ci(diff-on-branch): Merge doublette variables block

.gitlab/merge_request_templates/Bugfix.md

@@ -1,81 +0,0 @@
-## 📌 Summary
-
-Brief description of the issue and what this MR resolves.
-
-> Example:
-> Fixes a bug where users were unable to save their profile due to a missing field validation.
-
----
-
-## ✅ Changes
-
-Explain for the reviewer how the change addresses the issue:
-
-- Fixed null check on user input
-- Added unit test for edge case
-- Updated error handling in the `ProfileService`
-
----
-
-## 🧪 Analysis
-
-Explain the **underlying cause** of the bug:
-
-- What was the unexpected behavior?
-- Why did it happen?
-- Where in the code or logic did it occur?
-
----
-
-## 📚 Related Issue(s)
-
-- Should be listed as part of the commit message.
-- Fixes #[issue-number]
-- Related to #[optional additional issues]
-
-## 🧪 How to Reproduce & Test
-
-Link to issue or document the required details below.
-
-### Before the Fix:
-
-1. Go to `/profile/edit`
-2. Leave the "email" field empty
-3. Click "Save"
-4. Observe 500 server error
-
-### After the Fix:
-
-1. Same steps as above
-2. Now see appropriate validation message
-3. No server error occurs
-
----
-
-## Checklist / Sign-offs
-
-### 💿 CI/CD
-
-- [ ] CI pipeline passes for all jobs
-- [ ] Linting and formatting checks pass
-- [ ] Review app (if used) reflects fix correctly
-
-### 🖥 QA & Product
-
-Set related labels on the MR for
-
-- [ ] `PO::👀`
-- [ ] `Tech Lead::👀`
-- [ ] `Testautomation::👀`
-- [ ] `QA::👀`
-
----
-
-## 👷 Developer Checklist
-
-- [ ] Code builds and passes linting
-- [ ] Tests added or updated
-- [ ] Verified fix locally
-- [ ] Regression testing done for related functionality
-- [ ] No new warnings or errors in logs
-

.gitlab/merge_request_templates/Default.md

@@ -1 +1,16 @@
-Please select one of the templates, in case your contribution contains more than a **simple** typo fix.
+<!--
+SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
+SPDX-License-Identifier: Apache-2.0
+-->
+
+# Summary
+
+- *describe the reason for/content of the MR*
+
+# Commits
+
+%{all_commits}
+
+# Authors
+
+%{co_authored_by}

.gitlab/merge_request_templates/Feature.md

@@ -1,74 +0,0 @@
-## 📌 Summary
-
-Briefly describe what this feature MR does and why it’s needed.
-
-> Example:
-> Adds user profile editing capabilities to the dashboard. This enables users to update their personal information without admin intervention.*
-
----
-
-## ✅ Changes
-
-List the key changes made in this MR:
-
-- Added new route /profile/edit
-- Created `ProfileEditForm` component
-- Integrated with backend API for user updates
-- Added unit tests and basic form validation
-
----
-
-## 🧪 Tests
-
-Provide steps for QA or reviewers to test the feature.
-
-1. Login as any user
-2. Navigate to `/profile/edit`
-3. Update profile info and save
-4. Verify changes are persisted and reflected in the UI
-
----
-
-## 📚 Related Issue(s)
-
-- Closes #[issue number]
-- Depends on #[merge request or issue, if any]
-
----
-
-## 🕵️ Notes for Reviewer
-
-Mention anything reviewers should be aware of:
-
-- Known issues or limitations
-- Code sections that may need special attention
-- Design considerations or edge cases handled
-
----
-
-## Checklist / Sign-offs
-
-### 💿 CI/CD
-
-- [ ] CI pipeline passes for all jobs
-- [ ] Linting and formatting checks pass
-- [ ] Review app (if used) reflects fix correctly
-
-### 🖥 QA & Product
-
-Set related labels on the MR for
-
-- [ ] `PO::👀`
-- [ ] `Tech Lead::👀`
-- [ ] `Testautomation::👀`
-- [ ] `QA::👀`
-
----
-
-## 👷 Developer Checklist
-
-- [ ] Code builds and passes linting
-- [ ] Tests added or updated
-- [ ] Verified fix locally
-- [ ] Regression testing done for related functionality
-- [ ] No new warnings or errors in logs

.gitlab/merge_request_templates/Other.md

@@ -1,33 +0,0 @@
-## 📌 Summary
-
-Provide a concise summary of **what** this MR does and **why**.
-
-> Example:
-> This MR updates the CI configuration to cache NPM dependencies and reduce pipeline execution time.
-
----
-
-## ✅ Changes
-
-List the key updates made:
-
-- ...
-- ...
-
----
-
-## 🧪 Tests (if applicable)
-
-Explain how reviewers or CI can verify the change works as intended.
-
-> Example:
->- For CI: Check job `build:frontend` completes in <3 mins.
->- For docs: View rendered markdown locally or in GitLab.
-
----
-
-## 🧾 Checks
-
-- [ ] CI passes
-- [ ] No functional changes
-- [ ] Verified (if needed)

.gitlab/merge_request_templates/Update.md

@@ -1,49 +0,0 @@
-## ⬆️ Application Update
-
-Expected MR Title and git commit message:
-
-`feat/fix(<app-name>): Update from <old-version> to <new-version>`
-
-### 📋 Changelog/Release Notes
-
-- [ ] Upstream release notes: `[link]`
-- [ ] No breaking changes (or listed below)
-- [ ] Relevant changes communicated (if needed)
-
----
-
-### 🔄 Migrations to Run (if any)
-
-Describe any migrations that need to be performed when upgrading to this application version.
-
-- [ ] Database migrations
-- [ ] Configuration changes
-- [ ] Cache clears / rebuilds
-- [ ] Other: _describe_
-
-## Checklist / Sign-offs
-
-### 💿 CI/CD
-
-- [ ] CI pipeline passes for all jobs
-- [ ] Linting and formatting checks pass
-- [ ] Review app (if used) reflects fix correctly
-
-### 🖥 QA & Product
-
-Set related labels on the MR for
-
-- [ ] `PO::👀`
-- [ ] `Tech Lead::👀`
-- [ ] `Testautomation::👀`
-- [ ] `QA::👀`
-
----
-
-## 👷 Developer Checklist
-
-- [ ] Code builds and passes linting
-- [ ] Tests added or updated
-- [ ] Verified fix locally
-- [ ] Regression testing done for related functionality
-- [ ] No new warnings or errors in logs

CHANGELOG.md

@@ -1,28 +1,3 @@
-# [1.5.0](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/compare/v1.4.1...v1.5.0) (2025-06-16)
-
-
-### Bug Fixes
-
-* **dovecot:** Enable Dovecot ACL for CE (file) & EE (cassandra) ([9354ee7](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/9354ee719628c876c26e91e1b57a4a0cfafedca1))
-* **notes:** Support templating of Ingress annotations `bodyTimeout` and `bodySize` to allow application defined upload limits to be reached ([69faf77](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/69faf77d15d1df441eb62c58374620f8035f2596))
-* **nubus:** Create required LDAP objects for `global.additionalMailDomains` ([4dcb683](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/4dcb6831189fc9cedb244c3fd7997d57e8a78c5a))
-* **nubus:** Explicitly template security context for Keycloak proxy ([e959438](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/e9594382ed7a2469240d62134b34bcf3e5d06a59))
-* **nubus:** Update CSS for login screen to show login button for federated IdP ([0d4e1b0](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/0d4e1b01e3e82ace7f7438a754235a009036b90d))
-* **nubus:** Use read-only root filesystem for Keycloak bootstrap ([1edd7c3](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/1edd7c3f062ec411b8b38f45be9ef22a200b4bea))
-* **open-xchange:** Enabled mail login resolver ([7547f49](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/7547f4948ea13357c4cbc3ae69ae4e7210fdf4a2))
-* **open-xchange:** Update App Suite 8.37 to latest patch level (8.37.69) ([bc436b2](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/bc436b248525bf76584dd21f735694065bcb67a5))
-* **open-xchange:** Update Dovecot CE chart to support ACLs (mailbox sharing) and usernames different from local part of mail address ([87c30ab](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/87c30ab8e32c1b405f6aff8eda5eed5f74d5df0a))
-* **open-xchange:** Use login name instead of email between OX and Dovecot ([8e9ef08](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/8e9ef0867beb8381ad4a5f55f2e9d12bd7dbbba2))
-* **openproject:** Update from 16.0.0 to 16.0.1 ([b60f9c7](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/b60f9c7576deca327ad36c48ad0b1a7e3e9d3c9c))
-
-
-### Features
-
-* **ci:** Update Helm to 3.18.1 and Helmfile to 1.1.1 ([59a4086](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/59a40864edbdf9775e0d6003425c3b05b7b7cb15))
-* **notes:** Update from 2.4.0 to 3.2.1 ([9f4e3c8](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/9f4e3c86c74ef6c6f618150a7a9d0935fb5ed437))
-* **open-xchange:** Support for `mailAlternativAddress`(es) for sending and receiving emails ([6d6b1a6](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/6d6b1a6dd754dcb283fd23f08f9df937f8e08c59))
-* **openproject:** Update from 15.5.1 to 16.0.0 including Helm chart update ([add7266](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/commit/add72669aedfcd57b41fe8680f14940ab77f6aef))
-
 ## [1.4.1](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/compare/v1.4.0...v1.4.1) (2025-06-02)
 
 

README.md

@@ -37,7 +37,7 @@ openDesk currently features the following functional main components:
 | Chat & collaboration | Element ft. Nordeck widgets | [1.11.89](https://github.com/element-hq/element-desktop/releases/tag/v1.11.89)                                                | [For the most recent release](https://element.io/user-guide)                                                                          |
 | Collaborative notes  | Notes (aka Docs)            | [3.2.1](https://github.com/suitenumerique/docs/releases/tag/v3.2.1)                                                           | Online documentation/welcome document available in installed application                                                              |
 | Diagram editor       | CryptPad ft. diagrams.net   | [2024.9.0](https://github.com/cryptpad/cryptpad/releases/tag/2024.9.0)                                                        | [For the most recent release](https://docs.cryptpad.org/en/)                                                                          |
-| File management      | Nextcloud                   | [31.0.6](https://nextcloud.com/de/changelog/#31-0-6)                                                                          | [Nextcloud 31](https://docs.nextcloud.com/)                                                                                           |
+| File management      | Nextcloud                   | [30.0.10](https://nextcloud.com/de/changelog/#30-0-10)                                                                          | [Nextcloud 30](https://docs.nextcloud.com/)                                                                                           |
 | Groupware            | OX App Suite                | [8.37](https://documentation.open-xchange.com/appsuite/releases/8.37/)                                                        | Online documentation available from within the installed application; [Additional resources](https://documentation.open-xchange.com/) |
 | Knowledge management | XWiki                       | [16.10.5](https://www.xwiki.org/xwiki/bin/view/ReleaseNotes/Data/XWiki/16.10.5/)                                              | [For the most recent release](https://www.xwiki.org/xwiki/bin/view/Documentation)                                                     |
 | Portal & IAM         | Nubus                       | [1.9.1](https://docs.software-univention.de/nubus-kubernetes-release-notes/latest/en/changelog.html#version-1-9-1-2025-05-07) | [Univention's documentation website](https://docs.software-univention.de/n/en/nubus.html)                                             |

REUSE.toml

@@ -31,9 +31,4 @@ SPDX-License-Identifier = "CC-BY-SA-4.0"
 [[annotations]]
 path = ".opencode/screenshots/*"
 SPDX-FileCopyrightText = "2025 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH"
-SPDX-License-Identifier = "CC-BY-SA-4.0"
-
-[[annotations]]
-path = ".gitlab/merge_request_templates/*.md"
-SPDX-FileCopyrightText = "2025 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH"
-SPDX-License-Identifier = "Apache-2.0"
+SPDX-License-Identifier = "CC-BY-SA-4.0"

docs/security-context.md

@@ -182,9 +182,9 @@ This list gives you an overview of templated security settings and if they compl
 | **nubus**/ums/nubusGuardian/managementApi | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
 | **nubus**/ums/nubusGuardian/managementUi | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
 | **nubus**/ums/nubusGuardian/openPolicyAgent | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
-| **nubus**/ums/nubusKeycloakBootstrap | :x: | no | n/a | yes | yes | 1000 | 1000 | yes | yes |
+| **nubus**/ums/nubusKeycloakBootstrap | :x: | no | n/a | no | yes | 1000 | 1000 | yes | yes |
 | **nubus**/ums/nubusKeycloakExtensions/handler | :x: | n/a | n/a | n/a | n/a | n/a | n/a | yes | no |
-| **nubus**/ums/nubusKeycloakExtensions/proxy | :x: | no | n/a | yes | yes | 1000 | 1000 | yes | yes |
+| **nubus**/ums/nubusKeycloakExtensions/proxy | :x: | n/a | n/a | n/a | n/a | n/a | n/a | yes | no |
 | **nubus**/ums/nubusLdapNotifier | :x: | no | n/a | yes | yes | 101 | 102 | yes | yes |
 | **nubus**/ums/nubusNotificationsApi | :x: | no | n/a | yes | yes | 1000 | 1000 | yes | yes |
 | **nubus**/ums/nubusPortalConsumer | :x: | n/a | n/a | n/a | n/a | n/a | n/a | yes | no |

helmfile/apps/nextcloud/values-nextcloud-mgmt.yaml.gotmpl

@@ -101,9 +101,7 @@ configuration:
         {{- end }}
 
   ldap:
-    base: {{ .Values.ldap.baseDn | quote }}
     host: {{ .Values.ldap.host | quote }}
-    dn: "uid=ldapsearch_nextcloud,cn=users,{{ .Values.ldap.baseDn }}"
     password:
       value: {{ .Values.secrets.nubus.ldapSearch.nextcloud | quote }}
     adminGroupName: "managed-by-attribute-FileshareAdmin"

helmfile/environments/default-enterprise-overrides/charts.yaml.gotmpl

@@ -14,4 +14,3 @@ charts:
     name: "appsuite-public-sector-pro-chart"
     version: "1.17.292"
     verify: false
-...

helmfile/environments/default-enterprise-overrides/images.yaml.gotmpl

@@ -13,7 +13,7 @@ images:
   nextcloud:
     registry: "registry.opencode.de"
     repository: "zendis/opendesk-enterprise/components/supplier/nextcloud/images/opendesk-nextcloud"
-    tag: "31.0.5@sha256:7e8937284a8843936c90fd6eff4fd7075dff45f5ee5eb42fe12dadd6d48a6283"
+    tag: "30.0.10@sha256:a63374dd44d3c6a8873da31fe0554b97fb29993a4cf18b9dd6a304b577f2f2b8"
   openxchangeCoreMW:
     registry: "registry.opencode.de"
     repository: "zendis/opendesk-enterprise/components/supplier/open-xchange/images-mirror/middleware-public-sector-pro"

helmfile/environments/default/_helper.yaml.gotmpl

@@ -1,12 +1,5 @@
 # SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
 # SPDX-License-Identifier: Apache-2.0
-
-#
-# DISCLAIMER:
-#
-# The values in this file are exposed because they are used in multiple components and it does make sense to define
-# them centrally, but we do not support changing these values, please leave them as they are.
-#
 ---
 ldap:
   host: "ums-ldap-server"

helmfile/environments/default/global.generated.yaml.gotmpl

@@ -3,5 +3,5 @@
 ---
 global:
   systemInformation:
-    releaseVersion: "v1.5.0"
+    releaseVersion: "v1.4.2"
 ...

helmfile/environments/default/images.yaml.gotmpl

@@ -320,7 +320,7 @@ images:
     # upstreamRepository: "bmi/opendesk/components/platform-development/images/opendesk-nextcloud"
     registry: "registry.opencode.de"
     repository: "bmi/opendesk/components/platform-development/images/opendesk-nextcloud"
-    tag: "2.8.0-nc31-0-5-OUTDATED@sha256:fa8d680a4fcc4ec8c454d0f77388aa70f1e2ed9c00ada45d49e5a17659c033ac"
+    tag: "30.0.10@sha256:a022c6279072eb45d14cab29296860a15ad0d5801f50a56928334eb99bae50d0"
   nextcloudExporter:
     # providerCategory: "Platform"
     # providerResponsible: "openDesk"

helmfile/files/theme/portal/stylesheet.css

@@ -97,6 +97,41 @@
   --login-logo: url("/static-files/login/logo.svg") no-repeat center;
 }
 
+/* Beta overlay for Notes */
+.portal-tile[target="tab_notes"]:before {
+  position: absolute;
+  content: "Beta";
+  color: #571EFA;
+  transform: rotate(45deg);
+  top: 8px;
+  right: 0px;
+  font-size: var(--font-size-5);
+  font-weight: bold;
+  z-index: 1;
+}
+
+@media screen and (max-width: 748px) {
+  .portal-tile[target="tab_notes"]:before {
+      top: 5px;
+      font-size: 10px;
+  }
+  .portal-tile__name {
+      font-size: 13px;
+  }
+}
+
+.portal-tile[target="tab_notes"]:after {
+  position: absolute;
+  content: "";
+  top: 1px;
+  right: 1px;
+  border-style: solid;
+  border-width: 0 calc(var(--app-tile-side-length) / 2) calc(var(--app-tile-side-length) / 2) 0;
+  border-color: transparent #E9E4FC transparent transparent;
+  z-index: 0;
+  border-top-right-radius: calc(var(--border-radius-apptile) - 1px);
+}
+
 /* Keycloak user screens begin */
 #kc-login,
 #kc-logout,

publiccode.yml

@@ -22,7 +22,7 @@ name: "openDesk"
 platforms:
   - "web"
 developmentStatus: "stable"
-softwareVersion: "1.5.0"
+softwareVersion: "1.3.1"
 releaseDate: "2025-04-23"
 softwareType: "standalone/web"
 url: "https://gitlab.opencode.de/bmi/opendesk/"