audit(gremlin): dockpeek FAIL 2026-05-04
This commit is contained in:
parent
575e9e0a5a
commit
06dbd5039f
1 changed files with 54 additions and 0 deletions
54
Netgrimoire/Audits/dockpeek-2026-05-04.md
Normal file
54
Netgrimoire/Audits/dockpeek-2026-05-04.md
Normal file
|
|
@ -0,0 +1,54 @@
|
|||
---
|
||||
title: Audit - dockpeek.yaml
|
||||
description: Gremlin audit report 2026-05-04
|
||||
published: true
|
||||
date: 2026-05-04T11:09:38.627Z
|
||||
tags: gremlin,audit
|
||||
editor: markdown
|
||||
dateCreated: 2026-05-04T11:09:38.627Z
|
||||
---
|
||||
|
||||
# Audit Report — dockpeek.yaml
|
||||
|
||||
**Date:** 2026-05-04
|
||||
**File:** swarm/dockpeek.yaml
|
||||
**Type:** Docker Swarm
|
||||
**Verdict:** FAIL
|
||||
|
||||
---
|
||||
|
||||
**SWARM AUDIT CHECKS**
|
||||
|
||||
1. **Homepage labels**:
|
||||
- `homepage.group`: "Monitoring" - **PASS**
|
||||
- `homepage.name`: "Dockpeek" - **PASS**
|
||||
- `homepage.icon`: "docker" - **PASS**
|
||||
- `homepage.href`: "https://dockpeek.netgrimoire.com" - **PASS**
|
||||
- `homepage.description`: "Dockpeek service" - **FAIL**: This label is missing in the provided YAML. Add it under `deploy.labels`.
|
||||
- **Fix**: Add `homepage.description: "Dockpeek service"`.
|
||||
|
||||
2. **Uptime Kuma labels**:
|
||||
- No Uptime Kuma labels present in the configuration.
|
||||
- **PASS** (Assuming there are no Uptime Kuma services to check for this label).
|
||||
|
||||
3. **Caddy labels on exposed services**:
|
||||
- `caddy: dockpeek.netgrimoire.com` - **PASS**
|
||||
- `caddy.reverse_proxy: dockpeek:8000` - **PASS**
|
||||
|
||||
4. **Placement constraints**:
|
||||
- No node.hostname constraint is present in the configuration.
|
||||
- **FAIL**: Add a constraint for `node.hostname`. For example, `- node.hostname == my-manager-node`.
|
||||
- **Fix**: Modify the `placement.constraints` block to include a hostname constraint.
|
||||
|
||||
5. **Volumes use /DockerVol/<service> path convention**:
|
||||
- The volume is using `/var/run/docker.sock:/var/run/docker.sock`, which does not follow the `/DockerVol/<service>` path convention.
|
||||
- **FAIL**: Update the volume path to match the convention. For example, `- /DockerVol/dockpeek/var/run/docker.sock:/var/run/docker.sock`.
|
||||
- **Fix**: Modify the `volumes` block to use the appropriate path.
|
||||
|
||||
6. **Network references external netgrimoire overlay**:
|
||||
- The network is referencing an external `netgrimoire` overlay.
|
||||
- **PASS**
|
||||
|
||||
**VERDICT: FAIL**
|
||||
|
||||
The configuration contains several issues that need to be addressed before it can be considered compliant with the specified audit checks.
|
||||
Loading…
Add table
Add a link
Reference in a new issue