diff --git a/.sample.env b/.sample.env
index 91281fc..f38cede 100644
--- a/.sample.env
+++ b/.sample.env
@@ -28,5 +28,6 @@ NUXT_LIST_MONK_USER=monkusername
 NUXT_LIST_MONK_TOKEN=somepass
 NUXT_LIST_MONK_EN_TEMPLATE_ID="13"
 NUXT_LIST_MONK_AR_TEMPLATE_ID="14"
-NUXT_PUBLIC_MATOMO_HOST=""
-NUXT_PUBLIC_MATOMO_SITE_ID=""
+NUXT_PUBLIC_MATOMO_HOST="https://analytics.josa.ngo"
+NUXT_PUBLIC_MATOMO_SITE_ID="19"
+NUXT_PUBLIC_TARGET_ENV="development"
diff --git a/.woodpecker/build-latest-image.yaml b/.woodpecker/build-latest-image.yaml
index 1bf20fc..903bca4 100644
--- a/.woodpecker/build-latest-image.yaml
+++ b/.woodpecker/build-latest-image.yaml
@@ -5,25 +5,10 @@ when:
   - event: [pull_request]
     # Only run when PR targets development or other branches (not main)
     evaluate: 'CI_COMMIT_TARGET_BRANCH != "main"'
-    # Build the source branch
-    branch:
-      exclude: [main]
-  - event: [pull_request]
-    # Also build latest image when development branch creates PR to main
-    evaluate: 'CI_COMMIT_TARGET_BRANCH == "main" && CI_COMMIT_BRANCH == "development"'
-    branch: [development]
 
 variables:
-  - &docker_repo 'josaorg/nuha-web'
-  - &slack_channel 'builds'
-  # Docker build arguments template
-  - &build_args_template
-    - CI_COMMIT_SHA=${CI_COMMIT_SHA}
-    - CI_BUILD_NUMBER=${CI_BUILD_NUMBER}
-    - CI_BUILD_LINK=${CI_BUILD_LINK}
-    - CI_COMMIT_LINK=${CI_COMMIT_LINK}
-    - CI_REPO_LINK=${CI_REPO_LINK}
-    - CI_BUILD_FINISHED=${CI_BUILD_FINISHED}
+  - &docker_repo "josaorg/nuha-web"
+  - &slack_channel "builds"
   # Success message template
   - &success_message >
     ✅ *SUCCESS* - Latest Build #{{ build.number }}
@@ -49,10 +34,11 @@ variables:
 
 steps:
   # Security check - scan for secrets/credentials
-  - name: check-for-leaks
-    image: zricethezav/gitleaks:v8.18.4
-    commands:
-      - gitleaks detect --source . --verbose
+  - name: run-pre-commit-hooks
+    image: josaorg/pre-commit-runner
+    settings:
+      args: "--all-files"
+      skip: "end-of-file-fixer, yamllint"
 
   # Build latest image (development and other branches)
   - name: build-latest-image
@@ -67,9 +53,19 @@ steps:
         from_secret: DOCKER_HUB_USERNAME
       password:
         from_secret: DOCKER_HUB_PASSWORD
-      build_args: *build_args_template
+      build_args:
+        CI_REPO: "${CI_REPO}"
+        CI_REPO_NAME: "${CI_REPO_NAME}"
+        CI_REPO_URL: "${CI_REPO_URL}"
+        CI_COMMIT_SHA: "${CI_COMMIT_SHA}"
+        CI_COMMIT_REF: "${CI_COMMIT_REF}"
+        CI_PIPELINE_URL: "${CI_PIPELINE_URL}"
+        CI_PIPELINE_CREATED: "${CI_PIPELINE_CREATED}"
+        CI_PREV_PIPELINE_URL: "${CI_PREV_PIPELINE_URL}"
+        CI_PIPELINE_NUMBER: "${CI_PIPELINE_NUMBER}"
+
     depends_on:
-      - check-for-leaks
+      - run-pre-commit-hooks
 
   # Slack notification for latest build success
   - name: notify-slack-latest-success
@@ -82,7 +78,7 @@ steps:
     when:
       - status: success
     depends_on:
-      - check-for-leaks
+      - run-pre-commit-hooks
       - build-latest-image
 
   # Slack notification for latest build failure
@@ -96,5 +92,5 @@ steps:
     when:
       - status: failure
     depends_on:
-      - check-for-leaks
+      - run-pre-commit-hooks
       - build-latest-image
diff --git a/.woodpecker/build-stable-image.yaml b/.woodpecker/build-stable-image.yaml
index b8971c1..2a28328 100644
--- a/.woodpecker/build-stable-image.yaml
+++ b/.woodpecker/build-stable-image.yaml
@@ -9,16 +9,8 @@ when:
       exclude: [main]
 
 variables:
-  - &docker_repo 'josaorg/nuha-web'
-  - &slack_channel 'builds'
-  # Docker build arguments template
-  - &build_args_template
-    - CI_COMMIT_SHA=${CI_COMMIT_SHA}
-    - CI_BUILD_NUMBER=${CI_BUILD_NUMBER}
-    - CI_BUILD_LINK=${CI_BUILD_LINK}
-    - CI_COMMIT_LINK=${CI_COMMIT_LINK}
-    - CI_REPO_LINK=${CI_REPO_LINK}
-    - CI_BUILD_FINISHED=${CI_BUILD_FINISHED}
+  - &docker_repo "josaorg/nuha-web"
+  - &slack_channel "builds"
   # Success message template
   - &success_message >
     ✅ *SUCCESS* - Stable Build #{{ build.number }}
@@ -43,17 +35,17 @@ variables:
     • <{{ build.link }}|View Build>
 
 steps:
-  # Security check - scan for secrets/credentials
-  - name: check-for-leaks
-    image: zricethezav/gitleaks:v8.18.4
-    commands:
-      - gitleaks detect --source . --verbose
+  - name: run-pre-commit-hooks
+    image: josaorg/pre-commit-runner
+    settings:
+      args: "--all-files"
+      skip: "end-of-file-fixer, yamllint"
 
   # Build stable image (main branch only)
   - name: build-stable-image
     image: woodpeckerci/plugin-docker-buildx
     settings:
-      repo: *docker_repo
+      buildkit_debug: true
       dockerfile: ./Dockerfile
       tags:
         - ${CI_COMMIT_SHA:-latest}
@@ -62,9 +54,19 @@ steps:
         from_secret: DOCKER_HUB_USERNAME
       password:
         from_secret: DOCKER_HUB_PASSWORD
-      build_args: *build_args_template
+      build_args:
+        CI_REPO: "${CI_REPO}"
+        CI_REPO_NAME: "${CI_REPO_NAME}"
+        CI_REPO_URL: "${CI_REPO_URL}"
+        CI_COMMIT_SHA: "${CI_COMMIT_SHA}"
+        CI_COMMIT_REF: "${CI_COMMIT_REF}"
+        CI_PIPELINE_URL: "${CI_PIPELINE_URL}"
+        CI_PIPELINE_CREATED: "${CI_PIPELINE_CREATED}"
+        CI_PREV_PIPELINE_URL: "${CI_PREV_PIPELINE_URL}"
+        CI_PIPELINE_NUMBER: "${CI_PIPELINE_NUMBER}"
+
     depends_on:
-      - check-for-leaks
+      - run-pre-commit-hooks
 
   # Slack notification for stable build success
   - name: notify-slack-stable-success
@@ -77,7 +79,7 @@ steps:
     when:
       - status: success
     depends_on:
-      - check-for-leaks
+      - run-pre-commit-hooks
       - build-stable-image
 
   # Slack notification for stable build failure
@@ -91,5 +93,5 @@ steps:
     when:
       - status: failure
     depends_on:
-      - check-for-leaks
+      - run-pre-commit-hooks
       - build-stable-image
diff --git a/Dockerfile b/Dockerfile
index a5bd09b..0ec2eea 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 # set global args
-ARG USER=node DRONE_COMMIT_SHA=${DRONE_COMMIT_SHA} DRONE_BUILD_NUMBER=${DRONE_BUILD_NUMBER} DRONE_BUILD_LINK=${DRONE_BUILD_LINK} DRONE_COMMIT_LINK=${DRONE_COMMIT_LINK} DRONE_REPO_LINK=${DRONE_REPO_LINK} DRONE_BUILD_FINISHED=${DRONE_BUILD_FINISHED}
+ARG USER=node CI_REPO  CI_REPO_NAME  CI_REPO_URL  CI_COMMIT_SHA  CI_COMMIT_REF  CI_PIPELINE_URL  CI_PIPELINE_CREATED  CI_PREV_PIPELINE_URL CI_PIPELINE_NUMBER
 
 ###########
 # BUILDER #
@@ -21,12 +21,14 @@ FROM node:22.15.0-slim
 
 # pass the global args
 ARG USER
-ARG DRONE_COMMIT_SHA
-ARG DRONE_BUILD_NUMBER
-ARG DRONE_BUILD_LINK
-ARG DRONE_COMMIT_LINK
-ARG DRONE_REPO_LINK
-ARG DRONE_BUILD_FINISHED
+ARG CI_REPO
+ARG CI_REPO_NAME
+ARG CI_REPO_URL
+ARG CI_COMMIT_SHA
+ARG CI_COMMIT_REF
+ARG CI_PIPELINE_URL
+ARG CI_PIPELINE_CREATED
+ARG CI_PIPELINE_NUMBER
 
 # copy builder output to project workdir
 WORKDIR /app
@@ -37,7 +39,7 @@ COPY --from=builder --chown=${USER}:${USER} /workspace/.output /app/.output
 USER ${USER}
 
 # inject build args as enviroment variables
-ENV NUXT_PUBLIC_BUILD_COMMIT_SHA=${DRONE_COMMIT_SHA} NUXT_PUBLIC_BUILD_NUMBER=${DRONE_BUILD_NUMBER} NUXT_PUBLIC_BUILD_LINK=${DRONE_BUILD_LINK} NUXT_PUBLIC_BUILD_COMMIT_LINK=${DRONE_COMMIT_LINK} NUXT_PUBLIC_BUILD_REPO_LINK=${DRONE_REPO_LINK} NUXT_PUBLIC_BUILD_TIMESTAMP=${DRONE_BUILD_FINISHED}
+ENV NUXT_PUBLIC_CI_BUILD_NUMBER=${CI_PIPELINE_NUMBER}  NUXT_PUBLIC_CI_BUILD_LINK=${CI_PIPELINE_URL} NUXT_PUBLIC_BUILD_REPO_LINK=${CI_REPO_URL} NUXT_PUBLIC_CI_COMMIT_SHA=${CI_COMMIT_SHA} NUXT_PUBLIC_CI_COMMIT_LINK=${CI_COMMIT_REF} NUXT_PUBLIC_BUILD_TIMESTAMP=${CI_PIPELINE_CREATED}
 
 # expose port
 EXPOSE ${PORT}