From 695ab9f01d3a9fea254eaab3a08bd2cb249ed310 Mon Sep 17 00:00:00 2001 From: Krzysztof Opasiak Date: Wed, 24 Apr 2019 23:53:24 +0200 Subject: User first node for port scanning instead of last one It is more obvious to use first node in cluster instead of last one. Additionally in some cases nodes listed in the end may not expose all open ports (like it is in integration lab). Issue-ID: SECCOM-231 Change-Id: I200998b2e7b3a6de9b5f464e59e3b7dbbc0a656c Signed-off-by: Krzysztof Opasiak --- test/security/check_for_http_endpoints.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/security/check_for_http_endpoints.sh b/test/security/check_for_http_endpoints.sh index 19be2accf..37e55da2b 100755 --- a/test/security/check_for_http_endpoints.sh +++ b/test/security/check_for_http_endpoints.sh @@ -47,7 +47,7 @@ SVCS=`awk '{print $2}' <<<"$PORTS_SVCS"` PORT_LIST=`tr "\\n" "," <<<"$PORTS" | sed 's/,$//'; echo ''` # Get IP addres of some cluster node -K8S_NODE=`kubectl describe nodes \`kubectl get nodes | tail -n 1 | awk '{print $1}'\` | grep ExternalIP | awk '{print $2}'` +K8S_NODE=`kubectl describe nodes \`kubectl get nodes | grep -v NAME | head -n 1 | awk '{print $1}'\` | grep ExternalIP | awk '{print $2}'` # perform scan SCAN_RESULT=`nmap $K8S_NODE -sV -p $PORT_LIST 2>/dev/null | grep \tcp` -- cgit 1.2.3-korg