Restricts service check for type=LoadBalancer only

Service of type=LoadBalancer are the only where TLS/SSL annotations make sense. This patch avoids false-negatives for services of other ttypes.

hardeneks/namespace_based/security/network_security.py

@@ -13,7 +13,7 @@ def check(self, namespaced_resources: NamespacedResources):
         offenders = []
         for service in namespaced_resources.services:
             annotations = service.metadata.annotations
-            if annotations:
+            if service.spec.type == 'LoadBalancer' and annotations:
                 ssl_cert = (
                     "service.beta.kubernetes.io/aws-load-balancer-ssl-cert"
                     in annotations