chore(deps): update library/node docker tag to v24

2025-05-27 16:11:31 +00:00
11 changed files with 16 additions and 205 deletions
--- a/.gitea/scripts/add-annotations.sh
+++ b/.gitea/scripts/add-annotations.sh
@ -1,103 +0,0 @@
-#!/bin/bash
-
-set -e
-
-CHART_FILE="Chart.yaml"
-if [ ! -f "${CHART_FILE}" ]; then
-  echo "ERROR: ${CHART_FILE} not found!"
-  exit 1
-fi
-
-
-DEFAULT_NEW_TAG="$(git describe --abbrev=0)"
-DEFAULT_OLD_TAG="$(git describe --abbrev=0 --tags "$(git rev-list --tags --skip=1 --max-count=1)")"
-
-if [ -z "${1}" ]; then
-  read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG
-  if [ -z "${OLD_TAG}" ]; then
-    OLD_TAG="${DEFAULT_OLD_TAG}"
-  fi
-
-  while [ -z "$(git tag --list "${OLD_TAG}")" ]; do
-    echo "ERROR: Tag '${OLD_TAG}' not found!"
-    read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG
-    if [ -z "${OLD_TAG}" ]; then
-      OLD_TAG="${DEFAULT_OLD_TAG}"
-    fi
-  done
-else
-  OLD_TAG=${1}
-  if [ -z "$(git tag --list "${OLD_TAG}")" ]; then
-    echo "ERROR: Tag '${OLD_TAG}' not found!"
-    exit 1
-  fi
-fi
-
-if [ -z "${1}" ]; then
-  read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG
-  if [ -z "${NEW_TAG}" ]; then
-    NEW_TAG="${DEFAULT_NEW_TAG}"
-  fi
-
-  while [ -z "$(git tag --list "${NEW_TAG}")" ]; do
-    echo "ERROR: Tag '${NEW_TAG}' not found!"
-    read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG
-    if [ -z "${NEW_TAG}" ]; then
-      NEW_TAG="${DEFAULT_NEW_TAG}"
-    fi
-  done
-else
-  NEW_TAG=${1}
-
-  if [ -z "$(git tag --list "${NEW_TAG}")" ]; then
-    echo "ERROR: Tag '${NEW_TAG}' not found!"
-    exit 1
-  fi
-fi
-
-YAML_FILE=$(mktemp)
-
-function map_type_to_kind() {
-  case "${1}" in
-    feat)
-      echo "added"
-    ;;
-    fix)
-      echo "fixed"
-    ;;
-    chore|style|test|ci|docs|refac)
-      echo "changed"
-    ;;
-    revert)
-      echo "removed"
-    ;;
-    sec)
-      echo "security"
-    ;;
-    *)
-      echo "skip"
-    ;;
-  esac
-}
-
-COMMIT_TITLES=$(git log "${OLD_TAG}..${NEW_TAG}" --pretty=format:"%s")
-
-while IFS= read -r line; do
-  if [[ "${line}" =~ ^([a-zA-Z]+)(\([^\)]+\))?\:\ (.+)$ ]]; then
-    TYPE="${BASH_REMATCH[1]}"
-
-    if [ "${TYPE}" == "skip" ]; then
-      continue
-    fi
-
-    DESC="${BASH_REMATCH[3]}"
-    KIND=$(map_type_to_kind "${TYPE}")
-
-    yq --inplace ". += [ {\"kind\": \"${KIND}\", \"description\": \"${DESC}\"}]" "${YAML_FILE}"
-  fi
-done <<< "${COMMIT_TITLES}"
-
-yq --no-colors --inplace ".annotations.\"artifacthub.io/changes\" |= loadstr(\"${YAML_FILE}\") | sort_keys(.)" "${CHART_FILE}"
-yq --no-colors --inplace ".version = \"${NEW_TAG}\"" "${CHART_FILE}"
-
-rm "${YAML_FILE}"
--- a/.gitea/workflows/generate-readme.yaml
+++ b/.gitea/workflows/generate-readme.yaml
@ -15,7 +15,7 @@ on:
 jobs:
  generate-parameters:
    container:
-      image: docker.io/library/node:24.1.0-alpine
+      image: docker.io/library/node:23.11.1-alpine
    runs-on:
    - ubuntu-latest
    steps:
--- a/.gitea/workflows/helm.yaml
+++ b/.gitea/workflows/helm.yaml
@ -13,7 +13,7 @@ on:
 jobs:
  helm-lint:
    container:
-      image: docker.io/volkerraschek/helm:3.18.2
+      image: docker.io/volkerraschek/helm:3.18.0
    runs-on:
    - ubuntu-latest
    steps:
@ -28,7 +28,7 @@ jobs:

  helm-unittest:
    container:
-      image: docker.io/volkerraschek/helm:3.18.2
+      image: docker.io/volkerraschek/helm:3.18.0
    runs-on:
    - ubuntu-latest
    steps:
--- a/.gitea/workflows/markdown-linters.yaml
+++ b/.gitea/workflows/markdown-linters.yaml
@ -15,7 +15,7 @@ on:
 jobs:
  markdown-link-checker:
    container:
-      image: docker.io/library/node:24.1.0-alpine
+      image: docker.io/library/node:23.11.1-alpine
    runs-on:
    - ubuntu-latest
    steps:
@ -31,7 +31,7 @@ jobs:

  markdown-lint:
    container:
-      image: docker.io/library/node:24.1.0-alpine
+      image: docker.io/library/node:23.11.1-alpine
    runs-on:
    - ubuntu-latest
    steps:
--- a/.gitea/workflows/release.yaml
+++ b/.gitea/workflows/release.yaml
@ -8,25 +8,18 @@ on:
 jobs:
  publish-chart:
    container:
-      image: docker.io/volkerraschek/helm:3.18.2
+      image: docker.io/volkerraschek/helm:3.18.0
    runs-on: ubuntu-latest
    steps:
      - name: Install tooling
        run: |
          apk update
-          apk add git npm yq
+          apk add git npm
      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Add Artifacthub.io annotations
-        run: |
-          NEW_TAG="$(git describe --abbrev=0)"
-          OLD_TAG="$(git describe --abbrev=0 --tags "$(git rev-list --tags --skip=1 --max-count=1)")"
-          .gitea/scripts/add-annotations.sh "${NEW_TAG}" "${OLD_TAG}"
-
      - name: Package chart
        env:
+          HELM_REPO_NAME: upload
+
          CHARTMUSEUM_PASSWORD: ${{ secrets.CHARTMUSEUM_PASSWORD }}
          CHARTMUSEUM_REPOSITORY: ${{ vars.CHARTMUSEUM_REPOSITORY }}
          CHARTMUSEUM_USERNAME: ${{ secrets.CHARTMUSEUM_USERNAME }}
--- a/Chart.yaml
+++ b/Chart.yaml
@ -2,6 +2,7 @@ apiVersion: v2
 name: prometheus-fail2ban-exporter
 description: Prometheus metric exporter for Fail2Ban
 type: application
+kubeVersion: ">=1.20.0"
 version: "0.1.0"
 appVersion: "0.1.1"

--- a/4
+++ b/4
@ -4,13 +4,13 @@ CONTAINER_RUNTIME?=$(shell which podman)
 # HELM_IMAGE
 HELM_IMAGE_REGISTRY_HOST?=docker.io
 HELM_IMAGE_REPOSITORY?=volkerraschek/helm
-HELM_IMAGE_VERSION?=3.18.2 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm
+HELM_IMAGE_VERSION?=3.18.0 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm
 HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION}

 # NODE_IMAGE
 NODE_IMAGE_REGISTRY_HOST?=docker.io
 NODE_IMAGE_REPOSITORY?=library/node
-NODE_IMAGE_VERSION?=24.1.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node
+NODE_IMAGE_VERSION?=24.1.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=library/node
 NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION}

 # MISSING DOT
--- a/README.md
+++ b/README.md
@ -19,7 +19,7 @@ helm chart is tested for deployment scenarios with **ArgoCD**.
 ## Helm: configuration and installation

 1. A helm chart repository must be configured, to pull the helm charts from.
-2. All available [parameters](#parameters) are documented in detail below. The parameters can be defined via the helm
+2. All available parameters are [here](#parameters) in detail documented. The parameters can be defined via the helm
   `--set` flag or directly as part of a `values.yaml` file. The following example defines the `prometheus-exporter`
   repository and use the `--set` flag for a basic deployment.

@ -42,7 +42,7 @@ version of the chart must be in sync with the `values.yaml`. Newer *minor* versi
 versions can break something!

 ```bash
-CHART_VERSION=0.4.0
+CHART_VERSION=0.3.1
 helm show values prometheus-exporters/prometheus-fail2ban-exporter --version "${CHART_VERSION}" > values.yaml
 ```

@ -70,8 +70,7 @@ available. As this is a Golang application, this can be implemented using `GOMAX
 of defining `GOMAXPROCS` automatically based on the defined CPU limit like `1000m`. Please keep in mind, that the CFS
 rate of `100ms` - default on each kubernetes node, is also very important to avoid CPU throttling.

-Further information about this topic can be found in one of Kanishk's blog
-[posts](https://kanishk.io/posts/cpu-throttling-in-containerized-go-apps/).
+Further information about this topic can be found [here](https://kanishk.io/posts/cpu-throttling-in-containerized-go-apps/).

 > [!NOTE]
 > The environment variable `GOMAXPROCS` is set automatically, when a CPU limit is defined. An explicit configuration is
--- a/templates/prometheus-fail2ban-exporter/_pod.tpl
+++ b/templates/prometheus-fail2ban-exporter/_pod.tpl
@ -4,21 +4,6 @@

 {{- define "prometheus-fail2ban-exporter.pod.annotations" -}}
 {{ include "prometheus-fail2ban-exporter.annotations" . }}
-
-# The following annotations are required to trigger a rolling update. Further information can be found in the official
-# documentation of helm:
-#
-#   https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-#
-
-{{/* web config */}}
-{{- if and .Values.config.webConfig.existingSecret.enabled .Values.config.webConfig.existingSecret.secretName }}
-{{- $secret := default (dict "data" (dict)) (lookup "v1" "Secret" .Release.Namespace .Values.config.webConfig.existingSecret.secretName ) }}
-checksum/secret-web-config: {{ print $secret.spec | sha256sum }}
-{{- else }}
-checksum/secret-web-config: {{ include (print $.Template.BasePath "/prometheus-fail2ban-exporter/secretWebConfig.yaml") . | sha256sum }}
-{{- end }}
-
 {{- end }}

 {{/* labels */}}
--- a/templates/prometheus-fail2ban-exporter/daemonSet.yaml
+++ b/templates/prometheus-fail2ban-exporter/daemonSet.yaml
@ -17,8 +17,6 @@ spec:
      {{- include "prometheus-fail2ban-exporter.pod.selectorLabels" . | nindent 6 }}
  template:
    metadata:
-      annotations:
-        {{- include "prometheus-fail2ban-exporter.pod.annotations" . | nindent 8 }}
      labels:
        {{- include "prometheus-fail2ban-exporter.pod.labels" . | nindent 8 }}
    spec:
--- a/unittests/daemonset/daemonset.yaml
+++ b/unittests/daemonset/daemonset.yaml
@ -7,22 +7,18 @@ release:
  namespace: testing
 templates:
 - templates/prometheus-fail2ban-exporter/daemonSet.yaml
- templates/prometheus-fail2ban-exporter/secretWebConfig.yaml
 tests:
 - it: Rendering default
  asserts:
  - hasDocuments:
      count: 1
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - containsDocument:
      apiVersion: apps/v1
      kind: DaemonSet
      name: prometheus-fail2ban-exporter-unittest
      namespace: testing
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: metadata.annotations
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: metadata.labels
      value:
@ -31,31 +27,15 @@ tests:
        app.kubernetes.io/name: prometheus-fail2ban-exporter
        app.kubernetes.io/version: 0.1.0
        helm.sh/chart: prometheus-fail2ban-exporter-0.1.0
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
-  - exists:
-      path: spec.template.metadata.annotations.checksum/secret-web-config
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
-  - equal:
-      path: spec.template.metadata.labels
-      value:
-        app.kubernetes.io/instance: prometheus-fail2ban-exporter-unittest
-        app.kubernetes.io/managed-by: Helm
-        app.kubernetes.io/name: prometheus-fail2ban-exporter
-        app.kubernetes.io/version: 0.1.0
-        helm.sh/chart: prometheus-fail2ban-exporter-0.1.0
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.affinity
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.containers[0].envFrom
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.template.spec.containers[0].args
      value:
      # - --web.config.file=/etc/prometheus-fail2ban-exporter/config.d/webConfig.yaml
      - --web.listen-address=:9191
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.template.spec.containers[0].volumeMounts
      value:
@ -63,7 +43,6 @@ tests:
        name: socket
      - mountPath: /etc/prometheus-fail2ban-exporter/config.d
        name: config-d
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.template.spec.volumes
      value:
@ -74,59 +53,42 @@ tests:
      - name: config-d
        secret:
          secretName: prometheus-fail2ban-exporter-unittest-web-config
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.template.spec.containers[0].image
      value: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter:0.1.0
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.template.spec.containers[0].imagePullPolicy
      value: IfNotPresent
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.containers[0].resources
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.containers[0].securityContext
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.dnsConfig
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.dnsPolicy
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.hostname
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.template.spec.hostNetwork
      value: false
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.imagePullSecrets
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.nodeSelector
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.priorityClassName
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.restartPolicy
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.subdomain
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.template.spec.terminationGracePeriodSeconds
      value: 60
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.tolerations
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - notExists:
      path: spec.template.spec.topologySpreadConstraints
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.updateStrategy
      value:
@ -134,7 +96,6 @@ tests:
          maxSurge: 1
          maxUnavailable: 0
        type: "RollingUpdate"
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test custom affinity
  set:
@ -161,7 +122,6 @@ tests:
                values:
                - antarctica-east1
                - antarctica-west1
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test additional arguments
  set:
@ -176,7 +136,6 @@ tests:
      - --web.listen-address=:9191
      - --foo=bar
      - --bar=foo
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test custom imageRegistry and imageRepository
  set:
@ -186,7 +145,6 @@ tests:
  - equal:
      path: spec.template.spec.containers[0].image
      value: registry.example.local/path/special/prometheus-fail2ban-exporter:0.1.0
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test custom imagePullPolicy
  set:
@ -195,7 +153,6 @@ tests:
  - equal:
      path: spec.template.spec.containers[0].imagePullPolicy
      value: Always
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test config.webConfig.existingSecret
  set:
@ -209,7 +166,6 @@ tests:
        name: socket
      - mountPath: /etc/prometheus-fail2ban-exporter/config.d
        name: config-d
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.template.spec.volumes
      value:
@ -220,7 +176,6 @@ tests:
      - name: config-d
        secret:
          secretName: web-config-secret
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test custom resource limits and requests
  set:
@ -240,7 +195,6 @@ tests:
          resourceFieldRef:
            divisor: "1"
            resource: limits.cpu
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.template.spec.containers[0].resources
      value:
@ -250,7 +204,6 @@ tests:
        requests:
          cpu: 25m
          memory: 100MB
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test custom securityContext
  set:
@ -277,7 +230,6 @@ tests:
        readOnlyRootFilesystem: true
        runAsNonRoot: true
        runAsUser: 1000
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test dnsConfig
  set:
@ -292,7 +244,6 @@ tests:
        nameservers:
        - "8.8.8.8"
        - "8.8.4.4"
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test dnsPolicy
  set:
@ -301,7 +252,6 @@ tests:
  - equal:
      path: spec.template.spec.dnsPolicy
      value: ClusterFirst
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test hostNetwork, hostname, subdomain
  set:
@ -312,15 +262,12 @@ tests:
  - equal:
      path: spec.template.spec.hostNetwork
      value: true
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.template.spec.hostname
      value: pg-exporter
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.template.spec.subdomain
      value: exporters.internal
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test imagePullSecrets
  set:
@ -333,7 +280,6 @@ tests:
      value:
      - name: my-pull-secret
      - name: my-special-secret
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test nodeSelector
  set:
@ -344,7 +290,6 @@ tests:
      path: spec.template.spec.nodeSelector
      value:
        foo: bar
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test priorityClassName
  set:
@ -353,7 +298,6 @@ tests:
  - equal:
      path: spec.template.spec.priorityClassName
      value: my-priority
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test restartPolicy
  set:
@ -362,7 +306,6 @@ tests:
  - equal:
      path: spec.template.spec.restartPolicy
      value: Always
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test terminationGracePeriodSeconds
  set:
@ -371,7 +314,6 @@ tests:
  - equal:
      path: spec.template.spec.terminationGracePeriodSeconds
      value: 120
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test tolerations
  set:
@ -388,7 +330,6 @@ tests:
        operator: Equal
        value: fail2ban
        effect: NoSchedule
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test topologySpreadConstraints
  set:
@ -407,7 +348,6 @@ tests:
        labelSelector:
          matchLabels:
            app.kubernetes.io/instance: prometheus-fail2ban-exporter
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml

 - it: Test additional volumeMounts and volumes
  set:
@ -426,7 +366,6 @@ tests:
        mountPath: /usr/lib/prometheus-fail2ban-exporter/data
      - name: config-d
        mountPath: /etc/prometheus-fail2ban-exporter/config.d
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
  - equal:
      path: spec.template.spec.volumes
      value:
@ -435,5 +374,4 @@ tests:
          path: /usr/lib/prometheus-fail2ban-exporter/data
      - name: config-d
        secret:
-          secretName: prometheus-fail2ban-exporter-unittest-web-config
-    template: templates/prometheus-fail2ban-exporter/daemonSet.yaml
+          secretName: prometheus-fail2ban-exporter-unittest-web-config