Add namespace filtering to SSL endpoints check

Utility "sslendpoints" now supports scanning only selected Kubernetes
cluster namespace. To do so, add "-namespace" flag with namespace of
your choice as its argument to the executed command.

Default behavior remained unchanged, i.e. scan covers all namespaces.

Issue-ID: INT-1582
Change-Id: If5534b76bca94248a5003d735c25328648e478a1
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>

diff --git a/test/security/sslendpoints/main.go b/test/security/sslendpoints/main.go
index 331979e..ce5948c 100644 (file)
--- a/test/security/sslendpoints/main.go
+++ b/test/security/sslendpoints/main.go
@@ -28,6 +28,7 @@ const (
 
 var (
        kubeconfig *string
+       namespace  *string
        xfailName  *string
 )
 
@@ -37,9 +38,15 @@ func main() {
        } else {
                kubeconfig = flag.String("kubeconfig", "", "absolute path to the kubeconfig file")
        }
+       namespace = flag.String("namespace", "", "(optional) name of specific namespace to scan")
        xfailName = flag.String("xfail", "", "(optional) absolute path to the expected failures file")
        flag.Parse()
 
+       var listOptions metav1.ListOptions
+       if *namespace != "" {
+               listOptions = metav1.ListOptions{FieldSelector: "metadata.namespace=" + *namespace}
+       }
+
        xfails := make(map[uint16]string)
        if *xfailName != "" {
                xfailFile, err := os.Open(*xfailName)
@@ -94,7 +101,7 @@ func main() {
        }
 
        // get list of services to extract nodeport information
-       services, err := clientset.CoreV1().Services("").List(metav1.ListOptions{})
+       services, err := clientset.CoreV1().Services("").List(listOptions)
        if err != nil {
                log.Panicf("Unable to get list of services: %v", err)
        }