chore(deps): update docker.io/library/node docker tag to v25

.gitea/workflows/generate-readme.yaml

@@ -15,7 +15,7 @@ on:
 jobs:
   generate-parameters:
     container:
-      image: docker.io/library/node:24.10.0-alpine
+      image: docker.io/library/node:25.0.0-alpine
     runs-on:
     - ubuntu-latest
     steps:

.gitea/workflows/helm.yaml

@@ -12,31 +12,56 @@ on:
 
 jobs:
   helm-lint:
-    container:
-      image: docker.io/volkerraschek/helm:3.19.0
-    runs-on:
-    - ubuntu-latest
+    container: docker.io/alpine/helm:3.19.0
+    name: Execute helm lint
+    runs-on: ubuntu-latest
     steps:
-    - name: Install tooling
-      run: |
-        apk update
-        apk add git npm
-    - uses: actions/checkout@v5.0.0
-    - name: Lint helm files
-      run: |
-        helm lint --values values.yaml .
+      - name: Install additional tools
+        run: |
+          apk update
+          apk add --update bash make nodejs
+      - uses: actions/checkout@v5.0.0
+      - name: Install helm chart dependencies
+        run: helm dependency build
+      - name: Execute helm lint
+        run: helm lint
+
+  helm-template:
+    container: docker.io/alpine/helm:3.19.0
+    name: Execute helm template
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install additional tools
+        run: |
+          apk update
+          apk add --update bash make nodejs
+      - uses: actions/checkout@v5.0.0
+      - name: Extract repository owner and name
+        run: |
+          echo "REPOSITORY_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 2 | sed --regexp-extended 's/-charts?//g')" >> $GITHUB_ENV
+          echo "REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 1)" >> $GITHUB_ENV
+      - name: Install helm chart dependencies
+        run: helm dependency build
+      - name: Execute helm template
+        run: helm template --debug "${REPOSITORY_NAME}" .
 
   helm-unittest:
-    container:
-      image: docker.io/volkerraschek/helm:3.19.0
-    runs-on:
-    - ubuntu-latest
+    container: docker.io/alpine/helm:3.19.0
+    env:
+      HELM_UNITTEST_VERSION: v1.0.1 # renovate: datasource=github-releases depName=helm-unittest/helm-unittest
+    name: Execute helm unittest
+    runs-on: ubuntu-latest
     steps:
-    - name: Install tooling
-      run: |
-        apk update
-        apk add git npm
-    - uses: actions/checkout@v5.0.0
-    - name: Unittest
-      run: |
-        helm unittest --strict --file 'unittests/**/*.yaml' ./
+      - name: Install additional tools
+        run: |
+          apk update
+          apk add --update bash make nodejs npm yamllint ncurses
+      - uses: actions/checkout@v5.0.0
+      - name: Install helm chart dependencies
+        run: helm dependency build
+      - name: Install helm plugin 'unittest'
+        run: helm plugin install --version "${HELM_UNITTEST_VERSION}" https://github.com/helm-unittest/helm-unittest
+      - name: Execute helm unittest
+        env:
+          TERM: xterm
+        run: helm unittest --strict --file 'unittests/**/*.yaml' ./

.gitea/workflows/markdown-linters.yaml

@@ -15,7 +15,7 @@ on:
 jobs:
   markdown-link-checker:
     container:
-      image: docker.io/library/node:24.10.0-alpine
+      image: docker.io/library/node:25.0.0-alpine
     runs-on:
     - ubuntu-latest
     steps:
@@ -31,7 +31,7 @@ jobs:
 
   markdown-lint:
     container:
-      image: docker.io/library/node:24.10.0-alpine
+      image: docker.io/library/node:25.0.0-alpine
     runs-on:
     - ubuntu-latest
     steps:

Makefile

@@ -10,7 +10,7 @@ HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:
 # NODE_IMAGE
 NODE_IMAGE_REGISTRY_HOST?=docker.io
 NODE_IMAGE_REPOSITORY?=library/node
-NODE_IMAGE_VERSION?=24.10.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node
+NODE_IMAGE_VERSION?=25.0.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node
 NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION}
 
 # MISSING DOT

README.md

@@ -203,8 +203,7 @@ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
 
 The behavior whereby ArgoCD triggers a rolling update even though nothing appears to have changed often occurs in
 connection with the helm concept `checksum/secret`, `checksum/configmap` or more generally, [Automatically Roll
-Deployments](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments). Please ensure, that no
-third party application modifies the config maps or secret afterwards.
+Deployments](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments).
 
 The problem with combining this concept with ArgoCD is that ArgoCD re-renders the Helm chart every time. Even if the
 content of the config map or secret has not changed, there may be minimal differences (e.g., whitespace, chart version,
@@ -213,50 +212,20 @@ Helm render order, different timestamps).
 This changes the SHA256 hash, Argo sees a drift and trigger a rolling update of the deployment. Among other things, this
 can lead to unnecessary notifications from ArgoCD.
 
-To avoid this, the annotation with the shasum can be ignored. However, this negates the mechanism of [Automatically Roll
-Deployments](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments).
-
-Below is a diff that adds the `Application` to ignore all annotations with the prefix `checksum`.
-
-> [!WARNING]
-> Configurations of `ignoreDifferences` always refer to the determination of a drift and whether a possible sync is
-> necessary. If the selected attributes should also be ignored in deployment afterwards, define
-> `RespectIgnoreDifferences=true` in your `Application` resource. Further information can be found in the ArgoCD
-> [documentation](https://argo-cd.readthedocs.io/en/latest/user-guide/sync-options/#respect-ignore-differences-configs).
+To avoid this, the annotation with the shasum must be ignored. Below is a diff that adds the `Application` to ignore all
+annotations with the prefix `checksum`.
 
 ```diff
   apiVersion: argoproj.io/v1alpha1
   kind: Application
   spec:
 +   ignoreDifferences:
-+   - group: apps
++   - group: apps/v1
 +     kind: Deployment
 +     jqPathExpressions:
 +     - '.spec.template.metadata.annotations | with_entries(select(.key | startswith("checksum")))'
 ```
 
-The definition of ignoreDifferences ensures that annotations with the prefix checksum are ignored during a diff.
-
-> [!TIP]
-> If the [reloader](https://github.com/stakater/Reloader) is configured as described in section [TLS certificate
-> rotation](#tls-certificate-rotation), ensure that the shasum defined as annotation or environment variable is also
-> ignored. The [reloader](https://github.com/stakater/Reloader) will modify the deployment based on his configuration
-> and append additional annotations or environment variables containing the shasum. Below are some examples how to adapt
-> the `ignoreDifferences` configuration to ignore only the annotations and environment variables of stakater's
-> [reloader](https://github.com/stakater/Reloader).
-
-```diff
-  apiVersion: argoproj.io/v1alpha1
-  kind: Application
-  spec:
-    ignoreDifferences:
-    - group: apps
-      kind: Deployment
-      jqPathExpressions:
-+     - '.spec.template.metadata.annotations | with_entries(select(.key | startswith("reloader")))'
-+     - '.spec.template.spec.containers[].env[] | select(.name | startswith("STAKATER_"))'
-```
-
 ## Parameters
 
 ### Global

renovate.json

@@ -54,17 +54,12 @@
       ]
     },
     {
-      "automerge": true,
       "groupName": "Update helm plugin 'unittest'",
       "matchDepNames": [
         "helm-unittest/helm-unittest"
       ],
       "matchDatasources": [
         "github-releases"
-      ],
-      "matchUpdateTypes": [
-        "minor",
-        "patch"
       ]
     },
     {