diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 61b76e53..abc030dd 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -4,7 +4,7 @@
---
include:
- project: "${PROJECT_PATH_GITLAB_CONFIG_TOOLING}"
- ref: "v2.4.2"
+ ref: "v2.4.3"
file:
- "ci/common/automr.yml"
- "ci/common/lint.yml"
@@ -514,7 +514,7 @@ avscan-prepare:
CONTAINER_IMAGE: ""
CONTAINER_REGISTRY: ""
CONTAINER_TAG: ""
- DATABASE_MIRROR: "https://registry.open-de.sk/repository/clamavdb.c3sl.ufpr.br"
+ DATABASE_MIRROR: "https://gitlab.opencode.de/bmi/opendesk/tooling/clamav-db-mirror/-/raw/main"
EOF
- >
yq '.images
diff --git a/docs/ci.md b/docs/ci.md
index df0a9fae..d3d58b4b 100644
--- a/docs/ci.md
+++ b/docs/ci.md
@@ -2,6 +2,7 @@
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
SPDX-License-Identifier: Apache-2.0
-->
+
CI/CD
This page covers openDesk deployment automation via Gitlab CI.
diff --git a/docs/components.md b/docs/components.md
index 1562be05..1d9e5619 100644
--- a/docs/components.md
+++ b/docs/components.md
@@ -3,6 +3,7 @@ SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG Ze
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
SPDX-License-Identifier: Apache-2.0
-->
+
Components
This section covers the internal system requirements and external service requirements for productive use.
diff --git a/docs/debugging.md b/docs/debugging.md
index ed743b19..d950491e 100644
--- a/docs/debugging.md
+++ b/docs/debugging.md
@@ -2,8 +2,10 @@
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
SPDX-License-Identifier: Apache-2.0
-->
+
Debugging
+
* [Disclaimer](#disclaimer)
* [Enable debugging](#enable-debugging)
* [Adding containers to a pod for debugging purposes](#adding-containers-to-a-pod-for-debugging-purposes)
@@ -15,6 +17,7 @@ SPDX-License-Identifier: Apache-2.0
* [OpenProject](#openproject)
* [PostgreSQL](#postgresql)
* [Keycloak](#keycloak)
+
# Disclaimer
diff --git a/docs/development.md b/docs/development.md
index 990082d6..a43105ed 100644
--- a/docs/development.md
+++ b/docs/development.md
@@ -7,8 +7,9 @@ SPDX-License-Identifier: Apache-2.0
Developing openDesk deployment automation
Active development on the deployment is currently only available for project members.
-However, contributions will be possible using the CLA process.
+However, contributions are possible using the [CLA](https://gitlab.opencode.de/bmi/opendesk/info/-/blob/main/CONTRIBUTING.md?ref_type=heads) process.
+
* [Overview](#overview)
* [Default branch, `develop` and other branches](#default-branch-develop-and-other-branches)
* [External artifacts - `charts.yaml` and `images.yaml`](#external-artifacts---chartsyaml-and-imagesyaml)
@@ -18,6 +19,7 @@ However, contributions will be possible using the CLA process.
* [Mirroring](#mirroring)
* [Get new artifacts mirrored](#get-new-artifacts-mirrored)
* [Creating new charts/images](#creating-new-chartsimages)
+
# Overview
diff --git a/docs/enhanced-configuration/groupware-migration.md b/docs/enhanced-configuration/groupware-migration.md
index 2c3e6f5b..bd62a109 100644
--- a/docs/enhanced-configuration/groupware-migration.md
+++ b/docs/enhanced-configuration/groupware-migration.md
@@ -1,10 +1,11 @@
-r
Migration from M365 with audriga migration service and master authentication
+
* [Context](#context)
* [Prerequisites](#prerequisites)
* [Prepare M365 tenant for access](#prepare-m365-tenant-for-access)
@@ -17,8 +18,7 @@ SPDX-License-Identifier: Apache-2.0
* [Add multiple user accounts via CSV file](#add-multiple-user-accounts-via-csv-file)
* [Start the migration](#start-the-migration)
* [Monitor migration status](#monitor-migration-status)
-
-# Context
+
Most organizations already have email accounts on various platforms that need to be migrated to openDesk. This document describes the migration from M365 accounts to openDesk using the [audriga Migration Service](https://www.audriga.com) in combination with the master authentication option in openDesk. Other source platforms are also supported, and their migrations work in a similar manner.
diff --git a/docs/enhanced-configuration/idp-federation.md b/docs/enhanced-configuration/idp-federation.md
index d7367b8a..dec928c8 100644
--- a/docs/enhanced-configuration/idp-federation.md
+++ b/docs/enhanced-configuration/idp-federation.md
@@ -5,6 +5,7 @@ SPDX-License-Identifier: Apache-2.0
Federation with external identity provider (IdP)
+
* [Context](#context)
* [Prerequisites](#prerequisites)
* [User accounts](#user-accounts)
@@ -17,8 +18,7 @@ SPDX-License-Identifier: Apache-2.0
* [Separate realm](#separate-realm)
* [OIDC Client](#oidc-client)
* [openDesk IdP](#opendesk-idp)
-
-# Context
+
Most organizations already have an Identity and Access Management (IAM) system with an identity provider (IdP) for single sign-on to internal or external web applications.
diff --git a/docs/enhanced-configuration/matrix-federation.md b/docs/enhanced-configuration/matrix-federation.md
index 5a505a97..870aa178 100644
--- a/docs/enhanced-configuration/matrix-federation.md
+++ b/docs/enhanced-configuration/matrix-federation.md
@@ -12,8 +12,6 @@ SPDX-License-Identifier: Apache-2.0
* [Separate Matrix domain](#separate-matrix-domain)
-# Context
-
The Element chat application and its server component Synapse are based on the Matrix protocol,
that supports federation with other Matrix servers to communicate with the users with accounts on these servers.
diff --git a/docs/enhanced-configuration/self-signed-certificates.md b/docs/enhanced-configuration/self-signed-certificates.md
index 2b426ee9..a77a91e5 100644
--- a/docs/enhanced-configuration/self-signed-certificates.md
+++ b/docs/enhanced-configuration/self-signed-certificates.md
@@ -12,8 +12,6 @@ SPDX-License-Identifier: Apache-2.0
* [Option 2: Use cert-manager.io](#option-2-use-cert-managerio)
-# Use case
-
Deploying openDesk into an environment with custom public key infrastructure (PKI) that is usually not part of
public certificate authority chains or deploying openDesk into a local cluster without ACME challenge.
diff --git a/docs/enhanced-configuration/separate-mail-matrix-domain.md b/docs/enhanced-configuration/separate-mail-matrix-domain.md
index cb96254f..7a040979 100644
--- a/docs/enhanced-configuration/separate-mail-matrix-domain.md
+++ b/docs/enhanced-configuration/separate-mail-matrix-domain.md
@@ -5,6 +5,7 @@ SPDX-License-Identifier: Apache-2.0
Separate domains for mail and or Matrix
+
* [Context](#context)
* [Example configuration](#example-configuration)
* [Mail domain](#mail-domain)
@@ -13,8 +14,7 @@ SPDX-License-Identifier: Apache-2.0
* [Webserver](#webserver)
* [Content Security Policy](#content-security-policy)
* [.well-known](#well-known)
-
-# Context
+
As communication over mail and chat can go beyond the borders of your openDesk installation, you may want to use different domains for the mail and/or Matrix.
diff --git a/docs/migrations.md b/docs/migrations.md
index 6c31400d..a6e714d5 100644
--- a/docs/migrations.md
+++ b/docs/migrations.md
@@ -5,6 +5,7 @@ SPDX-License-Identifier: Apache-2.0
Updates & Upgrades
+
* [Disclaimer](#disclaimer)
* [openDesk supported upgrade path](#opendesk-supported-upgrade-path)
* [Releases upgrade details](#releases-upgrade-details)
@@ -26,6 +27,7 @@ SPDX-License-Identifier: Apache-2.0
* [`migrations` S3 bucket](#migrations-s3-bucket)
* [Related components and artifacts](#related-components-and-artifacts)
* [Development](#development)
+
# Disclaimer
diff --git a/docs/requirements.md b/docs/requirements.md
index 407cf89f..889c2f4b 100644
--- a/docs/requirements.md
+++ b/docs/requirements.md
@@ -2,6 +2,7 @@
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
SPDX-License-Identifier: Apache-2.0
-->
+
Requirements
This section covers the internal system requirements and external service requirements for productive use.
diff --git a/docs/scaling.md b/docs/scaling.md
index 1ee17237..93a7534d 100644
--- a/docs/scaling.md
+++ b/docs/scaling.md
@@ -5,7 +5,7 @@ SPDX-License-Identifier: Apache-2.0
Scaling
-This document should cover the ability to scale apps.
+This document covers the ability to scale applications.
# Horizontal scalability
diff --git a/docs/security-context.md b/docs/security-context.md
index 68eba065..ed1ecabb 100644
--- a/docs/security-context.md
+++ b/docs/security-context.md
@@ -2,8 +2,10 @@
SPDX-FileCopyrightText: 2024 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
SPDX-License-Identifier: Apache-2.0
-->
+
Kubernetes Security Context
+
* [Container Security Context](#container-security-context)
* [allowPrivilegeEscalation](#allowprivilegeescalation)
* [capabilities](#capabilities)
@@ -14,6 +16,7 @@ SPDX-License-Identifier: Apache-2.0
* [readOnlyRootFilesystem](#readonlyrootfilesystem)
* [runAsNonRoot](#runasnonroot)
* [Status quo](#status-quo)
+
# Container Security Context
diff --git a/docs/theming.md b/docs/theming.md
index 08b377a1..9af511e2 100644
--- a/docs/theming.md
+++ b/docs/theming.md
@@ -5,7 +5,7 @@ SPDX-License-Identifier: Apache-2.0
Theming
-This document will cover the theming options for an openDesk deployment.
+This document covers the theming options for an openDesk deployment.
* [Settings](#settings)
diff --git a/docs/workflow.md b/docs/workflow.md
index 3d82d699..b141f032 100644
--- a/docs/workflow.md
+++ b/docs/workflow.md
@@ -6,6 +6,7 @@ SPDX-License-Identifier: Apache-2.0
Technical development and release workflow
+
* [Scope](#scope)
* [Roles and responsibilities](#roles-and-responsibilities)
* [Deployment automation](#deployment-automation)
@@ -29,6 +30,7 @@ SPDX-License-Identifier: Apache-2.0
* [Commit messages / Conventional Commits](#commit-messages--conventional-commits)
* [Verified commits](#verified-commits)
* [Footnotes](#footnotes)
+
# Scope