diff options
| author |   Pawel Wieczorek <p.wieczorek2@samsung.com> | 2020-02-25 13:36:59 +0100 |
|---|---|---|
| committer |   Bartek Grzybowski <b.grzybowski@partner.samsung.com> | 2020-03-25 13:08:24 +0000 |
| commit | 600bce340bda372151b4120d89c854f2decc3a93 (patch) | |
| tree | 32b37ae282f41729665661c9eb29237e0d5e4610 /test/security/sslendpoints/main.go | |
| parent | 45d5c7a8853f5b25dbb9b6b8a99846d68a199468 (diff) | |
Add NodePorts filtering with development environment basis
This patch has not made "sslendpoints" fully compatible with
"check_for_nonssl_endpoints.sh" script yet. It sets up basic development
environment for Golang-based checkers, though.
Tool output will be added to the README after reaching full
compatibility with previous (script) version.
Development environment brought by this patch is heavily based on:
https://github.com/SamsungSLAV/boruta
Issue-ID: SECCOM-261
Change-Id: I8f035b63bea13785c40971ede5fdbbc9b6810168
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Diffstat (limited to 'test/security/sslendpoints/main.go')
| -rw-r--r-- | test/security/sslendpoints/main.go | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/test/security/sslendpoints/main.go b/test/security/sslendpoints/main.go new file mode 100644 index 000000000..44f250940 --- /dev/null +++ b/test/security/sslendpoints/main.go @@ -0,0 +1,51 @@ +package main + +import ( + "flag" + "log" + "os" + "path/filepath" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/tools/clientcmd" + + "onap.local/sslendpoints/ports" +) + +func main() { + var kubeconfig *string + if home := os.Getenv("HOME"); home != "" { + kubeconfig = flag.String("kubeconfig", filepath.Join(home, ".kube", "config"), "(optional) absolute path to the kubeconfig file") + } else { + kubeconfig = flag.String("kubeconfig", "", "absolute path to the kubeconfig file") + } + flag.Parse() + + // use the current context in kubeconfig + config, err := clientcmd.BuildConfigFromFlags("", *kubeconfig) + if err != nil { + log.Panicf("Unable to build cluster config: %v", err) + } + + // create the clientset + clientset, err := kubernetes.NewForConfig(config) + if err != nil { + log.Panicf("Unable to build client: %v", err) + } + + // get list of services to extract nodeport information + services, err := clientset.CoreV1().Services("").List(metav1.ListOptions{}) + if err != nil { + log.Panicf("Unable to get list of services: %v", err) + } + + // filter out nodeports with corresponding services from service list + nodeports, ok := ports.FilterNodePorts(services) + if !ok { + log.Println("There are no NodePorts in the cluster") + os.Exit(0) + } + log.Printf("There are %d NodePorts in the cluster\n", len(nodeports)) + os.Exit(len(nodeports)) +} |