feat(networkPolicies): template custom network policies

README.md

@@ -148,6 +148,61 @@ helm install prometheus-fail2ban-exporter prometheus-exporters/prometheus-fail2b
   --set 'grafana.enabled=true'
 ```
 
+### Network policies
+
+Network policies can only take effect, when the used CNI plugin support network policies. The chart supports no custom
+network policy implementation of CNI plugins. It's support only the official API resource of `networking.k8s.io/v1`.
+
+The object networkPolicies can contains multiple networkPolicy definitions. There is currently only one example
+predefined - it's named `default`. Further networkPolicy rules can easy be added by defining additional objects. For example:
+
+> [!NOTE]
+> The structure of each custom network policy must be equal like that of default. For this reason don't forget to define
+> `annotations`, `labels` and the other properties as well.
+
+```yaml
+networkPolicies:
+  enabled: false
+  default: {}
+  my-custom-network-policy: {}
+```
+
+The example below is an excerpt of the `values.yaml` file. The network policy `default` contains ingress rules to allow
+incoming traffic from Prometheus.
+
+> [!IMPORTANT]
+> Please keep in mind, that the namespace and pod selector labels can be different from environment to environment. For
+> this reason, there is are not default network policy rules defined.
+
+```yaml
+networkPolicies:
+  enabled: true
+  default:
+    enabled: true
+    annotations: {}
+    labels: {}
+    policyTypes:
+    - Egress
+    - Ingress
+    egress: []
+      ports:
+      - port: 53
+        protocol: TCP
+      - port: 53
+        protocol: UDP
+    ingress:
+    - from:
+      - namespaceSelector:
+          matchLabels:
+            kubernetes.io/metadata.name: monitoring
+        podSelector:
+          matchLabels:
+            app.kubernetes.io/name: prometheus
+      ports:
+      - port: http
+        protocol: TCP
+```
+
 ## Parameters
 
 ### Global