From 144a624985374ce18e3f71a4eaae9f7a5546a65f Mon Sep 17 00:00:00 2001
From: Erik Brakkee <erik@brakkee.org>
Date: Fri, 3 Jan 2025 20:40:28 +0100
Subject: [PATCH] exiting with an error when a capability cannot be found.

---
 cmd/policygen/templates.go                    |  3 ++-
 .../templates/netpol/namespace/monitored.yaml | 23 +++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 cmd/policygen/templates/netpol/namespace/monitored.yaml

diff --git a/cmd/policygen/templates.go b/cmd/policygen/templates.go
index 8357d87..fbbe716 100644
--- a/cmd/policygen/templates.go
+++ b/cmd/policygen/templates.go
@@ -112,7 +112,8 @@ func (t *PolicyTemplates) NamespaceTemplates(policyType string, capabilities []s
 			log.Printf("Found template for capability '%s'", capability)
 			res = append(res, tmpl)
 		} else {
-			log.Printf("Capability '%s' not found", capability)
+			fmt.Fprintf(os.Stderr, "ERROR: Capability '%s' not found\n", capability)
+			os.Exit(1)
 		}
 	}
 	return res
diff --git a/cmd/policygen/templates/netpol/namespace/monitored.yaml b/cmd/policygen/templates/netpol/namespace/monitored.yaml
new file mode 100644
index 0000000..9bf34e4
--- /dev/null
+++ b/cmd/policygen/templates/netpol/namespace/monitored.yaml
@@ -0,0 +1,23 @@
+{{- if not .Open }}
+
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: allow-monitoring
+  namespace: {{.Name}}
+spec:
+  podSelector:
+    matchLabels: {}
+  policyTypes:
+    - Ingress
+  ingress:
+    - from:
+        - podSelector:
+            matchLabels:
+              app.kubernetes.io/name: prometheus
+          namespaceSelector:
+            matchLabels:
+              kubernetes.io/metadata.name: monitoring
+      ports:
+        - port: prometheus
+
+  {{- end }}
\ No newline at end of file