Add IP addresses filtering

Each node might be described with 3 types of addresses [1]. Some
providers also use node annotations [2] for assigned addresses.

This patch filters out all IP addresses from nodes list. External IPs
take precedence over internal ones. The first address on the extracted
slice will be later used to run the scan on.

This behaviour could be later modified to e.g. loop over all extracted
IP addresses (if scan fails).

[1] https://kubernetes.io/docs/concepts/architecture/nodes/#addresses
[2] https://github.com/rancher/rke/blob/master/k8s/node.go#L18

Issue-ID: SECCOM-261
Change-Id: Ifd094447f778da378dfe1aee765f552b6ebd669f
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>

1 files changed, 13 insertions, 0 deletions

diff --git a/test/security/sslendpoints/main.go b/test/security/sslendpoints/main.go
index 44f250940..68d11b361 100644
--- a/test/security/sslendpoints/main.go
+++ b/test/security/sslendpoints/main.go
@@ -34,6 +34,19 @@ func main() {
 		log.Panicf("Unable to build client: %v", err)
 	}
 
+	// get list of nodes to extract addresses for running scan
+	nodes, err := clientset.CoreV1().Nodes().List(metav1.ListOptions{})
+	if err != nil {
+		log.Panicf("Unable to get list of nodes: %v", err)
+	}
+
+	// filter out addresses for running scan
+	addresses, ok := ports.FilterIPAddresses(nodes)
+	if !ok {
+		log.Println("There are no IP addresses to run scan")
+		os.Exit(0)
+	}
+
 	// get list of services to extract nodeport information
 	services, err := clientset.CoreV1().Services("").List(metav1.ListOptions{})
 	if err != nil {