Update noStrudel to v0.41.0

[hzrd149]

upstream release https://github.com/hzrd149/nostrudel/blob/master/CHANGELOG.md#0410

[hzrd149]

I don't quite understand the requirement for the @<sha256> on the docker image

If the docker image supports both amd64 and arm64 architectures then its going to have two hashes. which one should be used?

See here https://github.com/hzrd149/nostrudel/pkgs/container/nostrudel/275705195?tag=0.41.0

[nmfretz]

Thanks for the noStrudel update @hzrd149!

If the docker image supports both amd64 and arm64 architectures then its going to have two hashes. which one should be used?

There's actually another hash for the multi-arch image manifest. There are quite a few ways to get it, but here's a couple:

1. On ghrc.io, if you've published a multi-arch image then it will be the digest shown under the tag:

You can also see it at the link you provided (circled in yellow):

2. If you pull the Docker image by tag, it will give you the multi-arch manifest digest:

$ sudo docker pull ghcr.io/hzrd149/nostrudel:0.41.0
[sudo] password for umbrel:
0.41.0: Pulling from hzrd149/nostrudel
...
Digest: sha256:94936037a0370d3c63bcc1beba62d18c20bd9b723073e695549cd75d2076ff2f
Status: Downloaded newer image for ghcr.io/hzrd149/nostrudel:0.41.0
ghcr.io/hzrd149/nostrudel:0.41.0

I don't quite understand the requirement for the @<sha256> on the docker image

What this does is lock us in to the exact Docker image that we've tested in this PR. Docker gives precedence to the digest over the tag, so even if another image is pushed to the 0.41.0 tag users who install, update, or restart noStrudel will still grab the exact one associated with digest sha256:94936037a0370d3c63bcc1beba62d18c20bd9b723073e695549cd75d2076ff2f that we've tested here.

[github-actions]

🎉   Linting finished with no errors or warnings   🎉

Thank you for your submission! This is an automated linter that checks for common issues in pull requests to the Umbrel App Store.

Please review the linting results below and make any necessary changes to your submission.

Linting Results

Severity	File	Description
ℹ️	nostrudel/docker-compose.yml	Potentially using unsafe user in service "cors": The default container user "root" can lead to security vulnerabilities. If you are using the root user, please try to specify a different user (e.g. "1000:1000") in the compose file or try to set the UID/PUID and GID/PGID environment variables to 1000.
ℹ️	nostrudel/docker-compose.yml	Potentially using unsafe user in service "web": The default container user "root" can lead to security vulnerabilities. If you are using the root user, please try to specify a different user (e.g. "1000:1000") in the compose file or try to set the UID/PUID and GID/PGID environment variables to 1000.

Legend

Symbol	Description
❌	Error: This must be resolved before this PR can be merged.
⚠️	Warning: This is highly encouraged to be resolved, but is not strictly mandatory.
ℹ️	Info: This is just for your information.

[nmfretz]

@hzrd149 I have added the multi-arch manifest digest. I have also tweaked the release notes formatting, which can be finicky, so that we get:

Instead of this:

Tested and going live. Thanks again for the update!