Add namespace filtering to SSL endpoints check

Utility "sslendpoints" now supports scanning only selected Kubernetes
cluster namespace. To do so, add "-namespace" flag with namespace of
your choice as its argument to the executed command.

Default behavior remained unchanged, i.e. scan covers all namespaces.

Issue-ID: INT-1582
Change-Id: If5534b76bca94248a5003d735c25328648e478a1
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>

1 files changed, 8 insertions, 1 deletions

diff --git a/test/security/sslendpoints/main.go b/test/security/sslendpoints/main.go
index 331979e38..ce5948cc5 100644
--- a/test/security/sslendpoints/main.go
+++ b/test/security/sslendpoints/main.go
@@ -28,6 +28,7 @@ const (
 
 var (
 	kubeconfig *string
+	namespace  *string
 	xfailName  *string
 )
 
@@ -37,9 +38,15 @@ func main() {
 	} else {
 		kubeconfig = flag.String("kubeconfig", "", "absolute path to the kubeconfig file")
 	}
+	namespace = flag.String("namespace", "", "(optional) name of specific namespace to scan")
 	xfailName = flag.String("xfail", "", "(optional) absolute path to the expected failures file")
 	flag.Parse()
 
+	var listOptions metav1.ListOptions
+	if *namespace != "" {
+		listOptions = metav1.ListOptions{FieldSelector: "metadata.namespace=" + *namespace}
+	}
+
 	xfails := make(map[uint16]string)
 	if *xfailName != "" {
 		xfailFile, err := os.Open(*xfailName)
@@ -94,7 +101,7 @@ func main() {
 	}
 
 	// get list of services to extract nodeport information
-	services, err := clientset.CoreV1().Services("").List(metav1.ListOptions{})
+	services, err := clientset.CoreV1().Services("").List(listOptions)
 	if err != nil {
 		log.Panicf("Unable to get list of services: %v", err)
 	}