:
       - event: push
         branch: main
@@ -12,9 +12,11 @@ steps:
       password:
         from_secret: gitea_token
       repo: git.verdigado.com/${CI_REPO,,}
-      tag: 'latest'
+      tags:
+        - 'latest'
+        - ${CI_COMMIT_SHA}
 
-  build-branch:
+  build branch:
     when:
       - event: push
         branch:
@@ -28,4 +30,6 @@ steps:
       password:
         from_secret: gitea_token
       repo: git.verdigado.com/${CI_REPO,,}
-      tag: ${CI_COMMIT_BRANCH}
+      tags:
+        - ${CI_COMMIT_BRANCH}
+        - ${CI_COMMIT_SHA}
diff --git a/.woodpecker/.test.yaml b/.woodpecker/.test.yaml
new file mode 100644
index 0000000..b63c742
--- /dev/null
+++ b/.woodpecker/.test.yaml
@@ -0,0 +1,56 @@
+skip_clone: true
+when:
+  - event: push
+depends_on:
+  - build
+variables:
+  - &image 'git.verdigado.com/verdigado-images/container-pre-commit:${CI_COMMIT_SHA}'
+steps:
+  await-image:
+    image: alpine@sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0
+    environment:
+      IMAGE: *image
+    commands:
+      - apk add --update --no-cache img
+      - 'while !(( img pull $IMAGE 2>&1 | grep -q "Error: failed to unmount" )) ; do echo "Awaiting image $IMAGE..."; sleep 3; done'
+      - echo 'found.'
+
+  clone salt:
+    image: woodpeckerci/plugin-git@sha256:7af90de3a9aa5dc93cc0d5cd2e67e28cb237d4b8e891ccacfd9031f78f4b05a8
+    settings:
+      remote: https://git.verdigado.com/verdigado-Privileged/Salt.git
+      path: salt
+      sha: ''
+      ref: refs/heads/master
+      branch: master
+
+  pre-commit salt:
+    image: *image
+    depends_on:
+      - await-image
+      - clone salt
+    environment:
+      - SKIP=no-commit-to-branch # Ignore "don't commit to protected branch" check
+    commands:
+      - cd salt
+      - pre-commit run --all-files
+
+  clone rocketchat2matrix:
+    image: woodpeckerci/plugin-git@sha256:7af90de3a9aa5dc93cc0d5cd2e67e28cb237d4b8e891ccacfd9031f78f4b05a8
+    settings:
+      remote: https://git.verdigado.com/NB-Public/rocketchat2matrix.git
+      path: rocketchat2matrix
+      sha: ''
+      ref: refs/heads/main
+      branch: master
+
+  pre-commit rocketchat2matrix:
+    image: *image
+    depends_on:
+      - await-image
+      - clone rocketchat2matrix
+    environment:
+      - SKIP=no-commit-to-branch # Ignore "don't commit to protected branch" check
+    commands:
+      - cd rocketchat2matrix
+      - pre-commit run --all-files
diff --git a/Dockerfile b/Dockerfile
index d5f6e51..e988a6a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,21 +1,17 @@
-FROM python:3.12.4-alpine3.20@sha256:a982997504b8ec596f553d78f4de4b961bbdf5254e0177f6e99bb34f4ef16f95
-COPY --from=koalaman/shellcheck:v0.10.0@sha256:2097951f02e735b613f4a34de20c40f937a6c8f18ecb170612c88c34517221fb /bin/shellcheck /usr/bin/
-COPY --from=ghcr.io/gitleaks/gitleaks:v8.18.4@sha256:f44e526acc67786b7476db413edb993ce2d152660d32fb3eb48d9bca06fa83f8 /usr/bin/gitleaks /usr/bin/
+FROM python:3.12.4-alpine3.20@sha256:dc095966439c68283a01dde5e5bc9819ba24b28037dddd64ea224bf7aafc0c82
 
 # renovate: datasource=repology depName=alpine_3_20/build-base versioning=loose
 ENV BUILD_BASE_VERSION="0.5-r3"
 # renovate: datasource=repology depName=alpine_3_20/gcc versioning=loose
 ENV GCC_VERSION="13.2.1_git20240309-r0"
 # renovate: datasource=repology depName=alpine_3_20/ruby versioning=loose
-ENV RUBY_VERSION="3.3.1-r0"
+ENV RUBY_VERSION="3.3.3-r0"
 # renovate: datasource=repology depName=alpine_3_20/git versioning=loose
 ENV GIT_VERSION="2.45.2-r0"
 # renovate: datasource=repology depName=alpine_3_20/openssh-keygen versioning=loose
 ENV OPENSSH_KEYGEN_VERSION="9.7_p1-r3"
 # renovate: datasource=pypi depName=pre-commit versioning=pep440
 ENV PRE_COMMIT_VERSION="3.7.1"
-# renovate: datasource=rubygems depName=mdl versioning=ruby
-ENV MDL_VERSION="0.13.0"
 
 RUN mkdir /data /tmp/pre-commit
 COPY .pre-commit-config.yaml /tmp/pre-commit
@@ -23,13 +19,11 @@ COPY .pre-commit-config.yaml /tmp/pre-commit
 RUN apk add --update --no-cache \
       build-base="${BUILD_BASE_VERSION}" \
       gcc="${GCC_VERSION}" \
-      ruby="${RUBY_VERSION}" \
       ruby-dev="${RUBY_VERSION}" \
       git="${GIT_VERSION}" \
       openssh-keygen="${OPENSSH_KEYGEN_VERSION}" \
     && \
     pip install --no-cache-dir pre-commit=="${PRE_COMMIT_VERSION}" && \
-    gem install --no-document mdl -v "${MDL_VERSION}" && \
     git config --global --add safe.directory /data && \
     cd /tmp/pre-commit && \
     git init --initial-branch main && \