Sanitize port parsing for pods in play kube

The logic used in parsing the ports to be utilized in a kubenetes api
defined pod did not fully adhere to the kubenetes spec, nor did it map
well to a podman context. This fix sanitizes the input of container
ports to meet the following rules:

- A defined containerPort with no defined hostPort does nothing in a
podman context, or is informational. This is line with [usage in
Kubernetes.](https://github.com/kubernetes/kubernetes/issues/4332)

- A defined hostPort with no defined containerPort acts like a
publish [hostPort]:[hostPort]

- A defined containerPort and defined hostPort works like it does in
kubernetes, as in a publish [hostPort]:[containerPort]

Addresses https://github.com/containers/libpod/issues/5610

Signed-off-by: Tyler Ramer <tyaramer@gmail.com>

1 files changed, 12 insertions, 1 deletions

diff --git a/pkg/adapter/pods.go b/pkg/adapter/pods.go
index 1417bd2b9..102eabd8b 100644
--- a/pkg/adapter/pods.go
+++ b/pkg/adapter/pods.go
@@ -768,6 +768,12 @@ func getPodPorts(containers []v1.Container) []ocicni.PortMapping {
 	var infraPorts []ocicni.PortMapping
 	for _, container := range containers {
 		for _, p := range container.Ports {
+			if p.HostPort != 0 && p.ContainerPort == 0 {
+				p.ContainerPort = p.HostPort
+			}
+			if p.Protocol == "" {
+				p.Protocol = "tcp"
+			}
 			portBinding := ocicni.PortMapping{
 				HostPort:      p.HostPort,
 				ContainerPort: p.ContainerPort,
@@ -776,7 +782,12 @@ func getPodPorts(containers []v1.Container) []ocicni.PortMapping {
 			if p.HostIP != "" {
 				logrus.Debug("HostIP on port bindings is not supported")
 			}
-			infraPorts = append(infraPorts, portBinding)
+			// only hostPort is utilized in podman context, all container ports
+			// are accessible inside the shared network namespace
+			if p.HostPort != 0 {
+				infraPorts = append(infraPorts, portBinding)
+			}
+
 		}
 	}
 	return infraPorts