diff options
author | 2020-03-12 18:39:03 +0100 | |
---|---|---|
committer | 2020-03-25 13:08:24 +0000 | |
commit | 935f1b85d99c2feb619d4e04dbb52201b79c90e7 (patch) | |
tree | 6aa5b920906d62dd9936b86bc971c4dbc061a33f /test/security/sslendpoints/ports/ports.go | |
parent | c5cf34d49e829e8261cc91451f5bffb1e1b71cf9 (diff) |
Add IP addresses filtering
Each node might be described with 3 types of addresses [1]. Some
providers also use node annotations [2] for assigned addresses.
This patch filters out all IP addresses from nodes list. External IPs
take precedence over internal ones. The first address on the extracted
slice will be later used to run the scan on.
This behaviour could be later modified to e.g. loop over all extracted
IP addresses (if scan fails).
[1] https://kubernetes.io/docs/concepts/architecture/nodes/#addresses
[2] https://github.com/rancher/rke/blob/master/k8s/node.go#L18
Issue-ID: SECCOM-261
Change-Id: Ifd094447f778da378dfe1aee765f552b6ebd669f
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Diffstat (limited to 'test/security/sslendpoints/ports/ports.go')
-rw-r--r-- | test/security/sslendpoints/ports/ports.go | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/test/security/sslendpoints/ports/ports.go b/test/security/sslendpoints/ports/ports.go index 823e07531..a80fb782c 100644 --- a/test/security/sslendpoints/ports/ports.go +++ b/test/security/sslendpoints/ports/ports.go @@ -16,3 +16,20 @@ func FilterNodePorts(services *v1.ServiceList) (map[uint16]string, bool) { } return nodeports, len(nodeports) > 0 } + +// FilterIPAddresses extracts IP addresses from NodeList. +// External IP addresses take precedence over internal ones. +func FilterIPAddresses(nodes *v1.NodeList) ([]string, bool) { + addresses := make([]string, 0) + for _, node := range nodes.Items { + for _, address := range node.Status.Addresses { + switch address.Type { + case "InternalIP": + addresses = append(addresses, address.Address) + case "ExternalIP": + addresses = append([]string{address.Address}, addresses...) + } + } + } + return addresses, len(addresses) > 0 +} |