fix: grant cap_net_raw to blackbox_exporter

[STRRL]

Signed-off-by: STRRL str_ruiling@outlook.com

What problem does this PR solve?

fix #1249

What is changed and how it works?

• add AmbientCapabilities=CAP_NET_RAW with condition GrantCapNetRaw in the template
• set GrantCapNetRaw to true when componentName == spec.ComponentBlackboxExporter

Check List

Tests

• Unit test
• Integration test
• Manual test (add detailed scripts or steps below)
• No code

Manually test with tiup cluster deploy.

Code changes

• Has exported function/method change
• Has exported variable/fields change
• Has interface methods change
• Has persistent data change

Side effects

• Possible performance regression
• Increased code complexity
• Breaking backward compatibility

Related changes

• Need to cherry-pick to the release branch
• Need to update the documentation

Release notes:

NONE

[CLAassistant]

All committers have signed the CLA.

[ti-chi-bot]

[REVIEW NOTIFICATION]

This pull request has been approved by:

• AstroProfundis

To complete the pull request process, please ask the reviewers in the list to review by filling /cc @reviewer in the comment.
After your PR has acquired the required number of LGTMs, you can assign this pull request to the committer in the list by filling /assign @committer in the comment to help you merge this pull request.

The full list of commands accepted by this bot can be found here.

Reviewer can indicate their review by writing /lgtm in a comment.
Reviewer can cancel approval by writing /lgtm cancel in a comment.

[AstroProfundis]

/merge

[ti-chi-bot]

This pull request has been accepted and is ready to merge.

Commit hash: 86b4e8d

[codecov-io]

Codecov Report

Merging #1250 (dce0623) into master (50932b4) will decrease coverage by 15.24%.
The diff coverage is 100.00%.

@@             Coverage Diff             @@
##           master    #1250       +/-   ##
===========================================
- Coverage   53.55%   38.31%   -15.25%     
===========================================
  Files         289      254       -35     
  Lines       20773    17874     -2899     
===========================================
- Hits        11126     6848     -4278     
- Misses       7911     9808     +1897     
+ Partials     1736     1218      -518     

Flag	Coverage Δ
cluster	32.64% <100.00%> (-12.52%)	⬇️
dm	26.68% <100.00%> (+0.06%)	⬆️
integrate	38.31% <100.00%> (-9.74%)	⬇️
playground	?
tiup	?
unittest	?

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
pkg/cluster/template/systemd/system.go	73.33% <ø> (ø)
pkg/cluster/task/monitored_config.go	56.94% <100.00%> (+1.23%)	⬆️
pkg/repository/store/store.go	0.00% <0.00%> (-100.00%)	⬇️
components/dm/ansible/worker.go	0.00% <0.00%> (-100.00%)	⬇️
pkg/repository/utils/hash.go	0.00% <0.00%> (-81.82%)	⬇️
pkg/meta/err.go	0.00% <0.00%> (-81.25%)	⬇️
pkg/telemetry/meta.go	0.00% <0.00%> (-80.00%)	⬇️
pkg/telemetry/scrub.go	6.66% <0.00%> (-80.00%)	⬇️
pkg/repository/store/local.go	0.00% <0.00%> (-76.48%)	⬇️
pkg/cluster/api/error.go	0.00% <0.00%> (-75.00%)	⬇️
... and 159 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 50932b4...dce0623. Read the comment docs.