From: Pawel Wieczorek <p.wieczorek2@samsung.com>
Date: Thu, 19 Mar 2020 10:14:18 +0000 (+0100)
Subject: Filter out only open non-SSL ports
X-Git-Tag: 6.0.0-ONAP~144
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=48d30cd5199396c3f859b4be2258d9a99a701507;p=integration.git

Filter out only open non-SSL ports

This patch ignores closed and filtered ports from scan results. It is
intended to keep "expected failure" list minimal.

Issue-ID: INT-1480
Change-Id: Idb93cf4e19284bc121aa45ea950d28405c29e222
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
---

diff --git a/test/security/check_for_nonssl_endpoints.sh b/test/security/check_for_nonssl_endpoints.sh
index 9e98520af..531b24814 100755
--- a/test/security/check_for_nonssl_endpoints.sh
+++ b/test/security/check_for_nonssl_endpoints.sh
@@ -95,7 +95,7 @@ SCAN_RESULT=`nmap $K8S_NODE -sV -p $PORT_LIST 2>/dev/null | grep \tcp`
 RESULTS=`paste <(printf %s "$SVCS") <(printf %s "$SCAN_RESULT") | column -t`
 
 # Find all non-SSL ports
-HTTP_PORTS=`grep -v ssl <<< "$RESULTS" | tee "$FILTERED_PORTS_LIST"`
+HTTP_PORTS=`grep -v ssl <<< "$RESULTS" | grep open | tee "$FILTERED_PORTS_LIST"`
 
 # Filter out whitelisted endpoints
 while IFS= read -r line; do