summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2021-11-21 18:45:07 +0100
committerGitHub <noreply@github.com>2021-11-21 18:45:07 +0100
commit2f6cdd353f50e6c26b34f0b1bff028e8393d2580 (patch)
tree473c73e16b14752f3c205d4182400a51b902f128
parenta6976c9ca8346331001dfade295173ad1482c2f6 (diff)
parentd173ebc067e912a1f0d272fab19fa0b3db4d4c05 (diff)
downloadpodman-2f6cdd353f50e6c26b34f0b1bff028e8393d2580.tar.gz
podman-2f6cdd353f50e6c26b34f0b1bff028e8393d2580.tar.bz2
podman-2f6cdd353f50e6c26b34f0b1bff028e8393d2580.zip
Merge pull request #12305 from colinbendell/add-expose-port-range
Support EXPOSE with port ranges
-rw-r--r--pkg/specgen/generate/ports.go36
-rw-r--r--pkg/specgenutil/specgen.go2
-rw-r--r--pkg/specgenutil/util.go4
-rw-r--r--test/e2e/run_networking_test.go36
4 files changed, 48 insertions, 30 deletions
diff --git a/pkg/specgen/generate/ports.go b/pkg/specgen/generate/ports.go
index 53a5e5697..b60cc1e98 100644
--- a/pkg/specgen/generate/ports.go
+++ b/pkg/specgen/generate/ports.go
@@ -5,7 +5,6 @@ import (
"fmt"
"net"
"sort"
- "strconv"
"strings"
"github.com/containers/common/libimage"
@@ -13,6 +12,7 @@ import (
"github.com/containers/podman/v3/utils"
"github.com/containers/podman/v3/pkg/specgen"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/containers/podman/v3/pkg/util"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
@@ -410,31 +410,13 @@ func checkProtocol(protocol string, allowSCTP bool) ([]string, error) {
}
func GenExposedPorts(exposedPorts map[string]struct{}) (map[uint16]string, error) {
- expose := make(map[uint16]string, len(exposedPorts))
- for imgExpose := range exposedPorts {
- // Expose format is portNumber[/protocol]
- splitExpose := strings.SplitN(imgExpose, "/", 2)
- num, err := strconv.Atoi(splitExpose[0])
- if err != nil {
- return nil, errors.Wrapf(err, "unable to convert image EXPOSE statement %q to port number", imgExpose)
- }
- if num > 65535 || num < 1 {
- return nil, errors.Errorf("%d from image EXPOSE statement %q is not a valid port number", num, imgExpose)
- }
-
- // No need to validate protocol, we'll do it later.
- newProto := "tcp"
- if len(splitExpose) == 2 {
- newProto = splitExpose[1]
- }
-
- proto := expose[uint16(num)]
- if len(proto) > 1 {
- proto = proto + "," + newProto
- } else {
- proto = newProto
- }
- expose[uint16(num)] = proto
+ expose := make([]string, 0, len(exposedPorts))
+ for e := range exposedPorts {
+ expose = append(expose, e)
+ }
+ toReturn, err := specgenutil.CreateExpose(expose)
+ if err != nil {
+ return nil, errors.Wrapf(err, "unable to convert image EXPOSE")
}
- return expose, nil
+ return toReturn, nil
}
diff --git a/pkg/specgenutil/specgen.go b/pkg/specgenutil/specgen.go
index c110b9e97..7a572e730 100644
--- a/pkg/specgenutil/specgen.go
+++ b/pkg/specgenutil/specgen.go
@@ -314,7 +314,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions
s.Pod = podID
}
- expose, err := createExpose(c.Expose)
+ expose, err := CreateExpose(c.Expose)
if err != nil {
return err
}
diff --git a/pkg/specgenutil/util.go b/pkg/specgenutil/util.go
index b47082b7f..534374e71 100644
--- a/pkg/specgenutil/util.go
+++ b/pkg/specgenutil/util.go
@@ -53,11 +53,11 @@ func ParseFilters(filter []string) (map[string][]string, error) {
return filters, nil
}
-// createExpose parses user-provided exposed port definitions and converts them
+// CreateExpose parses user-provided exposed port definitions and converts them
// into SpecGen format.
// TODO: The SpecGen format should really handle ranges more sanely - we could
// be massively inflating what is sent over the wire with a large range.
-func createExpose(expose []string) (map[uint16]string, error) {
+func CreateExpose(expose []string) (map[uint16]string, error) {
toReturn := make(map[uint16]string)
for _, e := range expose {
diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go
index c64cfd2d5..596159fe9 100644
--- a/test/e2e/run_networking_test.go
+++ b/test/e2e/run_networking_test.go
@@ -283,6 +283,42 @@ var _ = Describe("Podman run networking", func() {
Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0].HostIP).To(Equal(""))
})
+ It("podman run --publish-all with EXPOSE port ranges in Dockerfile", func() {
+ // Test port ranges, range with protocol and with an overlapping port
+ podmanTest.AddImageToRWStore(ALPINE)
+ dockerfile := fmt.Sprintf(`FROM %s
+EXPOSE 2002
+EXPOSE 2001-2003
+EXPOSE 2004-2005/tcp`, ALPINE)
+ imageName := "testimg"
+ podmanTest.BuildImage(dockerfile, imageName, "false")
+
+ // Verify that the buildah is just passing through the EXPOSE keys
+ inspect := podmanTest.Podman([]string{"inspect", imageName})
+ inspect.WaitWithDefaultTimeout()
+ image := inspect.InspectImageJSON()
+ Expect(len(image)).To(Equal(1))
+ Expect(len(image[0].Config.ExposedPorts)).To(Equal(3))
+ Expect(image[0].Config.ExposedPorts).To(HaveKey("2002/tcp"))
+ Expect(image[0].Config.ExposedPorts).To(HaveKey("2001-2003/tcp"))
+ Expect(image[0].Config.ExposedPorts).To(HaveKey("2004-2005/tcp"))
+
+ containerName := "testcontainer"
+ session := podmanTest.Podman([]string{"create", "--name", containerName, imageName, "true"})
+ session.WaitWithDefaultTimeout()
+ inspectOut := podmanTest.InspectContainer(containerName)
+ Expect(len(inspectOut)).To(Equal(1))
+
+ // Inspect the network settings with available ports to be mapped to the host
+ // Don't need to verity HostConfig.PortBindings since we used --publish-all
+ Expect(len(inspectOut[0].NetworkSettings.Ports)).To(Equal(5))
+ Expect(inspectOut[0].NetworkSettings.Ports).To(HaveKey("2001/tcp"))
+ Expect(inspectOut[0].NetworkSettings.Ports).To(HaveKey("2002/tcp"))
+ Expect(inspectOut[0].NetworkSettings.Ports).To(HaveKey("2003/tcp"))
+ Expect(inspectOut[0].NetworkSettings.Ports).To(HaveKey("2004/tcp"))
+ Expect(inspectOut[0].NetworkSettings.Ports).To(HaveKey("2005/tcp"))
+ })
+
It("podman run -p 127.0.0.1::8980/udp", func() {
name := "testctr"
session := podmanTest.Podman([]string{"create", "-t", "-p", "127.0.0.1::8980/udp", "--name", name, ALPINE, "/bin/sh"})