7 files changed, 30 insertions, 14 deletions
diff --git a/pkg/specgen/generate/container.go b/pkg/specgen/generate/container.go
index c7e62d185..42fea0277 100644
--- a/pkg/specgen/generate/container.go
+++ b/pkg/specgen/generate/container.go
@@ -163,7 +163,7 @@ func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerat
 			return nil, err
 		}
 
-		// labels from the image that dont exist already
+		// labels from the image that don't exist already
 		if len(labels) > 0 && s.Labels == nil {
 			s.Labels = make(map[string]string)
 		}
diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go
index 5cc7891ac..b5956029e 100644
--- a/pkg/specgen/generate/kube/kube.go
+++ b/pkg/specgen/generate/kube/kube.go
@@ -30,7 +30,7 @@ func ToPodGen(ctx context.Context, podName string, podYAML *v1.PodTemplateSpec)
 		p.Hostname = podName
 	}
 	if podYAML.Spec.HostNetwork {
-		p.NetNS.Value = "host"
+		p.NetNS.NSMode = specgen.Host
 	}
 	if podYAML.Spec.HostAliases != nil {
 		hosts := make([]string, 0, len(podYAML.Spec.HostAliases))
@@ -47,7 +47,7 @@ func ToPodGen(ctx context.Context, podName string, podYAML *v1.PodTemplateSpec)
 	return p, nil
 }
 
-func ToSpecGen(ctx context.Context, containerYAML v1.Container, iid string, newImage *image.Image, volumes map[string]*KubeVolume, podID, podName, infraID string, configMaps []v1.ConfigMap, seccompPaths *KubeSeccompPaths, restartPolicy string) (*specgen.SpecGenerator, error) {
+func ToSpecGen(ctx context.Context, containerYAML v1.Container, iid string, newImage *image.Image, volumes map[string]*KubeVolume, podID, podName, infraID string, configMaps []v1.ConfigMap, seccompPaths *KubeSeccompPaths, restartPolicy string, hostNet bool) (*specgen.SpecGenerator, error) {
 	s := specgen.NewSpecGenerator(iid, false)
 
 	// podName should be non-empty for Deployment objects to be able to create
@@ -104,7 +104,7 @@ func ToSpecGen(ctx context.Context, containerYAML v1.Container, iid string, newI
 		s.ResourceLimits.Memory.Reservation = &memoryRes
 	}
 
-	// TODO: We dont understand why specgen does not take of this, but
+	// TODO: We don't understand why specgen does not take of this, but
 	// integration tests clearly pointed out that it was required.
 	s.Command = []string{}
 	imageData, err := newImage.Inspect(ctx)
@@ -112,11 +112,18 @@ func ToSpecGen(ctx context.Context, containerYAML v1.Container, iid string, newI
 		return nil, err
 	}
 	s.WorkDir = "/"
+	// We will use "Docker field name" internally here to avoid confusion
+	// and reference the "Kubernetes field name" when referencing the YAML
+	// ref: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes
+	entrypoint := []string{}
+	cmd := []string{}
 	if imageData != nil && imageData.Config != nil {
 		if imageData.Config.WorkingDir != "" {
 			s.WorkDir = imageData.Config.WorkingDir
 		}
-		s.Command = imageData.Config.Entrypoint
+		// Pull entrypoint and cmd from image
+		entrypoint = imageData.Config.Entrypoint
+		cmd = imageData.Config.Cmd
 		s.Labels = imageData.Config.Labels
 		if len(imageData.Config.StopSignal) > 0 {
 			stopSignal, err := util.ParseSignal(imageData.Config.StopSignal)
@@ -126,13 +133,18 @@ func ToSpecGen(ctx context.Context, containerYAML v1.Container, iid string, newI
 			s.StopSignal = &stopSignal
 		}
 	}
+	// If only the yaml.Command is specified, set it as the entrypoint and drop the image Cmd
 	if len(containerYAML.Command) != 0 {
-		s.Command = containerYAML.Command
+		entrypoint = containerYAML.Command
+		cmd = []string{}
 	}
-	// doc https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes
+	// Only override the cmd field if yaml.Args is specified
+	// Keep the image entrypoint, or the yaml.command if specified
 	if len(containerYAML.Args) != 0 {
-		s.Command = append(s.Command, containerYAML.Args...)
+		cmd = containerYAML.Args
 	}
+
+	s.Command = append(entrypoint, cmd...)
 	// FIXME,
 	// we are currently ignoring imageData.Config.ExposedPorts
 	if containerYAML.WorkingDir != "" {
@@ -202,6 +214,10 @@ func ToSpecGen(ctx context.Context, containerYAML v1.Container, iid string, newI
 
 	s.RestartPolicy = restartPolicy
 
+	if hostNet {
+		s.NetNS.NSMode = specgen.Host
+	}
+
 	return s, nil
 }
 
diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go
index c24dcf4c0..ba68de6fd 100644
--- a/pkg/specgen/generate/oci.go
+++ b/pkg/specgen/generate/oci.go
@@ -319,7 +319,7 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
 	}
 
 	// BIND MOUNTS
-	configSpec.Mounts = SupercedeUserMounts(mounts, configSpec.Mounts)
+	configSpec.Mounts = SupersedeUserMounts(mounts, configSpec.Mounts)
 	// Process mounts to ensure correct options
 	if err := InitFSMounts(configSpec.Mounts); err != nil {
 		return nil, err
diff --git a/pkg/specgen/generate/security.go b/pkg/specgen/generate/security.go
index 56947ff24..0c97dc496 100644
--- a/pkg/specgen/generate/security.go
+++ b/pkg/specgen/generate/security.go
@@ -115,7 +115,7 @@ func securityConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator,
 			if err != nil {
 				return errors.Wrapf(err, "capabilities requested by user or image are not valid: %q", strings.Join(capsRequired, ","))
 			} else {
-				// Verify all capRequiered are in the capList
+				// Verify all capRequired are in the capList
 				for _, cap := range capsRequired {
 					if !util.StringInSlice(cap, caplist) {
 						privCapsRequired = append(privCapsRequired, cap)
diff --git a/pkg/specgen/generate/storage.go b/pkg/specgen/generate/storage.go
index 331a5c5bf..f523ac5bf 100644
--- a/pkg/specgen/generate/storage.go
+++ b/pkg/specgen/generate/storage.go
@@ -366,7 +366,7 @@ func addContainerInitBinary(s *specgen.SpecGenerator, path string) (spec.Mount,
 // TODO: Should we unmount subtree mounts? E.g., if /tmp/ is mounted by
 // one mount, and we already have /tmp/a and /tmp/b, should we remove
 // the /tmp/a and /tmp/b mounts in favor of the more general /tmp?
-func SupercedeUserMounts(mounts []spec.Mount, configMount []spec.Mount) []spec.Mount {
+func SupersedeUserMounts(mounts []spec.Mount, configMount []spec.Mount) []spec.Mount {
 	if len(mounts) > 0 {
 		// If we have overlappings mounts, remove them from the spec in favor of
 		// the user-added volume mounts
diff --git a/pkg/specgen/pod_validate.go b/pkg/specgen/pod_validate.go
index a6c61a203..7c81f3f9f 100644
--- a/pkg/specgen/pod_validate.go
+++ b/pkg/specgen/pod_validate.go
@@ -48,7 +48,7 @@ func (p *PodSpecGenerator) Validate() error {
 	}
 	if p.NoInfra {
 		if p.NetNS.NSMode != Default && p.NetNS.NSMode != "" {
-			return errors.New("NoInfra and network modes cannot be used toegther")
+			return errors.New("NoInfra and network modes cannot be used together")
 		}
 		if p.StaticIP != nil {
 			return exclusivePodOptions("NoInfra", "StaticIP")
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index 964b89fa4..a6cc0a730 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -19,7 +19,7 @@ type LogConfig struct {
 	// Only available if LogDriver is set to "json-file" or "k8s-file".
 	// Optional.
 	Path string `json:"path,omitempty"`
-	// Size is the maximimup size of the log file
+	// Size is the maximum size of the log file
 	// Optional.
 	Size int64 `json:"size,omitempty"`
 	// A set of options to accompany the log driver.
@@ -302,7 +302,7 @@ type ContainerSecurityConfig struct {
 	IDMappings *storage.IDMappingOptions `json:"idmappings,omitempty"`
 	// ReadOnlyFilesystem indicates that everything will be mounted
 	// as read-only
-	ReadOnlyFilesystem bool `json:"read_only_filesystem,omittempty"`
+	ReadOnlyFilesystem bool `json:"read_only_filesystem,omitempty"`
 	// Umask is the umask the init process of the container will be run with.
 	Umask string `json:"umask,omitempty"`
 	// ProcOpts are the options used for the proc mount.