You've already forked prometheus-fail2ban-exporter-charts
							
							Compare commits
	
		
			139 Commits
		
	
	
		
			7b63fae83f
			...
			renovate/m
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 86cf52bf31 | |||
| 6ab50d653b | |||
| 2e1da27690 | |||
| c0a5c36010 | |||
| 731d6a2a63 | |||
| 87f1281751 | |||
| 838139cd79 | |||
| 542ee02b21 | |||
| 5cdb57fb2e | |||
| f2a2978f51 | |||
| a0b612c5f1 | |||
| b4733d1332 | |||
| bf8aae45c7 | |||
| a0af25baaf | |||
| ac6702aec6 | |||
| 3d83e3a395 | |||
| 78c7a1bf9a | |||
| d2193b7f9e | |||
| f3a73f6fec | |||
| 7a565c491c | |||
| bbe0123d17 | |||
| e49fd13e9d | |||
| 156d1a2c41 | |||
| d4f9014d38 | |||
| 4b2f55d673 | |||
| a8c20dcef1 | |||
| 42b6fbb166 | |||
| e042629612 | |||
| 3e4d55f423 | |||
| 25cb3e0923 | |||
| ad260746c3 | |||
| 7d8ea5851d | |||
| 7530410537 | |||
| 90c3270eb8 | |||
| 417797e893 | |||
| 3e5751abad | |||
| f83ea9e153 | |||
| 2b537fd08a | |||
| ad61e17558 | |||
| d8882ddd1b | |||
| e5cc409025 | |||
| e75cd5ccef | |||
| cbc9fb4577 | |||
| c85df1fb4a | |||
| 7c7f0818d8 | |||
| b231966756 | |||
| 317df7187f | |||
| 1dcfc3fbe7 | |||
| a9324855df | |||
| 90e3520510 | |||
| 62b0fe206e | |||
| 23e52531bc | |||
| 879264a4e9 | |||
| cd91338a02 | |||
| ccf1f1c3bb | |||
| f29b326c07 | |||
| 9fb2f2fa1b | |||
| 4e948193c9 | |||
| 80673d104b | |||
| 4731577534 | |||
| e1ad6999c2 | |||
| 82f57cc993 | |||
| ae9b59f0c0 | |||
| 9e519d1659 | |||
| 1938a56284 | |||
| eefe3634ee | |||
| ea7b775501 | |||
| ccc60e335c | |||
| 02a9de23c0 | |||
| 0c0c0e5ea7 | |||
| 863c3a30c1 | |||
| c9a45d8040 | |||
| 24d29f2b09 | |||
| a4180e0953 | |||
| c5783bd053 | |||
| 7cfe55a106 | |||
| a0bb4f2277 | |||
| 022a4d2155 | |||
| 130ee5d49e | |||
| be667bad1d | |||
| 01614570f7 | |||
| 6de5e9aa48 | |||
| 2740175246 | |||
| 7caedbe80d | |||
| eac8c552bb | |||
| c4b209a1a4 | |||
| 9cd56ac7f6 | |||
| 6425930268 | |||
| 69c4b3dd4d | |||
| d56f5e65c7 | |||
| 4229055965 | |||
| 34edb19f8e | |||
| 61020ff224 | |||
| bfdec6719a | |||
| 3c150df5eb | |||
| fc1c83a377 | |||
| f6380cab84 | |||
| 563acfdade | |||
| 553d8e11b5 | |||
| d8efe91340 | |||
| 5833d4de38 | |||
| 38b4f95a1f | |||
| 51ee91fed1 | |||
| c0416cdf48 | |||
| 00231f462b | |||
| 9e962fbffd | |||
| 63125f1849 | |||
| 65d2452df4 | |||
| 2885f08ed6 | |||
| 5ca76168e6 | |||
| 0591f3c6ee | |||
| ec1e7f7b7a | |||
| ea0183bb1b | |||
| 36492ede79 | |||
| 660cbdb3a8 | |||
| 9298cbdd2c | |||
| 6aa80bc0cf | |||
| a702f8678f | |||
| e7ccd21400 | |||
| e97e6695d7 | |||
| 1f45cd0eda | |||
| ec402f5490 | |||
| 7db144b527 | |||
| e9dcea3568 | |||
| 9053f2b406 | |||
| 356bc276a7 | |||
| 5b3fb80716 | |||
| 4a2b968daf | |||
| fb69f54dd8 | |||
| 58cf0244a0 | |||
| 85fca15ad6 | |||
| 27bc608b4e | |||
| 6e9548ba92 | |||
| da0daf74aa | |||
| 7f921ff1eb | |||
| f8cf436855 | |||
| a17476a942 | |||
| f99a401095 | |||
| 76d6979ad3 | 
							
								
								
									
										114
									
								
								.gitea/scripts/add-annotations.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										114
									
								
								.gitea/scripts/add-annotations.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,114 @@ | ||||
| #!/bin/bash | ||||
|  | ||||
| set -e | ||||
|  | ||||
| CHART_FILE="Chart.yaml" | ||||
| if [ ! -f "${CHART_FILE}" ]; then | ||||
|   echo "ERROR: ${CHART_FILE} not found!" 1>&2 | ||||
|   exit 1 | ||||
| fi | ||||
|  | ||||
| DEFAULT_NEW_TAG="$(git tag --sort=-version:refname | head -n 1)" | ||||
| DEFAULT_OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)" | ||||
|  | ||||
| if [ -z "${1}" ]; then | ||||
|   read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG | ||||
|   if [ -z "${OLD_TAG}" ]; then | ||||
|     OLD_TAG="${DEFAULT_OLD_TAG}" | ||||
|   fi | ||||
|  | ||||
|   while [ -z "$(git tag --list "${OLD_TAG}")" ]; do | ||||
|     echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2 | ||||
|     read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG | ||||
|     if [ -z "${OLD_TAG}" ]; then | ||||
|       OLD_TAG="${DEFAULT_OLD_TAG}" | ||||
|     fi | ||||
|   done | ||||
| else | ||||
|   OLD_TAG=${1} | ||||
|   if [ -z "$(git tag --list "${OLD_TAG}")" ]; then | ||||
|     echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2 | ||||
|     exit 1 | ||||
|   fi | ||||
| fi | ||||
|  | ||||
| if [ -z "${2}" ]; then | ||||
|   read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG | ||||
|   if [ -z "${NEW_TAG}" ]; then | ||||
|     NEW_TAG="${DEFAULT_NEW_TAG}" | ||||
|   fi | ||||
|  | ||||
|   while [ -z "$(git tag --list "${NEW_TAG}")" ]; do | ||||
|     echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2 | ||||
|     read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG | ||||
|     if [ -z "${NEW_TAG}" ]; then | ||||
|       NEW_TAG="${DEFAULT_NEW_TAG}" | ||||
|     fi | ||||
|   done | ||||
| else | ||||
|   NEW_TAG=${2} | ||||
|  | ||||
|   if [ -z "$(git tag --list "${NEW_TAG}")" ]; then | ||||
|     echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2 | ||||
|     exit 1 | ||||
|   fi | ||||
| fi | ||||
|  | ||||
| CHANGE_LOG_YAML=$(mktemp) | ||||
| echo "[]" > "${CHANGE_LOG_YAML}" | ||||
|  | ||||
| function map_type_to_kind() { | ||||
|   case "${1}" in | ||||
|     feat) | ||||
|       echo "added" | ||||
|     ;; | ||||
|     fix) | ||||
|       echo "fixed" | ||||
|     ;; | ||||
|     chore|style|test|ci|docs|refac) | ||||
|       echo "changed" | ||||
|     ;; | ||||
|     revert) | ||||
|       echo "removed" | ||||
|     ;; | ||||
|     sec) | ||||
|       echo "security" | ||||
|     ;; | ||||
|     *) | ||||
|       echo "skip" | ||||
|     ;; | ||||
|   esac | ||||
| } | ||||
|  | ||||
| COMMIT_TITLES="$(git log --pretty=format:"%s" "${OLD_TAG}..${NEW_TAG}")" | ||||
|  | ||||
| echo "INFO: Generate change log entries from ${OLD_TAG} until ${NEW_TAG}" | ||||
|  | ||||
| while IFS= read -r line; do | ||||
|   if [[ "${line}" =~ ^([a-zA-Z]+)(\([^\)]+\))?\:\ (.+)$ ]]; then | ||||
|     TYPE="${BASH_REMATCH[1]}" | ||||
|     KIND=$(map_type_to_kind "${TYPE}") | ||||
|  | ||||
|     if [ "${KIND}" == "skip" ]; then | ||||
|       continue | ||||
|     fi | ||||
|  | ||||
|     DESC="${BASH_REMATCH[3]}" | ||||
|  | ||||
|     echo "- ${KIND}: ${DESC}" | ||||
|  | ||||
|     jq --arg kind "${KIND}" --arg description "${DESC}" '. += [ $ARGS.named ]' < "${CHANGE_LOG_YAML}" > "${CHANGE_LOG_YAML}.new" | ||||
|     mv "${CHANGE_LOG_YAML}.new" "${CHANGE_LOG_YAML}" | ||||
|  | ||||
|   fi | ||||
| done <<< "${COMMIT_TITLES}" | ||||
|  | ||||
| if [ -s "${CHANGE_LOG_YAML}" ]; then | ||||
|   yq --inplace --input-format json --output-format yml "${CHANGE_LOG_YAML}" | ||||
|   yq --no-colors --inplace ".annotations.\"artifacthub.io/changes\" |= loadstr(\"${CHANGE_LOG_YAML}\") | sort_keys(.)" "${CHART_FILE}" | ||||
| else | ||||
|   echo "ERROR: Changelog file is empty: ${CHANGE_LOG_YAML}" 1>&2 | ||||
|   exit 1 | ||||
| fi | ||||
|  | ||||
| rm "${CHANGE_LOG_YAML}" | ||||
| @@ -15,7 +15,7 @@ on: | ||||
| jobs: | ||||
|   generate-parameters: | ||||
|     container: | ||||
|       image: docker.io/library/node:22.14.0-alpine | ||||
|       image: docker.io/library/node:25.0.0-alpine | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
| @@ -23,7 +23,7 @@ jobs: | ||||
|       run: | | ||||
|         apk update | ||||
|         apk add git npm | ||||
|     - uses: actions/checkout@v4.2.2 | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Generate parameter section in README | ||||
|       run: | | ||||
|         npm install | ||||
|   | ||||
| @@ -13,7 +13,7 @@ on: | ||||
| jobs: | ||||
|   helm-lint: | ||||
|     container: | ||||
|       image: docker.io/volkerraschek/helm:3.16.4 | ||||
|       image: docker.io/volkerraschek/helm:3.19.0 | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
| @@ -21,14 +21,14 @@ jobs: | ||||
|       run: | | ||||
|         apk update | ||||
|         apk add git npm | ||||
|     - uses: actions/checkout@v4.2.2 | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Lint helm files | ||||
|       run: | | ||||
|         helm lint --values values.yaml . | ||||
|  | ||||
|   helm-unittest: | ||||
|     container: | ||||
|       image: docker.io/volkerraschek/helm:3.16.4 | ||||
|       image: docker.io/volkerraschek/helm:3.19.0 | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
| @@ -36,7 +36,7 @@ jobs: | ||||
|       run: | | ||||
|         apk update | ||||
|         apk add git npm | ||||
|     - uses: actions/checkout@v4.2.2 | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Unittest | ||||
|       run: | | ||||
|         helm unittest --strict --file 'unittests/**/*.yaml' ./ | ||||
| @@ -15,7 +15,7 @@ on: | ||||
| jobs: | ||||
|   markdown-link-checker: | ||||
|     container: | ||||
|       image: docker.io/library/node:22.14.0-alpine | ||||
|       image: docker.io/library/node:25.0.0-alpine | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
| @@ -23,7 +23,7 @@ jobs: | ||||
|       run: | | ||||
|         apk update | ||||
|         apk add git npm | ||||
|     - uses: actions/checkout@v4.2.2 | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Verify links in markdown files | ||||
|       run: | | ||||
|         npm install | ||||
| @@ -31,7 +31,7 @@ jobs: | ||||
|  | ||||
|   markdown-lint: | ||||
|     container: | ||||
|       image: docker.io/library/node:22.14.0-alpine | ||||
|       image: docker.io/library/node:25.0.0-alpine | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
| @@ -39,7 +39,7 @@ jobs: | ||||
|       run: | | ||||
|         apk update | ||||
|         apk add git | ||||
|     - uses: actions/checkout@v4.2.2 | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Lint markdown files | ||||
|       run: | | ||||
|         npm install | ||||
|   | ||||
| @@ -8,39 +8,54 @@ on: | ||||
| jobs: | ||||
|   publish-chart: | ||||
|     container: | ||||
|       image: docker.io/volkerraschek/helm:3.16.4 | ||||
|       image: docker.io/volkerraschek/helm:3.19.0 | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Install tooling | ||||
|       - name: Install packages via apk | ||||
|         run: | | ||||
|           apk update | ||||
|           apk add git npm | ||||
|       - uses: actions/checkout@v4 | ||||
|       - name: Package chart | ||||
|         env: | ||||
|           HELM_REPO_NAME: upload | ||||
|           apk add git npm jq yq | ||||
|  | ||||
|       - uses: actions/checkout@v5.0.0 | ||||
|         with: | ||||
|           fetch-depth: 0 | ||||
|  | ||||
|       - name: Add Artifacthub.io annotations | ||||
|         run: | | ||||
|           NEW_TAG="$(git tag --sort=-version:refname | head -n 1)" | ||||
|           OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)" | ||||
|           .gitea/scripts/add-annotations.sh "${OLD_TAG}" "${NEW_TAG}" | ||||
|  | ||||
|       - name: Extract meta information | ||||
|         run: | | ||||
|           echo "PACKAGE_VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV | ||||
|           echo "REPOSITORY_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 2 | sed --regexp-extended 's/-charts?//g')" >> $GITHUB_ENV | ||||
|           echo "REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 1)" >> $GITHUB_ENV | ||||
|  | ||||
|       - name: Update Helm Chart version in README.md | ||||
|         run: sed -i -E "s/^CHART_VERSION=.*/CHART_VERSION=${PACKAGE_VERSION}/g" README.md | ||||
|  | ||||
|       - name: Package chart | ||||
|         run: | | ||||
|           helm dependency build | ||||
|           helm package --version "${PACKAGE_VERSION}" ./ | ||||
|  | ||||
|       - name: Upload Chart to ChartMuseum | ||||
|         env: | ||||
|           CHARTMUSEUM_PASSWORD: ${{ secrets.CHARTMUSEUM_PASSWORD }} | ||||
|           CHARTMUSEUM_REPOSITORY: ${{ vars.CHARTMUSEUM_REPOSITORY }} | ||||
|           CHARTMUSEUM_USERNAME: ${{ secrets.CHARTMUSEUM_USERNAME }} | ||||
|           CHARTMUSEUM_HOSTNAME: ${{ vars.CHARTMUSEUM_HOSTNAME }} | ||||
|  | ||||
|           GITEA_PACKAGE_REGISTRY_TOKEN: ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }} | ||||
|           GITEA_SERVER_URL: ${{ github.server_url }} | ||||
|         run: | | ||||
|           PACKAGE_VERSION=${GITHUB_REF#refs/tags/} | ||||
|           REPOSITORY_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 2 | sed --regexp-extended 's/-charts?//g') | ||||
|           REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 1) | ||||
|  | ||||
|           helm dependency build | ||||
|           helm package --version "${PACKAGE_VERSION}" ./ | ||||
|  | ||||
|           # chart-museum | ||||
|           helm repo add --username ${CHARTMUSEUM_USERNAME} --password ${CHARTMUSEUM_PASSWORD} chartmuseum https://${CHARTMUSEUM_HOSTNAME}/${CHARTMUSEUM_REPOSITORY} | ||||
|           helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz chartmuseum | ||||
|           helm repo remove chartmuseum | ||||
|  | ||||
|           # gitea | ||||
|       - name: Upload Chart to Gitea | ||||
|         env: | ||||
|           GITEA_PACKAGE_REGISTRY_TOKEN: ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }} | ||||
|           GITEA_SERVER_URL: ${{ github.server_url }} | ||||
|         run: | | ||||
|           helm repo add --username ${REPOSITORY_OWNER} --password ${GITEA_PACKAGE_REGISTRY_TOKEN} gitea ${GITEA_SERVER_URL}/api/packages/${REPOSITORY_OWNER}/helm | ||||
|           helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz gitea | ||||
|           helm repo remove gitea | ||||
							
								
								
									
										2
									
								
								.vscode/settings.json
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										2
									
								
								.vscode/settings.json
									
									
									
									
										vendored
									
									
								
							| @@ -1,6 +1,6 @@ | ||||
| { | ||||
|   "yaml.schemas": { | ||||
|     "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.5.2/schema/helm-testsuite.json": [ | ||||
|     "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v1.0.3/schema/helm-testsuite.json": [ | ||||
|       "/unittests/**/*.yaml" | ||||
|     ] | ||||
|   }, | ||||
|   | ||||
							
								
								
									
										30
									
								
								Chart.yaml
									
									
									
									
									
								
							
							
						
						
									
										30
									
								
								Chart.yaml
									
									
									
									
									
								
							| @@ -1,19 +1,21 @@ | ||||
| annotations: | ||||
|   artifacthub.io/links: | | ||||
|     - name: Prometheus Fail2Ban exporter (binary) | ||||
|       url: https://git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter | ||||
|     - name: support | ||||
|       url: https://git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter-charts/issues | ||||
| apiVersion: v2 | ||||
| name: prometheus-fail2ban-exporter | ||||
| appVersion: "0.1.1" | ||||
| description: Prometheus metric exporter for Fail2Ban | ||||
| type: application | ||||
| kubeVersion: ">=1.20.0" | ||||
| version: "0.1.0" | ||||
| appVersion: "0.1.0" | ||||
|  | ||||
| # icon: https://annotations.example.com/icon.png | ||||
|  | ||||
| keywords: | ||||
| - prometheus | ||||
| - prometheus-exporter | ||||
| - prometheus-fail2ban-exporter | ||||
| - fail2ban-exporter | ||||
|  | ||||
|   - prometheus | ||||
|   - prometheus-exporter | ||||
|   - prometheus-fail2ban-exporter | ||||
|   - fail2ban-exporter | ||||
| name: prometheus-fail2ban-exporter | ||||
| sources: | ||||
| - https://git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter-charts | ||||
| - https://git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter | ||||
|   - https://git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter-charts | ||||
|   - https://git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter | ||||
| type: application | ||||
| version: "0.4.1" | ||||
|   | ||||
							
								
								
									
										21
									
								
								LICENSE
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								LICENSE
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,21 @@ | ||||
| MIT License | ||||
|  | ||||
| Copyright (c) 2025 Markus Pesch | ||||
|  | ||||
| Permission is hereby granted, free of charge, to any person obtaining a copy | ||||
| of this software and associated documentation files (the "Software"), to deal | ||||
| in the Software without restriction, including without limitation the rights | ||||
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||||
| copies of the Software, and to permit persons to whom the Software is | ||||
| furnished to do so, subject to the following conditions: | ||||
|  | ||||
| The above copyright notice and this permission notice shall be included in all | ||||
| copies or substantial portions of the Software. | ||||
|  | ||||
| THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||||
| IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||||
| FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||||
| AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||||
| LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||||
| OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||||
| SOFTWARE. | ||||
							
								
								
									
										4
									
								
								Makefile
									
									
									
									
									
								
							
							
						
						
									
										4
									
								
								Makefile
									
									
									
									
									
								
							| @@ -4,13 +4,13 @@ CONTAINER_RUNTIME?=$(shell which podman) | ||||
| # HELM_IMAGE | ||||
| HELM_IMAGE_REGISTRY_HOST?=docker.io | ||||
| HELM_IMAGE_REPOSITORY?=volkerraschek/helm | ||||
| HELM_IMAGE_VERSION?=3.16.1 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm | ||||
| HELM_IMAGE_VERSION?=3.19.0 # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/volkerraschek/helm | ||||
| HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION} | ||||
|  | ||||
| # NODE_IMAGE | ||||
| NODE_IMAGE_REGISTRY_HOST?=docker.io | ||||
| NODE_IMAGE_REPOSITORY?=library/node | ||||
| NODE_IMAGE_VERSION?=22.9.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=library/node | ||||
| NODE_IMAGE_VERSION?=25.0.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node | ||||
| NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION} | ||||
|  | ||||
| # MISSING DOT | ||||
|   | ||||
							
								
								
									
										123
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										123
									
								
								README.md
									
									
									
									
									
								
							| @@ -1,6 +1,5 @@ | ||||
| # Prometheus Fail2Ban exporter | ||||
|  | ||||
| [](https://drone.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter) | ||||
| [](https://artifacthub.io/packages/search?repo=prometheus-exporters) | ||||
|  | ||||
| This helm chart enables the deployment of a Prometheus metrics exporter for Fail2Ban and allows the individual | ||||
| @@ -15,12 +14,15 @@ Chapter [configuration and installation](#helm-configuration-and-installation) d | ||||
| and use it to deploy the exporter. It also contains further configuration examples. | ||||
|  | ||||
| Furthermore, this helm chart contains unit tests to detect regressions and stabilize the deployment. Additionally, this | ||||
| helm chart is tested for deployment scenarios with **ArgoCD**. | ||||
| helm chart is tested for deployment scenarios with **ArgoCD**, but please keep in mind, that this chart supports the | ||||
| *[Automatically Roll Deployment](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments)* | ||||
| concept of Helm, which can trigger unexpected rolling releases. Further configuration instructions are described in a | ||||
| separate [chapter](#argocd). | ||||
|  | ||||
| ## Helm: configuration and installation | ||||
|  | ||||
| 1. A helm chart repository must be configured, to pull the helm charts from. | ||||
| 2. All available parameters are [here](#parameters) in detail documented. The parameters can be defined via the helm | ||||
| 2. All available [parameters](#parameters) are documented in detail below. The parameters can be defined via the helm | ||||
|    `--set` flag or directly as part of a `values.yaml` file. The following example defines the `prometheus-exporter` | ||||
|    repository and use the `--set` flag for a basic deployment. | ||||
|  | ||||
| @@ -32,7 +34,8 @@ helm chart is tested for deployment scenarios with **ArgoCD**. | ||||
| ```bash | ||||
| helm repo add prometheus-exporters https://charts.cryptic.systems/prometheus-exporters | ||||
| helm repo update | ||||
| helm install prometheus-fail2ban-exporter prometheus-exporters/prometheus-fail2ban-exporter \ | ||||
| CHART_VERSION=0.4.21 | ||||
| helm install --version "${CHART_VERSION}" prometheus-fail2ban-exporter prometheus-exporters/prometheus-fail2ban-exporter \ | ||||
|   --set 'prometheus.metrics.enabled=true' \ | ||||
|   --set 'prometheus.metrics.serviceMonitor.enabled=true' | ||||
| ``` | ||||
| @@ -43,8 +46,8 @@ version of the chart must be in sync with the `values.yaml`. Newer *minor* versi | ||||
| versions can break something! | ||||
|  | ||||
| ```bash | ||||
| CHART_VERSION=0.1.0 | ||||
| helm show values prometheus-exporters/prometheus-fail2ban-exporter --version "${CHART_VERSION}" > values.yaml | ||||
| CHART_VERSION=0.4.21 | ||||
| helm show values --version "${CHART_VERSION}" prometheus-exporters/prometheus-fail2ban-exporter > values.yaml | ||||
| ``` | ||||
|  | ||||
| A complete list of available helm chart versions can be displayed via the following command: | ||||
| @@ -68,22 +71,26 @@ cannot use the available CPU time to perform computing operations. | ||||
|  | ||||
| The application must be informed that despite several CPUs only a part (limit) of the available computing time is | ||||
| available. As this is a Golang application, this can be implemented using `GOMAXPROCS`. The following example is one way | ||||
| of defining `GOMAXPROCS` automatically based on the defined CPU limit like `100m`. Please keep in mind, that the CFS | ||||
| of defining `GOMAXPROCS` automatically based on the defined CPU limit like `1000m`. Please keep in mind, that the CFS | ||||
| rate of `100ms` - default on each kubernetes node, is also very important to avoid CPU throttling. | ||||
|  | ||||
| Further information about this topic can be found [here](https://kanishk.io/posts/cpu-throttling-in-containerized-go-apps/). | ||||
| Further information about this topic can be found in one of Kanishk's blog | ||||
| [posts](https://kanishk.io/posts/cpu-throttling-in-containerized-go-apps/). | ||||
|  | ||||
| > [!NOTE] | ||||
| > The environment variable `GOMAXPROCS` is set automatically, when a CPU limit is defined. An explicit configuration is | ||||
| > not anymore required. | ||||
| > | ||||
| > Please take care the a CPU limit < `1000m` can also lead to CPU throttling. Please read the linked documentation carefully. | ||||
|  | ||||
| ```bash | ||||
| helm install prometheus-fail2ban-exporter prometheus-exporters/prometheus-fail2ban-exporter \ | ||||
| CHART_VERSION=0.4.21 | ||||
| helm install --version "${CHART_VERSION}" prometheus-fail2ban-exporter prometheus-exporters/prometheus-fail2ban-exporter \ | ||||
|   --set 'prometheus.metrics.enabled=true' \ | ||||
|   --set 'prometheus.metrics.serviceMonitor.enabled=true' \ | ||||
|   --set 'daemonSet.fail2banExporter.env.name=GOMAXPROCS' \ | ||||
|   --set 'daemonSet.fail2banExporter.env.valueFrom.resourceFieldRef.resource=limits.cpu' \ | ||||
|   --set 'daemonSet.fail2banExporter.resources.limits.cpu=100m' | ||||
|   --set 'daemonSet.fail2banExporter.resources.limits.cpu=1000m' | ||||
| ``` | ||||
|  | ||||
| <!-- | ||||
| @@ -142,10 +149,90 @@ the Grafana container file system so that it is subsequently available to the us | ||||
| makes this possible. | ||||
|  | ||||
| ```bash | ||||
| helm install prometheus-fail2ban-exporter prometheus-exporters/prometheus-fail2ban-exporter \ | ||||
| CHART_VERSION=0.4.21 | ||||
| helm install --version "${CHART_VERSION}" prometheus-fail2ban-exporter prometheus-exporters/prometheus-fail2ban-exporter \ | ||||
|   --set 'grafana.enabled=true' | ||||
| ``` | ||||
|  | ||||
| ### Network policies | ||||
|  | ||||
| Network policies can only take effect, when the used CNI plugin support network policies. The chart supports no custom | ||||
| network policy implementation of CNI plugins. It's support only the official API resource of `networking.k8s.io/v1`. | ||||
|  | ||||
| The object networkPolicies can contains multiple networkPolicy definitions. There is currently only one example | ||||
| predefined - it's named `default`. Further networkPolicy rules can easy be added by defining additional objects. For example: | ||||
|  | ||||
| > [!NOTE] | ||||
| > The structure of each custom network policy must be equal like that of default. For this reason don't forget to define | ||||
| > `annotations`, `labels` and the other properties as well. | ||||
|  | ||||
| ```yaml | ||||
| networkPolicies: | ||||
|   enabled: false | ||||
|   default: {} | ||||
|   my-custom-network-policy: {} | ||||
| ``` | ||||
|  | ||||
| The example below is an excerpt of the `values.yaml` file. The network policy `default` contains ingress rules to allow | ||||
| incoming traffic from Prometheus. | ||||
|  | ||||
| > [!IMPORTANT] | ||||
| > Please keep in mind, that the namespace and pod selector labels can be different from environment to environment. For | ||||
| > this reason, there is are not default network policy rules defined. | ||||
|  | ||||
| ```yaml | ||||
| networkPolicies: | ||||
|   enabled: true | ||||
|   default: | ||||
|     enabled: true | ||||
|     annotations: {} | ||||
|     labels: {} | ||||
|     policyTypes: | ||||
|     - Egress | ||||
|     - Ingress | ||||
|     egress: [] | ||||
|     ingress: | ||||
|     - from: | ||||
|       - namespaceSelector: | ||||
|           matchLabels: | ||||
|             kubernetes.io/metadata.name: monitoring | ||||
|         podSelector: | ||||
|           matchLabels: | ||||
|             app.kubernetes.io/name: prometheus | ||||
|       ports: | ||||
|       - port: http | ||||
|         protocol: TCP | ||||
| ``` | ||||
|  | ||||
| ## ArgoCD | ||||
|  | ||||
| ### Daily execution of rolling updates | ||||
|  | ||||
| The behavior whereby ArgoCD triggers a rolling update even though nothing appears to have changed often occurs in | ||||
| connection with the helm concept `checksum/secret`, `checksum/configmap` or more generally, [Automatically Roll | ||||
| Deployments](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments). | ||||
|  | ||||
| The problem with combining this concept with ArgoCD is that ArgoCD re-renders the Helm chart every time. Even if the | ||||
| content of the config map or secret has not changed, there may be minimal differences (e.g., whitespace, chart version, | ||||
| Helm render order, different timestamps). | ||||
|  | ||||
| This changes the SHA256 hash, Argo sees a drift and trigger a rolling update of the deployment. Among other things, this | ||||
| can lead to unnecessary notifications from ArgoCD. | ||||
|  | ||||
| To avoid this, the annotation with the shasum must be ignored. Below is a diff that adds the `Application` to ignore all | ||||
| annotations with the prefix `checksum`. | ||||
|  | ||||
| ```diff | ||||
|   apiVersion: argoproj.io/v1alpha1 | ||||
|   kind: Application | ||||
|   spec: | ||||
| +   ignoreDifferences: | ||||
| +   - group: apps/v1 | ||||
| +     kind: Deployment | ||||
| +     jqPathExpressions: | ||||
| +     - '.spec.template.metadata.annotations | with_entries(select(.key | startswith("checksum")))' | ||||
| ``` | ||||
|  | ||||
| ## Parameters | ||||
|  | ||||
| ### Global | ||||
| @@ -229,11 +316,17 @@ helm install prometheus-fail2ban-exporter prometheus-exporters/prometheus-fail2b | ||||
| | --------------------- | ---------------------- | ----- | | ||||
| | `podDisruptionBudget` | Pod disruption budget. | `{}`  | | ||||
|  | ||||
| ### Network | ||||
| ### NetworkPolicies | ||||
|  | ||||
| | Name              | Description                                                                                                        | Value | | ||||
| | ----------------- | ------------------------------------------------------------------------------------------------------------------ | ----- | | ||||
| | `networkPolicies` | Deploy network policies based on the used container network interface (CNI) implementation - like calico or weave. | `{}`  | | ||||
| | Name                                  | Description                                                                                           | Value   | | ||||
| | ------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------- | | ||||
| | `networkPolicies.enabled`             | Enable network policies in general.                                                                   | `false` | | ||||
| | `networkPolicies.default.enabled`     | Enable the network policy for accessing the application by default. For example to scape the metrics. | `false` | | ||||
| | `networkPolicies.default.annotations` | Additional network policy annotations.                                                                | `{}`    | | ||||
| | `networkPolicies.default.labels`      | Additional network policy labels.                                                                     | `{}`    | | ||||
| | `networkPolicies.default.policyTypes` | List of policy types. Supported is ingress, egress or ingress and egress.                             | `[]`    | | ||||
| | `networkPolicies.default.egress`      | Concrete egress network policy implementation.                                                        | `[]`    | | ||||
| | `networkPolicies.default.ingress`     | Concrete ingress network policy implementation.                                                       | `[]`    | | ||||
|  | ||||
| ### Prometheus | ||||
|  | ||||
|   | ||||
							
								
								
									
										213
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										213
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							| @@ -9,7 +9,7 @@ | ||||
|       "devDependencies": { | ||||
|         "@bitnami/readme-generator-for-helm": "^2.5.0", | ||||
|         "markdown-link-check": "^3.13.6", | ||||
|         "markdownlint-cli": "^0.44.0" | ||||
|         "markdownlint-cli": "^0.45.0" | ||||
|       }, | ||||
|       "engines": { | ||||
|         "node": ">=16.0.0", | ||||
| @@ -17,9 +17,9 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/@bitnami/readme-generator-for-helm": { | ||||
|       "version": "2.7.0", | ||||
|       "resolved": "https://registry.npmjs.org/@bitnami/readme-generator-for-helm/-/readme-generator-for-helm-2.7.0.tgz", | ||||
|       "integrity": "sha512-fVxExmcuJ9NZb9ZE9OW3+lG8pUlXJAJdaO8UukV3A7WzYu4qOTr03MXPH9Gt5e/6mo3x4WYI/cXBksKfS0qn3w==", | ||||
|       "version": "2.7.2", | ||||
|       "resolved": "https://registry.npmjs.org/@bitnami/readme-generator-for-helm/-/readme-generator-for-helm-2.7.2.tgz", | ||||
|       "integrity": "sha512-7eXyJzxQTQj2ajpHlIhadciCCYWOqN8ieaweU25bStHOZowQ2c2CQyjO/bX4gxIf73LoRKxHhEYgLTllJY9SIw==", | ||||
|       "dev": true, | ||||
|       "license": "Apache-2.0", | ||||
|       "dependencies": { | ||||
| @@ -103,17 +103,6 @@ | ||||
|         "node": ">=8.0" | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/@pkgjs/parseargs": { | ||||
|       "version": "0.11.0", | ||||
|       "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", | ||||
|       "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", | ||||
|       "dev": true, | ||||
|       "license": "MIT", | ||||
|       "optional": true, | ||||
|       "engines": { | ||||
|         "node": ">=14" | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/@tootallnate/quickjs-emscripten": { | ||||
|       "version": "0.23.0", | ||||
|       "resolved": "https://registry.npmjs.org/@tootallnate/quickjs-emscripten/-/quickjs-emscripten-0.23.0.tgz", | ||||
| @@ -451,9 +440,9 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/decode-named-character-reference": { | ||||
|       "version": "1.0.2", | ||||
|       "resolved": "https://registry.npmjs.org/decode-named-character-reference/-/decode-named-character-reference-1.0.2.tgz", | ||||
|       "integrity": "sha512-O8x12RzrUF8xyVcY0KJowWsmaJxQbmy0/EtnNtHRpsOcT7dFk5W598coHqBVpmWo1oQQfsCqfCmkZN5DJrZVdg==", | ||||
|       "version": "1.1.0", | ||||
|       "resolved": "https://registry.npmjs.org/decode-named-character-reference/-/decode-named-character-reference-1.1.0.tgz", | ||||
|       "integrity": "sha512-Wy+JTSbFThEOXQIR2L6mxJvEs+veIzpmqD7ynWxMXGpnk3smkHQOp6forLdHsKpAMW9iJpaBBIxz285t1n1C3w==", | ||||
|       "dev": true, | ||||
|       "license": "MIT", | ||||
|       "dependencies": { | ||||
| @@ -694,13 +683,13 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/foreground-child": { | ||||
|       "version": "3.3.0", | ||||
|       "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", | ||||
|       "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", | ||||
|       "version": "3.3.1", | ||||
|       "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.1.tgz", | ||||
|       "integrity": "sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw==", | ||||
|       "dev": true, | ||||
|       "license": "ISC", | ||||
|       "dependencies": { | ||||
|         "cross-spawn": "^7.0.0", | ||||
|         "cross-spawn": "^7.0.6", | ||||
|         "signal-exit": "^4.0.1" | ||||
|       }, | ||||
|       "engines": { | ||||
| @@ -826,9 +815,9 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/ignore": { | ||||
|       "version": "7.0.3", | ||||
|       "resolved": "https://registry.npmjs.org/ignore/-/ignore-7.0.3.tgz", | ||||
|       "integrity": "sha512-bAH5jbK/F3T3Jls4I0SO1hmPR0dKU0a7+SY6n1yzRtG54FLO8d6w/nxLFX2Nb7dBu6cCWXPaAME6cYqFUMmuCA==", | ||||
|       "version": "7.0.4", | ||||
|       "resolved": "https://registry.npmjs.org/ignore/-/ignore-7.0.4.tgz", | ||||
|       "integrity": "sha512-gJzzk+PQNznz8ysRrC0aOkBNVRBDtE1n53IqyqEf3PXrYwomFs5q4pGMizBMJF+ykh03insJ27hB8gSrD2Hn8A==", | ||||
|       "dev": true, | ||||
|       "license": "MIT", | ||||
|       "engines": { | ||||
| @@ -973,19 +962,19 @@ | ||||
|       "license": "ISC" | ||||
|     }, | ||||
|     "node_modules/jackspeak": { | ||||
|       "version": "3.4.3", | ||||
|       "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", | ||||
|       "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", | ||||
|       "version": "4.1.0", | ||||
|       "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.1.0.tgz", | ||||
|       "integrity": "sha512-9DDdhb5j6cpeitCbvLO7n7J4IxnbM6hoF6O1g4HQ5TfhvvKN8ywDM7668ZhMHRqVmxqhps/F6syWK2KcPxYlkw==", | ||||
|       "dev": true, | ||||
|       "license": "BlueOak-1.0.0", | ||||
|       "dependencies": { | ||||
|         "@isaacs/cliui": "^8.0.2" | ||||
|       }, | ||||
|       "engines": { | ||||
|         "node": "20 || >=22" | ||||
|       }, | ||||
|       "funding": { | ||||
|         "url": "https://github.com/sponsors/isaacs" | ||||
|       }, | ||||
|       "optionalDependencies": { | ||||
|         "@pkgjs/parseargs": "^0.11.0" | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/js-yaml": { | ||||
| @@ -1053,9 +1042,9 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/link-check": { | ||||
|       "version": "5.4.0", | ||||
|       "resolved": "https://registry.npmjs.org/link-check/-/link-check-5.4.0.tgz", | ||||
|       "integrity": "sha512-0Pf4xBVUnwJdbDgpBlhHNmWDtbVjHTpIFs+JaBuIsC9PKRxjv4KMGCO2Gc8lkVnqMf9B/yaNY+9zmMlO5MyToQ==", | ||||
|       "version": "5.5.0", | ||||
|       "resolved": "https://registry.npmjs.org/link-check/-/link-check-5.5.0.tgz", | ||||
|       "integrity": "sha512-CpMk2zMfyEMdDvFG92wO5pU/2I/wbw72/9pvUFhU9cDKkwhmVlPuvxQJzd/jXA2iVOgNgPLnS5zyOLW7OzNpdA==", | ||||
|       "dev": true, | ||||
|       "license": "ISC", | ||||
|       "dependencies": { | ||||
| @@ -1112,16 +1101,16 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/markdown-link-check": { | ||||
|       "version": "3.13.6", | ||||
|       "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.13.6.tgz", | ||||
|       "integrity": "sha512-JiqexKOR+oaBovJ16x/VEN886CzPI48bSGUcKJvnkHVS8xSb9fRJtsdcLwG8+5QQ/V0UZKFmW8JEZFcZbd0BBA==", | ||||
|       "version": "3.14.1", | ||||
|       "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.14.1.tgz", | ||||
|       "integrity": "sha512-h1tihNL3kmOS3N7H4FyF4xKDxiHnNBNSgs/LWlDiRHlC8O0vfRX0LhDDvesRSs4HM7nS0F658glLxonaXBmuWw==", | ||||
|       "dev": true, | ||||
|       "license": "ISC", | ||||
|       "dependencies": { | ||||
|         "async": "^3.2.6", | ||||
|         "chalk": "^5.3.0", | ||||
|         "commander": "^12.1.0", | ||||
|         "link-check": "^5.4.0", | ||||
|         "commander": "^14.0.0", | ||||
|         "link-check": "^5.5.0", | ||||
|         "markdown-link-extractor": "^4.0.2", | ||||
|         "needle": "^3.3.1", | ||||
|         "progress": "^2.0.3", | ||||
| @@ -1133,13 +1122,13 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/markdown-link-check/node_modules/commander": { | ||||
|       "version": "12.1.0", | ||||
|       "resolved": "https://registry.npmjs.org/commander/-/commander-12.1.0.tgz", | ||||
|       "integrity": "sha512-Vw8qHK3bZM9y/P10u3Vib8o/DdkvA2OtPtZvD871QKjy74Wj1WSKFILMPRPSdUSx5RFK1arlJzEtA4PkFgnbuA==", | ||||
|       "version": "14.0.1", | ||||
|       "resolved": "https://registry.npmjs.org/commander/-/commander-14.0.1.tgz", | ||||
|       "integrity": "sha512-2JkV3gUZUVrbNA+1sjBOYLsMZ5cEEl8GTFP2a4AVz5hvasAMCQ1D2l2le/cX+pV4N6ZU17zjUahLpIXRrnWL8A==", | ||||
|       "dev": true, | ||||
|       "license": "MIT", | ||||
|       "engines": { | ||||
|         "node": ">=18" | ||||
|         "node": ">=20" | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/markdown-link-extractor": { | ||||
| @@ -1168,52 +1157,52 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/markdownlint": { | ||||
|       "version": "0.37.4", | ||||
|       "resolved": "https://registry.npmjs.org/markdownlint/-/markdownlint-0.37.4.tgz", | ||||
|       "integrity": "sha512-u00joA/syf3VhWh6/ybVFkib5Zpj2e5KB/cfCei8fkSRuums6nyisTWGqjTWIOFoFwuXoTBQQiqlB4qFKp8ncQ==", | ||||
|       "version": "0.38.0", | ||||
|       "resolved": "https://registry.npmjs.org/markdownlint/-/markdownlint-0.38.0.tgz", | ||||
|       "integrity": "sha512-xaSxkaU7wY/0852zGApM8LdlIfGCW8ETZ0Rr62IQtAnUMlMuifsg09vWJcNYeL4f0anvr8Vo4ZQar8jGpV0btQ==", | ||||
|       "dev": true, | ||||
|       "license": "MIT", | ||||
|       "dependencies": { | ||||
|         "markdown-it": "14.1.0", | ||||
|         "micromark": "4.0.1", | ||||
|         "micromark-core-commonmark": "2.0.2", | ||||
|         "micromark-extension-directive": "3.0.2", | ||||
|         "micromark": "4.0.2", | ||||
|         "micromark-core-commonmark": "2.0.3", | ||||
|         "micromark-extension-directive": "4.0.0", | ||||
|         "micromark-extension-gfm-autolink-literal": "2.1.0", | ||||
|         "micromark-extension-gfm-footnote": "2.1.0", | ||||
|         "micromark-extension-gfm-table": "2.1.0", | ||||
|         "micromark-extension-gfm-table": "2.1.1", | ||||
|         "micromark-extension-math": "3.1.0", | ||||
|         "micromark-util-types": "2.0.1" | ||||
|         "micromark-util-types": "2.0.2" | ||||
|       }, | ||||
|       "engines": { | ||||
|         "node": ">=18" | ||||
|         "node": ">=20" | ||||
|       }, | ||||
|       "funding": { | ||||
|         "url": "https://github.com/sponsors/DavidAnson" | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/markdownlint-cli": { | ||||
|       "version": "0.44.0", | ||||
|       "resolved": "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.44.0.tgz", | ||||
|       "integrity": "sha512-ZJTAONlvF9NkrIBltCdW15DxN9UTbPiKMEqAh2EU2gwIFlrCMavyCEPPO121cqfYOrLUJWW8/XKWongstmmTeQ==", | ||||
|       "version": "0.45.0", | ||||
|       "resolved": "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.45.0.tgz", | ||||
|       "integrity": "sha512-GiWr7GfJLVfcopL3t3pLumXCYs8sgWppjIA1F/Cc3zIMgD3tmkpyZ1xkm1Tej8mw53B93JsDjgA3KOftuYcfOw==", | ||||
|       "dev": true, | ||||
|       "license": "MIT", | ||||
|       "dependencies": { | ||||
|         "commander": "~13.1.0", | ||||
|         "glob": "~10.4.5", | ||||
|         "ignore": "~7.0.3", | ||||
|         "glob": "~11.0.2", | ||||
|         "ignore": "~7.0.4", | ||||
|         "js-yaml": "~4.1.0", | ||||
|         "jsonc-parser": "~3.3.1", | ||||
|         "jsonpointer": "~5.0.1", | ||||
|         "markdownlint": "~0.37.4", | ||||
|         "minimatch": "~9.0.5", | ||||
|         "markdown-it": "~14.1.0", | ||||
|         "markdownlint": "~0.38.0", | ||||
|         "minimatch": "~10.0.1", | ||||
|         "run-con": "~1.3.2", | ||||
|         "smol-toml": "~1.3.1" | ||||
|         "smol-toml": "~1.3.4" | ||||
|       }, | ||||
|       "bin": { | ||||
|         "markdownlint": "markdownlint.js" | ||||
|       }, | ||||
|       "engines": { | ||||
|         "node": ">=18" | ||||
|         "node": ">=20" | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/markdownlint-cli/node_modules/brace-expansion": { | ||||
| @@ -1227,37 +1216,40 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/markdownlint-cli/node_modules/glob": { | ||||
|       "version": "10.4.5", | ||||
|       "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz", | ||||
|       "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==", | ||||
|       "version": "11.0.2", | ||||
|       "resolved": "https://registry.npmjs.org/glob/-/glob-11.0.2.tgz", | ||||
|       "integrity": "sha512-YT7U7Vye+t5fZ/QMkBFrTJ7ZQxInIUjwyAjVj84CYXqgBdv30MFUPGnBR6sQaVq6Is15wYJUsnzTuWaGRBhBAQ==", | ||||
|       "dev": true, | ||||
|       "license": "ISC", | ||||
|       "dependencies": { | ||||
|         "foreground-child": "^3.1.0", | ||||
|         "jackspeak": "^3.1.2", | ||||
|         "minimatch": "^9.0.4", | ||||
|         "jackspeak": "^4.0.1", | ||||
|         "minimatch": "^10.0.0", | ||||
|         "minipass": "^7.1.2", | ||||
|         "package-json-from-dist": "^1.0.0", | ||||
|         "path-scurry": "^1.11.1" | ||||
|         "path-scurry": "^2.0.0" | ||||
|       }, | ||||
|       "bin": { | ||||
|         "glob": "dist/esm/bin.mjs" | ||||
|       }, | ||||
|       "engines": { | ||||
|         "node": "20 || >=22" | ||||
|       }, | ||||
|       "funding": { | ||||
|         "url": "https://github.com/sponsors/isaacs" | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/markdownlint-cli/node_modules/minimatch": { | ||||
|       "version": "9.0.5", | ||||
|       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", | ||||
|       "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", | ||||
|       "version": "10.0.1", | ||||
|       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.0.1.tgz", | ||||
|       "integrity": "sha512-ethXTt3SGGR+95gudmqJ1eNhRO7eGEGIgYA9vnPatK4/etz2MEVDno5GMCibdMTuBMyElzIlgxMna3K94XDIDQ==", | ||||
|       "dev": true, | ||||
|       "license": "ISC", | ||||
|       "dependencies": { | ||||
|         "brace-expansion": "^2.0.1" | ||||
|       }, | ||||
|       "engines": { | ||||
|         "node": ">=16 || 14 >=14.17" | ||||
|         "node": "20 || >=22" | ||||
|       }, | ||||
|       "funding": { | ||||
|         "url": "https://github.com/sponsors/isaacs" | ||||
| @@ -1284,9 +1276,9 @@ | ||||
|       "license": "MIT" | ||||
|     }, | ||||
|     "node_modules/micromark": { | ||||
|       "version": "4.0.1", | ||||
|       "resolved": "https://registry.npmjs.org/micromark/-/micromark-4.0.1.tgz", | ||||
|       "integrity": "sha512-eBPdkcoCNvYcxQOAKAlceo5SNdzZWfF+FcSupREAzdAh9rRmE239CEQAiTwIgblwnoM8zzj35sZ5ZwvSEOF6Kw==", | ||||
|       "version": "4.0.2", | ||||
|       "resolved": "https://registry.npmjs.org/micromark/-/micromark-4.0.2.tgz", | ||||
|       "integrity": "sha512-zpe98Q6kvavpCr1NPVSCMebCKfD7CA2NqZ+rykeNhONIJBpc1tFKt9hucLGwha3jNTNI8lHpctWJWoimVF4PfA==", | ||||
|       "dev": true, | ||||
|       "funding": [ | ||||
|         { | ||||
| @@ -1320,9 +1312,9 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/micromark-core-commonmark": { | ||||
|       "version": "2.0.2", | ||||
|       "resolved": "https://registry.npmjs.org/micromark-core-commonmark/-/micromark-core-commonmark-2.0.2.tgz", | ||||
|       "integrity": "sha512-FKjQKbxd1cibWMM1P9N+H8TwlgGgSkWZMmfuVucLCHaYqeSvJ0hFeHsIa65pA2nYbes0f8LDHPMrd9X7Ujxg9w==", | ||||
|       "version": "2.0.3", | ||||
|       "resolved": "https://registry.npmjs.org/micromark-core-commonmark/-/micromark-core-commonmark-2.0.3.tgz", | ||||
|       "integrity": "sha512-RDBrHEMSxVFLg6xvnXmb1Ayr2WzLAWjeSATAoxwKYJV94TeNavgoIdA0a9ytzDSVzBy2YKFK+emCPOEibLeCrg==", | ||||
|       "dev": true, | ||||
|       "funding": [ | ||||
|         { | ||||
| @@ -1355,9 +1347,9 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/micromark-extension-directive": { | ||||
|       "version": "3.0.2", | ||||
|       "resolved": "https://registry.npmjs.org/micromark-extension-directive/-/micromark-extension-directive-3.0.2.tgz", | ||||
|       "integrity": "sha512-wjcXHgk+PPdmvR58Le9d7zQYWy+vKEU9Se44p2CrCDPiLr2FMyiT4Fyb5UFKFC66wGB3kPlgD7q3TnoqPS7SZA==", | ||||
|       "version": "4.0.0", | ||||
|       "resolved": "https://registry.npmjs.org/micromark-extension-directive/-/micromark-extension-directive-4.0.0.tgz", | ||||
|       "integrity": "sha512-/C2nqVmXXmiseSSuCdItCMho7ybwwop6RrrRPk0KbOHW21JKoCldC+8rFOaundDoRBUWBnJJcxeA/Kvi34WQXg==", | ||||
|       "dev": true, | ||||
|       "license": "MIT", | ||||
|       "dependencies": { | ||||
| @@ -1413,9 +1405,9 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/micromark-extension-gfm-table": { | ||||
|       "version": "2.1.0", | ||||
|       "resolved": "https://registry.npmjs.org/micromark-extension-gfm-table/-/micromark-extension-gfm-table-2.1.0.tgz", | ||||
|       "integrity": "sha512-Ub2ncQv+fwD70/l4ou27b4YzfNaCJOvyX4HxXU15m7mpYY+rjuWzsLIPZHJL253Z643RpbcP1oeIJlQ/SKW67g==", | ||||
|       "version": "2.1.1", | ||||
|       "resolved": "https://registry.npmjs.org/micromark-extension-gfm-table/-/micromark-extension-gfm-table-2.1.1.tgz", | ||||
|       "integrity": "sha512-t2OU/dXXioARrC6yWfJ4hqB7rct14e8f7m0cbI5hUmDyyIlwv5vEtooptH8INkbLzOatzKuVbQmAYcbWoyz6Dg==", | ||||
|       "dev": true, | ||||
|       "license": "MIT", | ||||
|       "dependencies": { | ||||
| @@ -1763,9 +1755,9 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/micromark-util-subtokenize": { | ||||
|       "version": "2.0.4", | ||||
|       "resolved": "https://registry.npmjs.org/micromark-util-subtokenize/-/micromark-util-subtokenize-2.0.4.tgz", | ||||
|       "integrity": "sha512-N6hXjrin2GTJDe3MVjf5FuXpm12PGm80BrUAeub9XFXca8JZbP+oIwY4LJSVwFUCL1IPm/WwSVUN7goFHmSGGQ==", | ||||
|       "version": "2.1.0", | ||||
|       "resolved": "https://registry.npmjs.org/micromark-util-subtokenize/-/micromark-util-subtokenize-2.1.0.tgz", | ||||
|       "integrity": "sha512-XQLu552iSctvnEcgXw6+Sx75GflAPNED1qx7eBJ+wydBb2KCbRZe+NwvIEEMM83uml1+2WSXpBAcp9IUCgCYWA==", | ||||
|       "dev": true, | ||||
|       "funding": [ | ||||
|         { | ||||
| @@ -1803,9 +1795,9 @@ | ||||
|       "license": "MIT" | ||||
|     }, | ||||
|     "node_modules/micromark-util-types": { | ||||
|       "version": "2.0.1", | ||||
|       "resolved": "https://registry.npmjs.org/micromark-util-types/-/micromark-util-types-2.0.1.tgz", | ||||
|       "integrity": "sha512-534m2WhVTddrcKVepwmVEVnUAmtrx9bfIjNoQHRqfnvdaHQiFytEhJoTgpWJvDEXCO5gLTQh3wYC1PgOJA4NSQ==", | ||||
|       "version": "2.0.2", | ||||
|       "resolved": "https://registry.npmjs.org/micromark-util-types/-/micromark-util-types-2.0.2.tgz", | ||||
|       "integrity": "sha512-Yw0ECSpJoViF1qTU4DC6NwtC4aWGt1EkzaQB8KPPyCRR8z9TWeV0HbEFGTO+ZY1wB22zmxnJqhPyTpOVCpeHTA==", | ||||
|       "dev": true, | ||||
|       "funding": [ | ||||
|         { | ||||
| @@ -1924,9 +1916,9 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/pac-proxy-agent": { | ||||
|       "version": "7.1.0", | ||||
|       "resolved": "https://registry.npmjs.org/pac-proxy-agent/-/pac-proxy-agent-7.1.0.tgz", | ||||
|       "integrity": "sha512-Z5FnLVVZSnX7WjBg0mhDtydeRZ1xMcATZThjySQUHqr+0ksP8kqaw23fNKkaaN/Z8gwLUs/W7xdl0I75eP2Xyw==", | ||||
|       "version": "7.2.0", | ||||
|       "resolved": "https://registry.npmjs.org/pac-proxy-agent/-/pac-proxy-agent-7.2.0.tgz", | ||||
|       "integrity": "sha512-TEB8ESquiLMc0lV8vcd5Ql/JAKAoyzHFXaStwjkzpOpC5Yv+pIzLfHvjTSdf3vpa2bMiUQrg9i6276yn8666aA==", | ||||
|       "dev": true, | ||||
|       "license": "MIT", | ||||
|       "dependencies": { | ||||
| @@ -2045,28 +2037,31 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/path-scurry": { | ||||
|       "version": "1.11.1", | ||||
|       "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", | ||||
|       "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", | ||||
|       "version": "2.0.0", | ||||
|       "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-2.0.0.tgz", | ||||
|       "integrity": "sha512-ypGJsmGtdXUOeM5u93TyeIEfEhM6s+ljAhrk5vAvSx8uyY/02OvrZnA0YNGUrPXfpJMgI1ODd3nwz8Npx4O4cg==", | ||||
|       "dev": true, | ||||
|       "license": "BlueOak-1.0.0", | ||||
|       "dependencies": { | ||||
|         "lru-cache": "^10.2.0", | ||||
|         "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" | ||||
|         "lru-cache": "^11.0.0", | ||||
|         "minipass": "^7.1.2" | ||||
|       }, | ||||
|       "engines": { | ||||
|         "node": ">=16 || 14 >=14.18" | ||||
|         "node": "20 || >=22" | ||||
|       }, | ||||
|       "funding": { | ||||
|         "url": "https://github.com/sponsors/isaacs" | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/path-scurry/node_modules/lru-cache": { | ||||
|       "version": "10.4.3", | ||||
|       "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", | ||||
|       "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==", | ||||
|       "version": "11.1.0", | ||||
|       "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.1.0.tgz", | ||||
|       "integrity": "sha512-QIXZUBJUx+2zHUdQujWejBkcD9+cs94tLn0+YL8UrCh+D5sCXZ4c7LaEH48pNwRY3MLDgqUFyhlCyjJPf1WP0A==", | ||||
|       "dev": true, | ||||
|       "license": "ISC" | ||||
|       "license": "ISC", | ||||
|       "engines": { | ||||
|         "node": "20 || >=22" | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/progress": { | ||||
|       "version": "2.0.3", | ||||
| @@ -2203,9 +2198,9 @@ | ||||
|       } | ||||
|     }, | ||||
|     "node_modules/smol-toml": { | ||||
|       "version": "1.3.1", | ||||
|       "resolved": "https://registry.npmjs.org/smol-toml/-/smol-toml-1.3.1.tgz", | ||||
|       "integrity": "sha512-tEYNll18pPKHroYSmLLrksq233j021G0giwW7P3D24jC54pQ5W5BXMsQ/Mvw1OJCmEYDgY+lrzT+3nNUtoNfXQ==", | ||||
|       "version": "1.3.4", | ||||
|       "resolved": "https://registry.npmjs.org/smol-toml/-/smol-toml-1.3.4.tgz", | ||||
|       "integrity": "sha512-UOPtVuYkzYGee0Bd2Szz8d2G3RfMfJ2t3qVdZUAozZyAk+a0Sxa+QKix0YCwjL/A1RR0ar44nCxaoN9FxdJGwA==", | ||||
|       "dev": true, | ||||
|       "license": "BSD-3-Clause", | ||||
|       "engines": { | ||||
| @@ -2395,9 +2390,9 @@ | ||||
|       "license": "MIT" | ||||
|     }, | ||||
|     "node_modules/undici": { | ||||
|       "version": "6.21.1", | ||||
|       "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.1.tgz", | ||||
|       "integrity": "sha512-q/1rj5D0/zayJB2FraXdaWxbhWiNKDvu8naDT2dl1yTlvJp4BLtOcp2a5BvgGNQpYYJzau7tf1WgKv3b+7mqpQ==", | ||||
|       "version": "6.21.2", | ||||
|       "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.2.tgz", | ||||
|       "integrity": "sha512-uROZWze0R0itiAKVPsYhFov9LxrPMHLMEQFszeI2gCN6bnIIZ8twzBCJcN2LJrBBLfrP0t1FW0g+JmKVl8Vk1g==", | ||||
|       "dev": true, | ||||
|       "license": "MIT", | ||||
|       "engines": { | ||||
|   | ||||
| @@ -16,6 +16,6 @@ | ||||
|   "devDependencies": { | ||||
|     "@bitnami/readme-generator-for-helm": "^2.5.0", | ||||
|     "markdown-link-check": "^3.13.6", | ||||
|     "markdownlint-cli": "^0.44.0" | ||||
|     "markdownlint-cli": "^0.45.0" | ||||
|   } | ||||
| } | ||||
|   | ||||
| @@ -1,10 +1,15 @@ | ||||
| { | ||||
|   "$schema": "https://docs.renovatebot.com/renovate-schema.json", | ||||
|   "assignees": [ | ||||
|     "volker.raschek" | ||||
|   "extends": [ | ||||
|     "local>volker.raschek/renovate-config:default#master", | ||||
|     "local>volker.raschek/renovate-config:container#master", | ||||
|     "local>volker.raschek/renovate-config:actions#master", | ||||
|     "local>volker.raschek/renovate-config:npm#master", | ||||
|     "local>volker.raschek/renovate-config:regexp#master" | ||||
|   ], | ||||
|   "customManagers": [ | ||||
|     { | ||||
|       "customType": "regex", | ||||
|       "fileMatch": [ | ||||
|         "^Chart\\.yaml$" | ||||
|       ], | ||||
| @@ -17,45 +22,56 @@ | ||||
|       "versioningTemplate": "semver" | ||||
|     }, | ||||
|     { | ||||
|       "customType": "regex", | ||||
|       "fileMatch": ["^README\\.md$"], | ||||
|       "matchStrings": [ | ||||
|         "VERSION=(?<currentValue>.*)" | ||||
|         "CHART_VERSION=(?<currentValue>.*)" | ||||
|       ], | ||||
|       "depNameTemplate": "volker.raschek/prometheus-fail2ban-exporter-charts", | ||||
|       "packageNameTemplate": "https://git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter-charts", | ||||
|       "datasourceTemplate": "git-tags", | ||||
|       "versioningTemplate": "semver" | ||||
|     }, | ||||
|     { | ||||
|       "customType": "regex", | ||||
|       "datasourceTemplate": "github-releases", | ||||
|       "fileMatch": [ | ||||
|         ".vscode/settings\\.json$" | ||||
|       ], | ||||
|       "matchStrings": [ | ||||
|         "https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json" | ||||
|       ] | ||||
|     } | ||||
|   ], | ||||
|   "labels": [ | ||||
|     "renovate" | ||||
|   ], | ||||
|   "lockFileMaintenance": { | ||||
|     "enabled": true | ||||
|   }, | ||||
|   "npm": { | ||||
|     "enabled": true | ||||
|   }, | ||||
|   "packageRules": [ | ||||
|     { | ||||
|       "addLabels": [ | ||||
|         "renovate/automerge", | ||||
|         "renovate/npm" | ||||
|       ], | ||||
|       "groupName": "Update docker.io/volkerraschek/helm", | ||||
|       "matchDepNames": [ | ||||
|         "docker.io/volkerraschek/helm", | ||||
|         "volkerraschek/helm" | ||||
|       ] | ||||
|     }, | ||||
|     { | ||||
|       "automerge": true, | ||||
|       "matchPackageNames": [ | ||||
|         "@bitnami/readme-generator-for-helm", | ||||
|         "markdownlint-cli", | ||||
|         "markdown-link-check" | ||||
|       "groupName": "Update helm plugin 'unittest'", | ||||
|       "matchDepNames": [ | ||||
|         "helm-unittest/helm-unittest" | ||||
|       ], | ||||
|       "matchManagers": [ | ||||
|         "npm" | ||||
|       "matchDatasources": [ | ||||
|         "github-releases" | ||||
|       ], | ||||
|       "matchUpdateTypes": [ | ||||
|         "minor", | ||||
|         "patch" | ||||
|       ] | ||||
|     }, | ||||
|     { | ||||
|       "groupName": "Update docker.io/library/node", | ||||
|       "matchDepNames": [ | ||||
|         "docker.io/library/node", | ||||
|         "library/node" | ||||
|       ] | ||||
|     }, | ||||
|     { | ||||
|       "addLabels": [ | ||||
|         "renovate/automerge", | ||||
| @@ -80,7 +96,7 @@ | ||||
|       ], | ||||
|       "automerge": true, | ||||
|       "matchDepNames": [ | ||||
|         "volker.raschek/prometheus-fail2ban-exporter" | ||||
|         "volker.raschek/prometheus-fail2ban-exporter-charts" | ||||
|       ], | ||||
|       "matchUpdateTypes": [ | ||||
|         "major", | ||||
| @@ -88,7 +104,5 @@ | ||||
|         "patch" | ||||
|       ] | ||||
|     } | ||||
|   ], | ||||
|   "rebaseLabel": "renovate/rebase", | ||||
|   "rebaseWhen": "behind-base-branch" | ||||
|   ] | ||||
| } | ||||
|   | ||||
							
								
								
									
										19
									
								
								templates/_networkPolicies.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								templates/_networkPolicies.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | ||||
| {{/* vim: set filetype=mustache: */}} | ||||
|  | ||||
| {{/* annotations */}} | ||||
|  | ||||
| {{- define "prometheus-fail2ban-exporter.networkPolicies.annotations" -}} | ||||
| {{ include "prometheus-fail2ban-exporter.annotations" .context }} | ||||
| {{- if .networkPolicy.annotations }} | ||||
| {{ toYaml .networkPolicy.annotations }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* labels */}} | ||||
|  | ||||
| {{- define "prometheus-fail2ban-exporter.networkPolicies.labels" -}} | ||||
| {{ include "prometheus-fail2ban-exporter.labels" .context }} | ||||
| {{- if .networkPolicy.labels }} | ||||
| {{ toYaml .networkPolicy.labels }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
							
								
								
									
										32
									
								
								templates/_pod.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										32
									
								
								templates/_pod.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,32 @@ | ||||
| --- | ||||
|  | ||||
| {{/* annotations */}} | ||||
|  | ||||
| {{- define "prometheus-fail2ban-exporter.pod.annotations" -}} | ||||
| {{ include "prometheus-fail2ban-exporter.annotations" . }} | ||||
|  | ||||
| # The following annotations are required to trigger a rolling update. Further information can be found in the official | ||||
| # documentation of helm: | ||||
| # | ||||
| #   https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments | ||||
| # | ||||
|  | ||||
| {{/* web config */}} | ||||
| {{- if and .Values.config.webConfig.existingSecret.enabled .Values.config.webConfig.existingSecret.secretName }} | ||||
| {{- $secret := default (dict "data" (dict)) (lookup "v1" "Secret" .Release.Namespace .Values.config.webConfig.existingSecret.secretName ) }} | ||||
| checksum/secret-web-config: {{ print $secret.spec | sha256sum }} | ||||
| {{- else }} | ||||
| checksum/secret-web-config: {{ include (print $.Template.BasePath "/secretWebConfig.yaml") . | sha256sum }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- end }} | ||||
|  | ||||
| {{/* labels */}} | ||||
|  | ||||
| {{- define "prometheus-fail2ban-exporter.pod.labels" -}} | ||||
| {{ include "prometheus-fail2ban-exporter.labels" . }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- define "prometheus-fail2ban-exporter.pod.selectorLabels" -}} | ||||
| {{ include "prometheus-fail2ban-exporter.selectorLabels" . }} | ||||
| {{- end }} | ||||
| @@ -5,7 +5,7 @@ kind: ConfigMap | ||||
| metadata: | ||||
|   {{- with (include "prometheus-fail2ban-exporter.configMap.grafanaDashboards.fail2banExporter.annotations" . | fromYaml) }} | ||||
|   annotations: | ||||
|     {{- tpl (. | toYaml) $ | nindent 4 }} | ||||
|     {{- tpl (toYaml .) $ | nindent 4 }} | ||||
|   {{- end }} | ||||
|   {{- with (include "prometheus-fail2ban-exporter.configMap.grafanaDashboards.fail2banExporter.labels" . | fromYaml) }} | ||||
|   labels: | ||||
| @@ -3,7 +3,7 @@ kind: DaemonSet | ||||
| metadata: | ||||
|   {{- with (include "prometheus-fail2ban-exporter.daemonSet.annotations" . | fromYaml) }} | ||||
|   annotations: | ||||
|     {{- tpl (. | toYaml) $ | nindent 4 }} | ||||
|     {{- tpl (toYaml .) $ | nindent 4 }} | ||||
|   {{- end }} | ||||
|   {{- with (include "prometheus-fail2ban-exporter.daemonSet.labels" . | fromYaml) }} | ||||
|   labels: | ||||
| @@ -17,6 +17,8 @@ spec: | ||||
|       {{- include "prometheus-fail2ban-exporter.pod.selectorLabels" . | nindent 6 }} | ||||
|   template: | ||||
|     metadata: | ||||
|       annotations: | ||||
|         {{- include "prometheus-fail2ban-exporter.pod.annotations" . | nindent 8 }} | ||||
|       labels: | ||||
|         {{- include "prometheus-fail2ban-exporter.pod.labels" . | nindent 8 }} | ||||
|     spec: | ||||
| @@ -5,7 +5,7 @@ kind: Ingress | ||||
| metadata: | ||||
|   {{- with (include "prometheus-fail2ban-exporter.ingress.annotations" . | fromYaml) }} | ||||
|   annotations: | ||||
|     {{- tpl (. | toYaml) $ | nindent 4 }} | ||||
|     {{- tpl (toYaml .) $ | nindent 4 }} | ||||
|   {{- end }} | ||||
|   {{- with (include "prometheus-fail2ban-exporter.ingress.labels" . | fromYaml) }} | ||||
|   labels: | ||||
							
								
								
									
										36
									
								
								templates/networkPolicies.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										36
									
								
								templates/networkPolicies.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,36 @@ | ||||
| {{- if .Values.networkPolicies.enabled }} | ||||
| {{- range $key, $value := .Values.networkPolicies -}} | ||||
| {{- if and (not (eq $key "enabled")) $value.enabled }} | ||||
| --- | ||||
| apiVersion: networking.k8s.io/v1 | ||||
| kind: NetworkPolicy | ||||
| metadata: | ||||
|   {{- with (include "prometheus-fail2ban-exporter.networkPolicies.annotations" (dict "networkPolicy" $value "context" $) | fromYaml) }} | ||||
|   annotations: | ||||
|     {{- toYaml . | nindent 4 }} | ||||
|   {{- end }} | ||||
|   {{- with (include "prometheus-fail2ban-exporter.networkPolicies.labels" (dict "networkPolicy" $value "context" $) | fromYaml) }} | ||||
|   labels: | ||||
|     {{- toYaml . | nindent 4 }} | ||||
|   {{- end }} | ||||
|   name: {{ printf "%s-%s" (include "prometheus-fail2ban-exporter.fullname" $ ) $key }} | ||||
|   namespace: {{ $.Release.Namespace }} | ||||
| spec: | ||||
|   podSelector: | ||||
|     matchLabels: | ||||
|       {{- include "prometheus-fail2ban-exporter.pod.selectorLabels" $ | nindent 6 }} | ||||
|   {{- with $value.policyTypes }} | ||||
|   policyTypes: | ||||
|   {{- toYaml . | nindent 2 }} | ||||
|   {{- end }} | ||||
|   {{- with $value.egress }} | ||||
|   egress: | ||||
|   {{- toYaml . | nindent 2 }} | ||||
|   {{- end }} | ||||
|   {{- with $value.ingress }} | ||||
|   ingress: | ||||
|   {{- toYaml . | nindent 2 }} | ||||
|   {{- end }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
| @@ -1,17 +0,0 @@ | ||||
| --- | ||||
|  | ||||
| {{/* annotations */}} | ||||
|  | ||||
| {{- define "prometheus-fail2ban-exporter.pod.annotations" -}} | ||||
| {{ include "prometheus-fail2ban-exporter.annotations" . }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* labels */}} | ||||
|  | ||||
| {{- define "prometheus-fail2ban-exporter.pod.labels" -}} | ||||
| {{ include "prometheus-fail2ban-exporter.labels" . }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- define "prometheus-fail2ban-exporter.pod.selectorLabels" -}} | ||||
| {{ include "prometheus-fail2ban-exporter.selectorLabels" . }} | ||||
| {{- end }} | ||||
| @@ -6,7 +6,7 @@ release: | ||||
|   name: prometheus-fail2ban-exporter-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/prometheus-fail2ban-exporter/configMapGrafanaDashboardFail2BanExporter.yaml | ||||
| - templates/configMapGrafanaDashboardFail2BanExporter.yaml | ||||
| tests: | ||||
| - it: Rendering fail2banExporter | ||||
|   asserts: | ||||
|   | ||||
| @@ -6,19 +6,23 @@ release: | ||||
|   name: prometheus-fail2ban-exporter-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/prometheus-fail2ban-exporter/daemonSet.yaml | ||||
| - templates/daemonSet.yaml | ||||
| - templates/secretWebConfig.yaml | ||||
| tests: | ||||
| - it: Rendering default | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 1 | ||||
|     template: templates/daemonSet.yaml | ||||
|   - containsDocument: | ||||
|       apiVersion: apps/v1 | ||||
|       kind: DaemonSet | ||||
|       name: prometheus-fail2ban-exporter-unittest | ||||
|       namespace: testing | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: metadata.annotations | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: metadata.labels | ||||
|       value: | ||||
| @@ -27,15 +31,31 @@ tests: | ||||
|         app.kubernetes.io/name: prometheus-fail2ban-exporter | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: prometheus-fail2ban-exporter-0.1.0 | ||||
|     template: templates/daemonSet.yaml | ||||
|   - exists: | ||||
|       path: spec.template.metadata.annotations.checksum/secret-web-config | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.metadata.labels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: prometheus-fail2ban-exporter-unittest | ||||
|         app.kubernetes.io/managed-by: Helm | ||||
|         app.kubernetes.io/name: prometheus-fail2ban-exporter | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: prometheus-fail2ban-exporter-0.1.0 | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.affinity | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.containers[0].envFrom | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].args | ||||
|       value: | ||||
|       # - --web.config.file=/etc/prometheus-fail2ban-exporter/config.d/webConfig.yaml | ||||
|       - --web.listen-address=:9191 | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].volumeMounts | ||||
|       value: | ||||
| @@ -43,6 +63,7 @@ tests: | ||||
|         name: socket | ||||
|       - mountPath: /etc/prometheus-fail2ban-exporter/config.d | ||||
|         name: config-d | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.volumes | ||||
|       value: | ||||
| @@ -53,42 +74,59 @@ tests: | ||||
|       - name: config-d | ||||
|         secret: | ||||
|           secretName: prometheus-fail2ban-exporter-unittest-web-config | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].image | ||||
|       value: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter:0.1.0 | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].imagePullPolicy | ||||
|       value: IfNotPresent | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.containers[0].resources | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.containers[0].securityContext | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.dnsConfig | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.dnsPolicy | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.hostname | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.hostNetwork | ||||
|       value: false | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.imagePullSecrets | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.nodeSelector | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.priorityClassName | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.restartPolicy | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.subdomain | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.terminationGracePeriodSeconds | ||||
|       value: 60 | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.tolerations | ||||
|     template: templates/daemonSet.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.topologySpreadConstraints | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.updateStrategy | ||||
|       value: | ||||
| @@ -96,6 +134,7 @@ tests: | ||||
|           maxSurge: 1 | ||||
|           maxUnavailable: 0 | ||||
|         type: "RollingUpdate" | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test custom affinity | ||||
|   set: | ||||
| @@ -122,6 +161,7 @@ tests: | ||||
|                 values: | ||||
|                 - antarctica-east1 | ||||
|                 - antarctica-west1 | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test additional arguments | ||||
|   set: | ||||
| @@ -136,6 +176,7 @@ tests: | ||||
|       - --web.listen-address=:9191 | ||||
|       - --foo=bar | ||||
|       - --bar=foo | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test custom imageRegistry and imageRepository | ||||
|   set: | ||||
| @@ -145,6 +186,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].image | ||||
|       value: registry.example.local/path/special/prometheus-fail2ban-exporter:0.1.0 | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test custom imagePullPolicy | ||||
|   set: | ||||
| @@ -153,6 +195,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].imagePullPolicy | ||||
|       value: Always | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test config.webConfig.existingSecret | ||||
|   set: | ||||
| @@ -166,6 +209,7 @@ tests: | ||||
|         name: socket | ||||
|       - mountPath: /etc/prometheus-fail2ban-exporter/config.d | ||||
|         name: config-d | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.volumes | ||||
|       value: | ||||
| @@ -176,6 +220,7 @@ tests: | ||||
|       - name: config-d | ||||
|         secret: | ||||
|           secretName: web-config-secret | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test custom resource limits and requests | ||||
|   set: | ||||
| @@ -195,6 +240,7 @@ tests: | ||||
|           resourceFieldRef: | ||||
|             divisor: "1" | ||||
|             resource: limits.cpu | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].resources | ||||
|       value: | ||||
| @@ -204,6 +250,7 @@ tests: | ||||
|         requests: | ||||
|           cpu: 25m | ||||
|           memory: 100MB | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test custom securityContext | ||||
|   set: | ||||
| @@ -230,6 +277,7 @@ tests: | ||||
|         readOnlyRootFilesystem: true | ||||
|         runAsNonRoot: true | ||||
|         runAsUser: 1000 | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test dnsConfig | ||||
|   set: | ||||
| @@ -244,6 +292,7 @@ tests: | ||||
|         nameservers: | ||||
|         - "8.8.8.8" | ||||
|         - "8.8.4.4" | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test dnsPolicy | ||||
|   set: | ||||
| @@ -252,6 +301,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.dnsPolicy | ||||
|       value: ClusterFirst | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test hostNetwork, hostname, subdomain | ||||
|   set: | ||||
| @@ -262,12 +312,15 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.hostNetwork | ||||
|       value: true | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.hostname | ||||
|       value: pg-exporter | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.subdomain | ||||
|       value: exporters.internal | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test imagePullSecrets | ||||
|   set: | ||||
| @@ -280,6 +333,7 @@ tests: | ||||
|       value: | ||||
|       - name: my-pull-secret | ||||
|       - name: my-special-secret | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test nodeSelector | ||||
|   set: | ||||
| @@ -290,6 +344,7 @@ tests: | ||||
|       path: spec.template.spec.nodeSelector | ||||
|       value: | ||||
|         foo: bar | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test priorityClassName | ||||
|   set: | ||||
| @@ -298,6 +353,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.priorityClassName | ||||
|       value: my-priority | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test restartPolicy | ||||
|   set: | ||||
| @@ -306,6 +362,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.restartPolicy | ||||
|       value: Always | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test terminationGracePeriodSeconds | ||||
|   set: | ||||
| @@ -314,6 +371,7 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.terminationGracePeriodSeconds | ||||
|       value: 120 | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test tolerations | ||||
|   set: | ||||
| @@ -330,6 +388,7 @@ tests: | ||||
|         operator: Equal | ||||
|         value: fail2ban | ||||
|         effect: NoSchedule | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test topologySpreadConstraints | ||||
|   set: | ||||
| @@ -348,6 +407,7 @@ tests: | ||||
|         labelSelector: | ||||
|           matchLabels: | ||||
|             app.kubernetes.io/instance: prometheus-fail2ban-exporter | ||||
|     template: templates/daemonSet.yaml | ||||
|  | ||||
| - it: Test additional volumeMounts and volumes | ||||
|   set: | ||||
| @@ -366,6 +426,7 @@ tests: | ||||
|         mountPath: /usr/lib/prometheus-fail2ban-exporter/data | ||||
|       - name: config-d | ||||
|         mountPath: /etc/prometheus-fail2ban-exporter/config.d | ||||
|     template: templates/daemonSet.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.volumes | ||||
|       value: | ||||
| @@ -375,3 +436,4 @@ tests: | ||||
|       - name: config-d | ||||
|         secret: | ||||
|           secretName: prometheus-fail2ban-exporter-unittest-web-config | ||||
|     template: templates/daemonSet.yaml | ||||
| @@ -6,7 +6,7 @@ release: | ||||
|   name: prometheus-fail2ban-exporter-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/prometheus-fail2ban-exporter/ingress.yaml | ||||
| - templates/ingress.yaml | ||||
| tests: | ||||
| - it: Skip ingress by default. | ||||
|   asserts: | ||||
|   | ||||
							
								
								
									
										118
									
								
								unittests/networkPolicies/default.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										118
									
								
								unittests/networkPolicies/default.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,118 @@ | ||||
| chart: | ||||
|   appVersion: 0.1.0 | ||||
|   version: 0.1.0 | ||||
| suite: NetworkPolicies template (basic) | ||||
| release: | ||||
|   name: prometheus-fail2ban-exporter-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/networkPolicies.yaml | ||||
| tests: | ||||
| - it: Skip networkPolicies in general disabled. | ||||
|   set: | ||||
|     networkPolicies.enabled: false | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 0 | ||||
|  | ||||
| - it: Skip networkPolicy 'default' when disabled. | ||||
|   set: | ||||
|     networkPolicies.enabled: true | ||||
|     networkPolicies.default.enabled: false | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 0 | ||||
|  | ||||
| - it: Loop over networkPolicies | ||||
|   set: | ||||
|     networkPolicies.enabled: true | ||||
|     networkPolicies.default.enabled: false | ||||
|     networkPolicies.nginx.enabled: true | ||||
|     networkPolicies.prometheus.enabled: true | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 2 | ||||
|  | ||||
| - it: Template networkPolicy 'default' without policyTypes, egress and ingress configuration | ||||
|   set: | ||||
|     networkPolicies.enabled: true | ||||
|     networkPolicies.default.enabled: true | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 1 | ||||
|   - containsDocument: | ||||
|       apiVersion: networking.k8s.io/v1 | ||||
|       kind: NetworkPolicy | ||||
|       name: prometheus-fail2ban-exporter-unittest-default | ||||
|       namespace: testing | ||||
|   - notExists: | ||||
|       path: metadata.annotations | ||||
|   - equal: | ||||
|       path: metadata.labels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: prometheus-fail2ban-exporter-unittest | ||||
|         app.kubernetes.io/managed-by: Helm | ||||
|         app.kubernetes.io/name: prometheus-fail2ban-exporter | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: prometheus-fail2ban-exporter-0.1.0 | ||||
|   - equal: | ||||
|       path: spec.podSelector.matchLabels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: prometheus-fail2ban-exporter-unittest | ||||
|         app.kubernetes.io/name: prometheus-fail2ban-exporter | ||||
|   - notExists: | ||||
|       path: spec.policyTypes | ||||
|   - notExists: | ||||
|       path: spec.egress | ||||
|   - notExists: | ||||
|       path: spec.ingress | ||||
|  | ||||
| - it: Template networkPolicy 'default' with policyTypes, egress and ingress configuration | ||||
|   set: | ||||
|     networkPolicies.enabled: true | ||||
|     networkPolicies.default.enabled: true | ||||
|     networkPolicies.default.policyTypes: | ||||
|     - Egress | ||||
|     - Ingress | ||||
|     networkPolicies.default.ingress: | ||||
|     - from: | ||||
|       - namespaceSelector: | ||||
|           matchLabels: | ||||
|             kubernetes.io/metadata.name: khv-production | ||||
|         podSelector: | ||||
|           matchLabels: | ||||
|             app.kubernetes.io/name: prometheus | ||||
|     networkPolicies.default.egress: | ||||
|     - to: | ||||
|       - namespaceSelector: | ||||
|           matchLabels: | ||||
|             kubernetes.io/metadata.name: database | ||||
|         podSelector: | ||||
|           matchLabels: | ||||
|             app.kubernetes.io/name: oracle | ||||
|   asserts: | ||||
|   - equal: | ||||
|       path: spec.policyTypes | ||||
|       value: | ||||
|       - Egress | ||||
|       - Ingress | ||||
|   - equal: | ||||
|       path: spec.egress | ||||
|       value: | ||||
|       - to: | ||||
|         - namespaceSelector: | ||||
|             matchLabels: | ||||
|               kubernetes.io/metadata.name: database | ||||
|           podSelector: | ||||
|             matchLabels: | ||||
|               app.kubernetes.io/name: oracle | ||||
|   - equal: | ||||
|       path: spec.ingress | ||||
|       value: | ||||
|       - from: | ||||
|         - namespaceSelector: | ||||
|             matchLabels: | ||||
|               kubernetes.io/metadata.name: khv-production | ||||
|           podSelector: | ||||
|             matchLabels: | ||||
|               app.kubernetes.io/name: prometheus | ||||
| @@ -6,7 +6,7 @@ release: | ||||
|   name: prometheus-fail2ban-exporter-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/prometheus-fail2ban-exporter/podMonitor.yaml | ||||
| - templates/podMonitor.yaml | ||||
| tests: | ||||
| - it: Skip podMonitor when metrics are disabled. | ||||
|   set: | ||||
|   | ||||
| @@ -6,7 +6,7 @@ release: | ||||
|   name: prometheus-fail2ban-exporter-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/prometheus-fail2ban-exporter/secretWebConfig.yaml | ||||
| - templates/secretWebConfig.yaml | ||||
| tests: | ||||
| - it: Rendering default secret. | ||||
|   asserts: | ||||
|   | ||||
| @@ -6,7 +6,7 @@ release: | ||||
|   name: prometheus-fail2ban-exporter-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/prometheus-fail2ban-exporter/serviceAccount.yaml | ||||
| - templates/serviceAccount.yaml | ||||
| tests: | ||||
| - it: Skip rendering. | ||||
|   set: | ||||
|   | ||||
| @@ -6,7 +6,7 @@ release: | ||||
|   name: prometheus-fail2ban-exporter-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/prometheus-fail2ban-exporter/serviceMonitorHTTP.yaml | ||||
| - templates/serviceMonitorHTTP.yaml | ||||
| tests: | ||||
| - it: Skip serviceMonitor when service is disabled. | ||||
|   set: | ||||
|   | ||||
| @@ -6,7 +6,7 @@ release: | ||||
|   name: prometheus-fail2ban-exporter-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/prometheus-fail2ban-exporter/serviceHTTP.yaml | ||||
| - templates/serviceHTTP.yaml | ||||
| tests: | ||||
| - it: Skip service when disabled. | ||||
|   set: | ||||
|   | ||||
							
								
								
									
										50
									
								
								values.yaml
									
									
									
									
									
								
							
							
						
						
									
										50
									
								
								values.yaml
									
									
									
									
									
								
							| @@ -270,9 +270,53 @@ podDisruptionBudget: {} | ||||
| #  maxUnavailable: 1 | ||||
| #  minAvailable: 1 | ||||
|  | ||||
| ## @section Network | ||||
| ## @param networkPolicies Deploy network policies based on the used container network interface (CNI) implementation - like calico or weave. | ||||
| networkPolicies: {} | ||||
| ## @section NetworkPolicies | ||||
| ## @param networkPolicies.enabled Enable network policies in general. | ||||
| networkPolicies: | ||||
|   enabled: false | ||||
|  | ||||
|   ## @param networkPolicies.default.enabled Enable the network policy for accessing the application by default. For example to scape the metrics. | ||||
|   ## @param networkPolicies.default.annotations Additional network policy annotations. | ||||
|   ## @param networkPolicies.default.labels Additional network policy labels. | ||||
|   ## @param networkPolicies.default.policyTypes List of policy types. Supported is ingress, egress or ingress and egress. | ||||
|   ## @param networkPolicies.default.egress Concrete egress network policy implementation. | ||||
|   ## @skip networkPolicies.default.egress Skip individual egress configuration. | ||||
|   ## @param networkPolicies.default.ingress Concrete ingress network policy implementation. | ||||
|   ## @skip networkPolicies.default.ingress Skip individual ingress configuration. | ||||
|   default: | ||||
|     enabled: false | ||||
|     annotations: {} | ||||
|     labels: {} | ||||
|     policyTypes: [] | ||||
|     # - Egress | ||||
|     # - Ingress | ||||
|     egress: [] | ||||
|     ingress: [] | ||||
|     # Allow incoming HTTP traffic from prometheus. | ||||
|     # | ||||
|     # - from: | ||||
|     #   - namespaceSelector: | ||||
|     #       matchLabels: | ||||
|     #         kubernetes.io/metadata.name: monitoring | ||||
|     #     podSelector: | ||||
|     #       matchLabels: | ||||
|     #         app.kubernetes.io/name: prometheus | ||||
|     #   ports: | ||||
|     #   - port: http | ||||
|     #     protocol: TCP | ||||
|  | ||||
|     # Allow incoming HTTP traffic from ingress-nginx. | ||||
|     # | ||||
|     # - from: | ||||
|     #   - namespaceSelector: | ||||
|     #       matchLabels: | ||||
|     #         kubernetes.io/metadata.name: ingress-nginx | ||||
|     #     podSelector: | ||||
|     #       matchLabels: | ||||
|     #         app.kubernetes.io/name: ingress-nginx | ||||
|     #   ports: | ||||
|     #   - port: http | ||||
|     #     protocol: TCP | ||||
|  | ||||
| ## @section Prometheus | ||||
| prometheus: | ||||
|   | ||||
		Reference in New Issue
	
	Block a user