aboutsummaryrefslogtreecommitdiffstats
path: root/test/security/sslendpoints/main.go
diff options
context:
space:
mode:
Diffstat (limited to 'test/security/sslendpoints/main.go')
-rw-r--r--test/security/sslendpoints/main.go27
1 files changed, 10 insertions, 17 deletions
diff --git a/test/security/sslendpoints/main.go b/test/security/sslendpoints/main.go
index 8c136d5c4..38950c4f4 100644
--- a/test/security/sslendpoints/main.go
+++ b/test/security/sslendpoints/main.go
@@ -39,7 +39,7 @@ func main() {
xfailName = flag.String("xfail", "", "(optional) absolute path to the expected failures file")
flag.Parse()
- var xfails [][]string
+ xfails := make(map[uint16]string)
if *xfailName != "" {
xfailFile, err := os.Open(*xfailName)
if err != nil {
@@ -53,11 +53,18 @@ func main() {
r.Comment = xfailComment
r.FieldsPerRecord = xfailFields
- xfails, err = r.ReadAll()
+ xfailData, err := r.ReadAll()
if err != nil {
log.Printf("Unable to read expected failures file: %v", err)
log.Println("All non-SSL NodePorts will be reported")
}
+
+ var ok bool
+ xfails, ok = ports.ConvertNodePorts(xfailData)
+ if !ok {
+ log.Println("No usable data in expected failures file")
+ log.Println("All non-SSL NodePorts will be reported")
+ }
}
// use the current context in kubeconfig
@@ -99,21 +106,7 @@ func main() {
}
// filter out expected failures here before running the scan
- for _, xfail := range xfails {
- port, err := strconv.Atoi(xfail[1])
- if err != nil {
- log.Printf("Unable to parse port expected to fail: %v", err)
- continue
- }
- service, ok := nodeports[uint16(port)]
- if !ok {
- continue
- }
- if service != xfail[0] {
- continue
- }
- delete(nodeports, uint16(port))
- }
+ ports.FilterXFailNodePorts(xfails, nodeports)
// extract ports for running the scan
var ports []string