diff --git a/Dockerfile b/Dockerfile
index 18730d925f829da7125061781389d0aadd57ce03..a715cfb760a9781e7f5a88b54b56f657f575cd33 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@ ARG BASE_REGISTRY=registry1.dso.mil
 ARG BASE_IMAGE=ironbank/opensource/nodejs/nodejs14
 ARG BASE_TAG=14.17.0
 
-FROM renovate/renovate:25.35.5 as builder
+FROM renovate/renovate:25.36.3 as builder
 
 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
 
diff --git a/dist/manager/ironbank/artifacts.js b/dist/manager/ironbank/artifacts.js
index 69cfaec5dc5619ae7c2d6bfd536148a52384a69a..99b8e0143c919ee1c6e31171e56b8d97cdc2925d 100644
--- a/dist/manager/ironbank/artifacts.js
+++ b/dist/manager/ironbank/artifacts.js
@@ -7,6 +7,7 @@ exports.updateArtifacts = void 0;
 const is_1 = __importDefault(require("@sindresorhus/is"));
 const js_yaml_1 = __importDefault(require("js-yaml"));
 const upath_1 = require("upath");
+const admin_1 = require("../../config/admin");
 const logger_1 = require("../../logger");
 const exec_1 = require("../../util/exec");
 const fs_1 = require("../../util/fs");
@@ -53,7 +54,7 @@ async function updateArtifacts({ packageFileName, updatedDeps, newPackageFileCon
     for (const dep of updatedDeps) {
         logger_1.logger.debug(`updatedDep(${dep})`);
         if (charts.has(dep)) {
-            const result = await postUpgrade(charts.get(dep), upath_1.join(config.localDir, dep));
+            const result = await postUpgrade(charts.get(dep), upath_1.join(admin_1.getAdminConfig(), dep));
             if (!result) {
                 return null;
             }
diff --git a/dist/manager/ironbank/artifacts.js.map b/dist/manager/ironbank/artifacts.js.map
index 34251360898754216e3bd89c1b843e84ed12d24e..e20a699856bee637c687b812755b2ee22b6a21d4 100644
--- a/dist/manager/ironbank/artifacts.js.map
+++ b/dist/manager/ironbank/artifacts.js.map
@@ -1 +1 @@
-{"version":3,"file":"artifacts.js","sourceRoot":"","sources":["../../../lib/manager/ironbank/artifacts.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAClC,sDAA2B;AAC3B,iCAA6B;AAC7B,yCAAsC;AACtC,0CAAuC;AACvC,sCAA8C;AAC9C,wCAA+C;AAI/C,KAAK,UAAU,WAAW,CAAC,GAAW,EAAE,IAAY;IAClD,eAAM,CAAC,KAAK,CAAC,wBAAwB,GAAG,KAAK,IAAI,GAAG,CAAC,CAAC;IACtD,IAAI;QACF,MAAM,GAAG,GAAG,kBAAkB,CAAC;QAC/B,MAAM,IAAI,GAAG,cAAc,GAAG,IAAI,GAAG,SAAS,GAAG,GAAG,CAAC;QACrD,MAAM,WAAI,CAAC,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,CAAC;KAC9B;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO,KAAK,CAAC;KACd;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAEM,KAAK,UAAU,eAAe,CAAC,EACpC,eAAe,EACf,WAAW,EACX,qBAAqB,EACrB,MAAM,GACS;;IACf,eAAM,CAAC,KAAK,CAAC,4BAA4B,eAAe,GAAG,CAAC,CAAC;IAC7D,IAAI,CAAC,YAAE,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE;QAClC,OAAO,IAAI,CAAC;KACb;IAED,IAAI,QAA2B,CAAC;IAChC,IAAI;QACF,QAAQ,GAAG,iBAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAsB,CAAC;KAClF;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAC,QAAQ,IAAI,YAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE;QAC/C,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAA,MAAA,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,0CAAE,UAAU,CAAC,SAAS,CAAC,CAAA,EAAE;QACrD,OAAO,IAAI,CAAC;KACb;IAED,MAAM,MAAM,GAAG,IAAI,GAAG,EAAE,CAAC;IACzB,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,SAAS,EAAE;QACrC,IAAI,MAAA,IAAI,CAAC,GAAG,0CAAE,UAAU,CAAC,SAAS,CAAC,EAAE;YACnC,MAAM,CAAC,GAAG,CACR,IAAI,CAAC,IAAI,EACT,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CACxD,CAAC;SACH;KACF;IAED,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE;QAC7B,eAAM,CAAC,KAAK,CAAC,cAAc,GAAG,GAAG,CAAC,CAAC;QACnC,IAAI,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;YACnB,MAAM,MAAM,GAAG,MAAM,WAAW,CAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EACf,YAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,GAAG,CAAC,CAC3B,CAAC;YACF,IAAI,CAAC,MAAM,EAAE;gBACX,OAAO,IAAI,CAAC;aACb;SACF;KACF;IAGD,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,MAAM,MAAM,GAAG,MAAM,mBAAa,EAAE,CAAC;IAErC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE;QACxD,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM,kBAAa,CAAC,CAAC,CAAC;aACjC;SACF,CAAC,CAAC;KACJ;IAED,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,IAAI,EAAE,EAAE;QACpC,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,CAAC;aACZ;SACF,CAAC,CAAC;KACJ;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AAzED,0CAyEC","sourcesContent":["import is from '@sindresorhus/is';\nimport yaml from 'js-yaml';\nimport { join } from 'upath';\nimport { logger } from '../../logger';\nimport { exec } from '../../util/exec';\nimport { readLocalFile } from '../../util/fs';\nimport { getRepoStatus } from '../../util/git';\nimport { UpdateArtifact, UpdateArtifactsResult } from '../types';\nimport { HardeningManifest } from './extract';\n\nasync function postUpgrade(url: string, path: string): Promise<boolean> {\n  logger.debug(`ironbank.postUpgrade(${url}, ${path})`);\n  try {\n    const cmd = 'ironbank-helm.sh';\n    const args = '--directory ' + path + ' --url ' + url;\n    await exec(`${cmd} ${args}`);\n  } catch (err) {\n    logger.error(err);\n    return false;\n  }\n  return true;\n}\n\nexport async function updateArtifacts({\n  packageFileName,\n  updatedDeps,\n  newPackageFileContent,\n  config,\n}: UpdateArtifact): Promise<UpdateArtifactsResult[] | null> {\n  logger.debug(`ironbank.updateArtifacts(${packageFileName})`);\n  if (!is.nonEmptyArray(updatedDeps)) {\n    return null;\n  }\n\n  let manifest: HardeningManifest;\n  try {\n    manifest = yaml.load(newPackageFileContent, { json: true }) as HardeningManifest;\n  } catch (err) {\n    logger.error('Failed to parse hardening_manifest.yaml');\n    return null;\n  }\n\n  if (!(manifest && is.array(manifest.resources))) {\n    return null;\n  }\n\n  if (!manifest.resources[0].url?.startsWith('helm://')) {\n    return null;\n  }\n\n  const charts = new Map();\n  for (const item of manifest.resources) {\n    if (item.url?.startsWith('helm://')) {\n      charts.set(\n        item.name,\n        `${String('https://')}${String(item.url.substring(7))}`\n      );\n    }\n  }\n\n  for (const dep of updatedDeps) {\n    logger.debug(`updatedDep(${dep})`);\n    if (charts.has(dep)) {\n      const result = await postUpgrade(\n        charts.get(dep),\n        join(config.localDir, dep)\n      );\n      if (!result) {\n        return null;\n      }\n    }\n  }\n\n\n  const res = [];\n  const status = await getRepoStatus();\n\n  for (const f of status.modified.concat(status.not_added)) {\n    res.push({\n      file: {\n        name: f,\n        contents: await readLocalFile(f),\n      },\n    });\n  }\n\n  for (const f of status.deleted || []) {\n    res.push({\n      file: {\n        name: '|delete|',\n        contents: f,\n      },\n    });\n  }\n\n  return res;\n}\n"]}
\ No newline at end of file
+{"version":3,"file":"artifacts.js","sourceRoot":"","sources":["../../../lib/manager/ironbank/artifacts.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAClC,sDAA2B;AAC3B,iCAA6B;AAC7B,8CAAoD;AACpD,yCAAsC;AACtC,0CAAuC;AACvC,sCAA8C;AAC9C,wCAA+C;AAI/C,KAAK,UAAU,WAAW,CAAC,GAAW,EAAE,IAAY;IAClD,eAAM,CAAC,KAAK,CAAC,wBAAwB,GAAG,KAAK,IAAI,GAAG,CAAC,CAAC;IACtD,IAAI;QACF,MAAM,GAAG,GAAG,kBAAkB,CAAC;QAC/B,MAAM,IAAI,GAAG,cAAc,GAAG,IAAI,GAAG,SAAS,GAAG,GAAG,CAAC;QACrD,MAAM,WAAI,CAAC,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,CAAC;KAC9B;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO,KAAK,CAAC;KACd;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAEM,KAAK,UAAU,eAAe,CAAC,EACpC,eAAe,EACf,WAAW,EACX,qBAAqB,EACrB,MAAM,GACS;;IACf,eAAM,CAAC,KAAK,CAAC,4BAA4B,eAAe,GAAG,CAAC,CAAC;IAC7D,IAAI,CAAC,YAAE,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE;QAClC,OAAO,IAAI,CAAC;KACb;IAED,IAAI,QAA2B,CAAC;IAChC,IAAI;QACF,QAAQ,GAAG,iBAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAsB,CAAC;KAClF;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAC,QAAQ,IAAI,YAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE;QAC/C,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAA,MAAA,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,0CAAE,UAAU,CAAC,SAAS,CAAC,CAAA,EAAE;QACrD,OAAO,IAAI,CAAC;KACb;IAED,MAAM,MAAM,GAAG,IAAI,GAAG,EAAE,CAAC;IACzB,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,SAAS,EAAE;QACrC,IAAI,MAAA,IAAI,CAAC,GAAG,0CAAE,UAAU,CAAC,SAAS,CAAC,EAAE;YACnC,MAAM,CAAC,GAAG,CACR,IAAI,CAAC,IAAI,EACT,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CACxD,CAAC;SACH;KACF;IAED,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE;QAC7B,eAAM,CAAC,KAAK,CAAC,cAAc,GAAG,GAAG,CAAC,CAAC;QACnC,IAAI,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;YACnB,MAAM,MAAM,GAAG,MAAM,WAAW,CAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EACf,YAAI,CAAC,sBAAc,EAAE,EAAE,GAAG,CAAC,CAC5B,CAAC;YACF,IAAI,CAAC,MAAM,EAAE;gBACX,OAAO,IAAI,CAAC;aACb;SACF;KACF;IAGD,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,MAAM,MAAM,GAAG,MAAM,mBAAa,EAAE,CAAC;IAErC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE;QACxD,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM,kBAAa,CAAC,CAAC,CAAC;aACjC;SACF,CAAC,CAAC;KACJ;IAED,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,IAAI,EAAE,EAAE;QACpC,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,CAAC;aACZ;SACF,CAAC,CAAC;KACJ;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AAzED,0CAyEC","sourcesContent":["import is from '@sindresorhus/is';\nimport yaml from 'js-yaml';\nimport { join } from 'upath';\nimport { getAdminConfig } from '../../config/admin';\nimport { logger } from '../../logger';\nimport { exec } from '../../util/exec';\nimport { readLocalFile } from '../../util/fs';\nimport { getRepoStatus } from '../../util/git';\nimport { UpdateArtifact, UpdateArtifactsResult } from '../types';\nimport { HardeningManifest } from './extract';\n\nasync function postUpgrade(url: string, path: string): Promise<boolean> {\n  logger.debug(`ironbank.postUpgrade(${url}, ${path})`);\n  try {\n    const cmd = 'ironbank-helm.sh';\n    const args = '--directory ' + path + ' --url ' + url;\n    await exec(`${cmd} ${args}`);\n  } catch (err) {\n    logger.error(err);\n    return false;\n  }\n  return true;\n}\n\nexport async function updateArtifacts({\n  packageFileName,\n  updatedDeps,\n  newPackageFileContent,\n  config,\n}: UpdateArtifact): Promise<UpdateArtifactsResult[] | null> {\n  logger.debug(`ironbank.updateArtifacts(${packageFileName})`);\n  if (!is.nonEmptyArray(updatedDeps)) {\n    return null;\n  }\n\n  let manifest: HardeningManifest;\n  try {\n    manifest = yaml.load(newPackageFileContent, { json: true }) as HardeningManifest;\n  } catch (err) {\n    logger.error('Failed to parse hardening_manifest.yaml');\n    return null;\n  }\n\n  if (!(manifest && is.array(manifest.resources))) {\n    return null;\n  }\n\n  if (!manifest.resources[0].url?.startsWith('helm://')) {\n    return null;\n  }\n\n  const charts = new Map();\n  for (const item of manifest.resources) {\n    if (item.url?.startsWith('helm://')) {\n      charts.set(\n        item.name,\n        `${String('https://')}${String(item.url.substring(7))}`\n      );\n    }\n  }\n\n  for (const dep of updatedDeps) {\n    logger.debug(`updatedDep(${dep})`);\n    if (charts.has(dep)) {\n      const result = await postUpgrade(\n        charts.get(dep),\n        join(getAdminConfig(), dep)\n      );\n      if (!result) {\n        return null;\n      }\n    }\n  }\n\n\n  const res = [];\n  const status = await getRepoStatus();\n\n  for (const f of status.modified.concat(status.not_added)) {\n    res.push({\n      file: {\n        name: f,\n        contents: await readLocalFile(f),\n      },\n    });\n  }\n\n  for (const f of status.deleted || []) {\n    res.push({\n      file: {\n        name: '|delete|',\n        contents: f,\n      },\n    });\n  }\n\n  return res;\n}\n"]}
\ No newline at end of file
diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml
index 9067e8cb9cd073d176982ede058744364d86778f..b33393245f18e4168ba58be896213c2bc173375f 100644
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -8,7 +8,7 @@ name: "container-hardening-tools/renovate/renovate"
 # The most specific version should be the first tag and will be shown
 # on ironbank.dsop.io
 tags:
-- "25.35.5"
+- "25.36.3"
 - "latest"
 
 # Build args passed to Dockerfile ARGs
@@ -27,7 +27,7 @@ labels:
   org.opencontainers.image.url: "https://github.com/renovatebot/renovate"
   ## Name of the distributing entity, organization or individual
   org.opencontainers.image.vendor: "WhiteSource"
-  org.opencontainers.image.version: "25.35.5"
+  org.opencontainers.image.version: "25.36.3"
   ## Keywords to help with search (ex. "cicd,gitops,golang")
   mil.dso.ironbank.image.keywords: "automation,dependency,updates"
   ## This value can be "opensource" or "commercial"
@@ -37,8 +37,8 @@ labels:
 
 # List of resources to make available to the offline build context
 resources:
-- tag: renovate/renovate:25.35.5
-  url: docker://docker.io/renovate/renovate@sha256:660607484713606ab1c910ec2cc62070e7135c3cb93669890493b35c298c2faf
+- tag: renovate/renovate:25.36.3
+  url: docker://docker.io/renovate/renovate@sha256:bec15060800e221a194256eb04c24a4721184793c88b8ea2a3efd36cd1e0f4db
 - filename: helm-docs.tar.gz
   url: https://github.com/norwoodj/helm-docs/releases/download/v1.5.0/helm-docs_1.5.0_Linux_x86_64.tar.gz
   validation:
diff --git a/lib/manager/ironbank/artifacts.ts b/lib/manager/ironbank/artifacts.ts
index 04eb2c34f01e4dcb31ab120ad10e209da5db9325..4911ffff8e1a69df11f2650a7707139ba6857d95 100644
--- a/lib/manager/ironbank/artifacts.ts
+++ b/lib/manager/ironbank/artifacts.ts
@@ -1,6 +1,7 @@
 import is from '@sindresorhus/is';
 import yaml from 'js-yaml';
 import { join } from 'upath';
+import { getAdminConfig } from '../../config/admin';
 import { logger } from '../../logger';
 import { exec } from '../../util/exec';
 import { readLocalFile } from '../../util/fs';
@@ -63,7 +64,7 @@ export async function updateArtifacts({
     if (charts.has(dep)) {
       const result = await postUpgrade(
         charts.get(dep),
-        join(config.localDir, dep)
+        join(getAdminConfig(), dep)
       );
       if (!result) {
         return null;