Update and enforce nats Docker tag to v2.14 across catalog and gates

[renovate]

This PR contains the following updates:

Package	Update	Change
nats	minor	2.10-alpine → 2.14-alpine

Additional changes made to enforce consistency

• Added Docker image target locking to catalog/dependency-version-targets.json:
  • docker.images.nats = 2.14-alpine
• Extended dependency validation gates to enforce cataloged Docker image tags:
  • pipeline/validate-template-version-consistency.sh
  • pipeline/validate-generated-dependency-targets.sh
  • pipeline/validate-generated-branch-dependency-consistency.sh
• Updated remaining main-branch NATS image references used by rendered/generated state sources so regeneration cascades consistently (including state patchsets and Kubernetes runtime spec assets).

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[netlify]

✅ Deploy Preview for lucky-concha-f3599f ready!

Name	Link
🔨 Latest commit	50ff657
🔍 Latest deploy log	https://app.netlify.com/projects/lucky-concha-f3599f/deploys/6a2e72b951f0030008ba39c3
😎 Deploy Preview	https://deploy-preview-400--lucky-concha-f3599f.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[DovOps]

@copilot can you assess the impact of this upgrade on the system? in particualr can you look at the first code branch where this is fully implemented code/generated-state-006-messaging-nats-replacement and let me know whether this image bump will affect the implementation

[Copilot]

@copilot can you assess the impact of this upgrade on the system? in particualr can you look at the first code branch where this is fully implemented code/generated-state-006-messaging-nats-replaceme...

I checked this in detail.

For code/generated-state-006-messaging-nats-replacement, this PR does not currently change its implementation runtime image: that branch still has nats:2.10-alpine in messaging-nats-replacement/docker-compose.yml.

Reason: state-006 generated output is driven by specs/006-messaging-nats-replacement/generation/patches/0001-state-overlay.patch, and that patch still pins 2.10-alpine. The PR updated the conceptual spec snippet (specs/006.../system/docker-compose.nats.snippet.yaml) but not the generation patch.

So impact on the fully implemented state-006 branch is: no immediate effect from this PR.

If/when we also bump state-006 generated compose to 2.14-alpine, expected risk is low (same core ports/protocol usage: 4222, 8222, websocket 8081; Java clients use jnats over nats://...:4222 with no JetStream-specific coupling), but I’d still run the existing state-006 smoke/runtime scripts as verification.

[DovOps]

@copilot can you assess the impact of this upgrade on the system? in particualr can you look at the first code branch where this is fully implemented code/generated-state-006-messaging-nats-replaceme...

I checked this in detail.

For code/generated-state-006-messaging-nats-replacement, this PR does not currently change its implementation runtime image: that branch still has nats:2.10-alpine in messaging-nats-replacement/docker-compose.yml.

Reason: state-006 generated output is driven by specs/006-messaging-nats-replacement/generation/patches/0001-state-overlay.patch, and that patch still pins 2.10-alpine. The PR updated the conceptual spec snippet (specs/006.../system/docker-compose.nats.snippet.yaml) but not the generation patch.

So impact on the fully implemented state-006 branch is: no immediate effect from this PR.

If/when we also bump state-006 generated compose to 2.14-alpine, expected risk is low (same core ports/protocol usage: 4222, 8222, websocket 8081; Java clients use jnats over nats://...:4222 with no JetStream-specific coupling), but I’d still run the existing state-006 smoke/runtime scripts as verification.

If we are doing this change, we need it to cascade and affect all places we make the change. this means adding it to the version lock/catalog that we have, and changing the gate to check for it to be htere, and then making sure in our rendered output that we adhere to this. so please catalog this version choice, and then make sure the gate is enforced, and make sure all references to it in this main branch are amended so that this will pass. I can then regenerate the other branches when needed and know they're consistently updated

[Copilot]

@copilot can you assess the impact of this upgrade on the system? in particualr can you look at the first code branch where this is fully implemented code/generated-state-006-messaging-nats-repla...

Implemented in 50ff657.

I added NATS image version to the catalog (catalog/dependency-version-targets.json), extended the dependency target gates to enforce Docker image tags from catalog targets, and updated all main-branch nats:2.10-alpine references to nats:2.14-alpine across the state patch/spec sources so regeneration will consistently carry the new tag.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.