id: docker-service-boundaries
name: Docker service database references are explicitly named
description: >
  Each application service in docker-compose.yml that depends on a database must
  reference an explicitly named database service rather than a generic name (db,
  database, postgres). Generic shared service names create topological ambiguity:
  multiple services coupling to the same generic name makes the dependency graph
  unreadable and the compose file not self-describing. A stateless reader cannot
  determine service ownership from the file alone. Gate passes when no service
  in docker-compose.yml declares a depends_on entry whose value is exactly 'db',
  'database', or 'postgres' without a service-scoped prefix.
property: Self-describing
tags: [docker, any]
phase: development
trigger: pr
blocking: false
check:
  type: script
  command: >
    ! grep -E "^\s+- (db|database|postgres)$" docker-compose.yml 2>/dev/null ||
    { echo "FAIL: Generic DB service name in docker-compose.yml. Use scoped names (api-db, analytics-db)."; exit 1; }