deep-stack/kompose
7
0
Fork 0
forked from LaconicNetwork/kompose
Code Pull Requests Activity

fix: expose container to host only with labels (#1880)

Browse Source 
Signed-off-by: ahmed.g <ahmed.g@adjoe.io>
Signed-off-by: TessaIO <ahmedgrati1999@gmail.com>
This commit is contained in:
TessaIO 2024-05-29 22:05:04 +02:00 committed by GitHub
parent 29f6765fc6
commit 3bf98301f7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
52 changed files with 19 additions and 163 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/user-guide.md
View File

@ -181,6 +181,7 @@ The currently supported options are:
| Key | Value |
|-----------------------------------------------------|--------------------------------------------------------------------------------------|
| kompose.controller.port.expose | defines whether to expose container to host or not (It has security concerns, not recommended) |
| kompose.service.type | nodeport / clusterip / loadbalancer / headless |
| kompose.service.group | name to group the containers contained in a single pod |
| kompose.service.expose | true / hostnames (separated by comma) |

1
pkg/kobject/kobject.go
View File

@ -142,6 +142,7 @@ type ServiceConfig struct {
StopGracePeriod string `compose:"stop_grace_period"`
Build string `compose:"build"`
BuildArgs map[string]*string `compose:"build-args"`
ExposeContainerToHost bool `compose:"kompose.controller.port.expose"`
ExposeService string `compose:"kompose.service.expose"`
ExposeServicePath string `compose:"kompose.service.expose.path"`
BuildLabels map[string]string `compose:"build-labels"`

2
pkg/loader/compose/compose.go
View File

@ -759,6 +759,8 @@ func parseKomposeLabels(labels map[string]string, serviceConfig *kobject.Service
serviceConfig.ServiceExternalTrafficPolicy = serviceExternalTypeTrafficPolicy
case LabelSecurityContextFsGroup:
serviceConfig.FsGroup = cast.ToInt64(value)
case LabelExposeContainerToHost:
serviceConfig.ExposeContainerToHost = cast.ToBool(value)
case LabelServiceExpose:
serviceConfig.ExposeService = strings.Trim(value, " ,")
case LabelNodePortPort:

2
pkg/loader/compose/utils.go
View File

@ -104,6 +104,8 @@ const (
LabelHpaMemory = "kompose.hpa.memory"
// LabelNameOverride defines the override resource name
LabelNameOverride = "kompose.service.name_override"
// LabelExposeContainerToHost defines whether to expose container to host or not using hostPort
LabelExposeContainerToHost = "kompose.controller.port.expose"
)
// load environment variables from compose file

7
pkg/transformer/kubernetes/kubernetes.go
View File

@ -654,10 +654,13 @@ func ConfigPorts(service kobject.ServiceConfig) []api.ContainerPort {
}
containerPort := api.ContainerPort{
ContainerPort: port.ContainerPort,
HostIP: port.HostIP,
HostPort: port.HostPort,
Protocol: api.Protocol(port.Protocol),
}
if service.ExposeContainerToHost {
containerPort.HostIP = port.HostIP
containerPort.HostPort = port.HostPort
}
ports = append(ports, containerPort)
exist[port.ID()] = true
}

9
pkg/transformer/kubernetes/kubernetes_test.go
View File

@ -88,10 +88,11 @@ func newKomposeObject() kobject.KomposeObject {
func newKomposeObjectHostPortProtocolConfig() kobject.ServiceConfig {
return kobject.ServiceConfig{
Name: "nginx",
ContainerName: "nginx",
Image: "nginx",
Port: []kobject.Ports{{HostPort: 80, Protocol: string(api.ProtocolTCP), ContainerPort: 80}},
Name: "nginx",
ContainerName: "nginx",
Image: "nginx",
Port: []kobject.Ports{{HostPort: 80, Protocol: string(api.ProtocolTCP), ContainerPort: 80}},
ExposeContainerToHost: true,
}
}

1
script/test/fixtures/change-in-volume/output-k8s-empty-vols-template.yaml vendored
View File

@ -80,7 +80,6 @@ spec:
name: web
ports:
- containerPort: 5000
hostPort: 5000
protocol: TCP
volumeMounts:
- mountPath: /code

1
script/test/fixtures/change-in-volume/output-k8s.yaml vendored
View File

@ -80,7 +80,6 @@ spec:
name: web
ports:
- containerPort: 5000
hostPort: 5000
protocol: TCP
volumeMounts:
- mountPath: /code

1
script/test/fixtures/change-in-volume/output-os-empty-vols-template.yaml vendored
View File

@ -107,7 +107,6 @@ spec:
name: web
ports:
- containerPort: 5000
hostPort: 5000
protocol: TCP
volumeMounts:
- mountPath: /code

1
script/test/fixtures/change-in-volume/output-os.yaml vendored
View File

@ -107,7 +107,6 @@ spec:
name: web
ports:
- containerPort: 5000
hostPort: 5000
protocol: TCP
volumeMounts:
- mountPath: /code

1
script/test/fixtures/compose-env-interpolation/output-k8s.yaml vendored
View File

@ -37,7 +37,6 @@ spec:
name: foo
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always

2
script/test/fixtures/compose-file-env-variable/output-k8s.yaml vendored
View File

@ -51,7 +51,6 @@ spec:
name: alpine
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always
@ -78,7 +77,6 @@ spec:
name: debian
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always

1
script/test/fixtures/compose-file-support/output-k8s.yaml vendored
View File

@ -37,7 +37,6 @@ spec:
name: web
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always

2
script/test/fixtures/configmap-file-configs/output-k8s-1.yaml vendored
View File

@ -45,10 +45,8 @@ spec:
name: busy
ports:
- containerPort: 8080
hostPort: 8081
protocol: TCP
- containerPort: 8025
hostPort: 8026
protocol: TCP
volumeMounts:
- mountPath: /certs

2
script/test/fixtures/configmap-file-configs/output-k8s-2.yaml vendored
View File

@ -45,10 +45,8 @@ spec:
name: busy
ports:
- containerPort: 8080
hostPort: 8081
protocol: TCP
- containerPort: 8025
hostPort: 8026
protocol: TCP
volumeMounts:
- mountPath: /certs

2
script/test/fixtures/configmap-file-configs/output-k8s-3.yaml vendored
View File

@ -41,9 +41,7 @@ spec:
name: busy
ports:
- containerPort: 8080
hostPort: 8081
protocol: TCP
- containerPort: 8025
hostPort: 8026
protocol: TCP
restartPolicy: Always

2
script/test/fixtures/configmap-file-configs/output-os-1.yaml vendored
View File

@ -44,10 +44,8 @@ spec:
name: busy
ports:
- containerPort: 8080
hostPort: 8081
protocol: TCP
- containerPort: 8025
hostPort: 8026
protocol: TCP
volumeMounts:
- mountPath: /certs

2
script/test/fixtures/configmap-file-configs/output-os-2.yaml vendored
View File

@ -44,10 +44,8 @@ spec:
name: busy
ports:
- containerPort: 8080
hostPort: 8081
protocol: TCP
- containerPort: 8025
hostPort: 8026
protocol: TCP
volumeMounts:
- mountPath: /certs

2
script/test/fixtures/configmap-file-configs/output-os-3.yaml vendored
View File

@ -40,10 +40,8 @@ spec:
name: busy
ports:
- containerPort: 8080
hostPort: 8081
protocol: TCP
- containerPort: 8025
hostPort: 8026
protocol: TCP
restartPolicy: Always
test: false

1
script/test/fixtures/configmap-pod/output-k8s.yaml vendored
View File

@ -44,7 +44,6 @@ spec:
name: redis
ports:
- containerPort: 6379
hostPort: 6379
protocol: TCP
restartPolicy: Never

1
script/test/fixtures/configmap-pod/output-os.yaml vendored
View File

@ -44,7 +44,6 @@ spec:
name: redis
ports:
- containerPort: 6379
hostPort: 6379
protocol: TCP
restartPolicy: Never

4
script/test/fixtures/env-multiple/output-k8s.yaml vendored
View File

@ -70,10 +70,8 @@ spec:
name: another-namenode
ports:
- containerPort: 50070
hostPort: 50070
protocol: TCP
- containerPort: 8020
hostPort: 8020
protocol: TCP
resources: {}
restartPolicy: Always
@ -135,10 +133,8 @@ spec:
name: namenode
ports:
- containerPort: 50070
hostPort: 50070
protocol: TCP
- containerPort: 8020
hostPort: 8020
protocol: TCP
resources: {}
restartPolicy: Always

4
script/test/fixtures/env-multiple/output-os.yaml vendored
View File

@ -92,10 +92,8 @@ spec:
name: another-namenode
ports:
- containerPort: 50070
hostPort: 50070
protocol: TCP
- containerPort: 8020
hostPort: 8020
protocol: TCP
resources: {}
restartPolicy: Always
@ -169,10 +167,8 @@ spec:
name: namenode
ports:
- containerPort: 50070
hostPort: 50070
protocol: TCP
- containerPort: 8020
hostPort: 8020
protocol: TCP
resources: {}
restartPolicy: Always

4
script/test/fixtures/env/output-k8s.yaml vendored
View File

@ -68,10 +68,8 @@ spec:
name: another-namenode
ports:
- containerPort: 50070
hostPort: 50070
protocol: TCP
- containerPort: 8020
hostPort: 8020
protocol: TCP
restartPolicy: Always
@ -123,10 +121,8 @@ spec:
name: namenode
ports:
- containerPort: 50070
hostPort: 50070
protocol: TCP
- containerPort: 8020
hostPort: 8020
protocol: TCP
restartPolicy: Always

4
script/test/fixtures/env/output-os.yaml vendored
View File

@ -78,10 +78,8 @@ spec:
name: another-namenode
ports:
- containerPort: 50070
hostPort: 50070
protocol: TCP
- containerPort: 8020
hostPort: 8020
protocol: TCP
restartPolicy: Always
test: false
@ -149,10 +147,8 @@ spec:
name: namenode
ports:
- containerPort: 50070
hostPort: 50070
protocol: TCP
- containerPort: 8020
hostPort: 8020
protocol: TCP
restartPolicy: Always
test: false

1
script/test/fixtures/envvars-with-status/output-k8s.yaml vendored
View File

@ -45,6 +45,5 @@ spec:
name: app
ports:
- containerPort: 3000
hostPort: 3000
protocol: TCP
restartPolicy: Always

1
script/test/fixtures/envvars-with-status/output-os.yaml vendored
View File

@ -44,7 +44,6 @@ spec:
name: app
ports:
- containerPort: 3000
hostPort: 3000
protocol: TCP
restartPolicy: Always
test: false

1
script/test/fixtures/expose/output-k8s.yaml vendored
View File

@ -77,7 +77,6 @@ spec:
name: web
ports:
- containerPort: 5000
hostPort: 5000
protocol: TCP
restartPolicy: Always

1
script/test/fixtures/expose/output-os.yaml vendored
View File

@ -104,7 +104,6 @@ spec:
name: web
ports:
- containerPort: 5000
hostPort: 5000
protocol: TCP
restartPolicy: Always
test: false

1
script/test/fixtures/external-traffic-policy/output-k8s-v1.yaml vendored
View File

@ -41,7 +41,6 @@ spec:
name: front-end
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always

1
script/test/fixtures/external-traffic-policy/output-k8s-v2.yaml vendored
View File

@ -41,7 +41,6 @@ spec:
name: front-end
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always

1
script/test/fixtures/external-traffic-policy/output-os-v1.yaml vendored
View File

@ -40,7 +40,6 @@ spec:
name: front-end
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always
test: false

1
script/test/fixtures/external-traffic-policy/output-os-v2.yaml vendored
View File

@ -40,7 +40,6 @@ spec:
name: front-end
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always
test: false

2
script/test/fixtures/host-port-protocol/compose.yaml vendored
View File

@ -2,6 +2,8 @@ version: "3.3"
services:
nginx:
labels:
kompose.container.kompose.controller.port.expose: true
ports:
- target: 80
published: 80

3
script/test/fixtures/host-port-protocol/output-k8s.yaml vendored
View File

@ -13,7 +13,6 @@ spec:
selector:
io.kompose.service: nginx
---
apiVersion: apps/v1
kind: Deployment
@ -37,8 +36,6 @@ spec:
name: nginx
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always

1
script/test/fixtures/host-port-protocol/output-os.yaml vendored
View File

@ -35,7 +35,6 @@ spec:
name: nginx
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always
test: false

1
script/test/fixtures/namespace/output-k8s.yaml vendored
View File

@ -47,7 +47,6 @@ spec:
name: web
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always

1
script/test/fixtures/namespace/output-os.yaml vendored
View File

@ -44,7 +44,6 @@ spec:
name: web
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always
test: false

3
script/test/fixtures/network-mode-service/output-k8s.yaml vendored
View File

@ -39,11 +39,10 @@ spec:
name: threats-client
ports:
- containerPort: 8080
hostPort: 8080
protocol: TCP
- args:
- sleep
- infinity
image: busybox
name: threats-server
restartPolicy: Always
restartPolicy: Always

1
script/test/fixtures/network-policies/output-k8s.yaml vendored
View File

@ -37,7 +37,6 @@ spec:
name: nginx
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always

1
script/test/fixtures/read-only/output-k8s.yaml vendored
View File

@ -37,7 +37,6 @@ spec:
name: test
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
securityContext:
readOnlyRootFilesystem: true

1
script/test/fixtures/read-only/output-os.yaml vendored
View File

@ -35,7 +35,6 @@ spec:
name: test
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
securityContext:
readOnlyRootFilesystem: true

1
script/test/fixtures/resources-lowercase/output-k8s.yaml vendored
View File

@ -36,7 +36,6 @@ spec:
name: nginx
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always

1
script/test/fixtures/resources-lowercase/output-os.yaml vendored
View File

@ -35,7 +35,6 @@ spec:
name: nginx
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always
test: false

1
script/test/fixtures/service-group/output-k8s.yaml vendored
View File

@ -48,7 +48,6 @@ spec:
name: librenms
ports:
- containerPort: 8000
hostPort: 8000
protocol: TCP
volumeMounts:
- mountPath: /data

1
script/test/fixtures/single-file-output/output-k8s.yaml vendored
View File

@ -39,7 +39,6 @@ spec:
name: front-end
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
restartPolicy: Always

2
script/test/fixtures/statefulset/output-k8s.yaml vendored
View File

@ -67,7 +67,6 @@ spec:
name: db
ports:
- containerPort: 3306
hostPort: 3306
protocol: TCP
volumeMounts:
- mountPath: /var/lib/mysql
@ -118,7 +117,6 @@ spec:
name: wordpress
ports:
- containerPort: 80
hostPort: 8000
protocol: TCP
volumeMounts:
- mountPath: /var/www/html

4
script/test/fixtures/statefulset/output-os.yaml vendored
View File

@ -63,7 +63,6 @@ spec:
name: db
ports:
- containerPort: 3306
hostPort: 3306
protocol: TCP
volumeMounts:
- mountPath: /var/lib/mysql
@ -114,7 +113,6 @@ spec:
name: db
ports:
- containerPort: 3306
hostPort: 3306
protocol: TCP
volumeMounts:
- mountPath: /var/lib/mysql
@ -185,7 +183,6 @@ spec:
name: wordpress
ports:
- containerPort: 80
hostPort: 8000
protocol: TCP
volumeMounts:
- mountPath: /var/www/html
@ -236,7 +233,6 @@ spec:
name: wordpress
ports:
- containerPort: 80
hostPort: 8000
protocol: TCP
volumeMounts:
- mountPath: /var/www/html

40
script/test/fixtures/v2/output-k8s.yaml vendored
View File

@ -17,9 +17,6 @@ spec:
- name: "3000"
port: 3000
targetPort: 3000
- name: 3000-tcp
port: 3000
targetPort: 3000
- name: "3001"
port: 3001
targetPort: 3001
@ -90,8 +87,6 @@ spec:
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.service.type: loadbalancer
labels:
io.kompose.service: redis-tcp
name: redis-tcp
@ -108,8 +103,6 @@ spec:
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.service.type: loadbalancer
labels:
io.kompose.service: redis-udp
name: redis-udp
@ -156,64 +149,36 @@ spec:
- containerPort: 3005
protocol: TCP
- containerPort: 8000
hostPort: 8000
protocol: TCP
- containerPort: 8080
hostPort: 9090
protocol: TCP
- containerPort: 8081
hostPort: 9091
protocol: TCP
- containerPort: 22
hostPort: 49100
protocol: TCP
- containerPort: 8001
hostIP: 127.0.0.1
hostPort: 8001
protocol: TCP
- containerPort: 5000
hostIP: 127.0.0.1
hostPort: 5000
protocol: TCP
- containerPort: 5001
hostIP: 127.0.0.1
hostPort: 5001
protocol: TCP
- containerPort: 5002
hostIP: 127.0.0.1
hostPort: 5002
protocol: TCP
- containerPort: 5003
hostIP: 127.0.0.1
hostPort: 5003
protocol: TCP
- containerPort: 5004
hostIP: 127.0.0.1
hostPort: 5004
protocol: TCP
- containerPort: 5005
hostIP: 127.0.0.1
hostPort: 5005
protocol: TCP
- containerPort: 5006
hostIP: 127.0.0.1
hostPort: 5006
protocol: TCP
- containerPort: 5007
hostIP: 127.0.0.1
hostPort: 5007
protocol: TCP
- containerPort: 5008
hostIP: 127.0.0.1
hostPort: 5008
protocol: TCP
- containerPort: 5009
hostIP: 127.0.0.1
hostPort: 5009
protocol: TCP
- containerPort: 5010
hostIP: 127.0.0.1
hostPort: 5010
protocol: TCP
resources:
limits:
@ -227,8 +192,6 @@ spec:
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
kompose.service.type: loadbalancer
labels:
io.kompose.service: redis
name: redis
@ -239,8 +202,6 @@ spec:
io.kompose.service: redis
template:
metadata:
annotations:
kompose.service.type: loadbalancer
labels:
io.kompose.network/v2-default: "true"
io.kompose.service: redis
@ -252,7 +213,6 @@ spec:
- containerPort: 6379
protocol: TCP
- containerPort: 1235
hostPort: 1234
protocol: UDP
resources:
limits:

38
script/test/fixtures/v2/output-os.yaml vendored
View File

@ -17,9 +17,6 @@ spec:
- name: "3000"
port: 3000
targetPort: 3000
- name: 3000-tcp
port: 3000
targetPort: 3000
- name: "3001"
port: 3001
targetPort: 3001
@ -90,8 +87,6 @@ spec:
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.service.type: loadbalancer
labels:
io.kompose.service: redis-tcp
name: redis-tcp
@ -108,8 +103,6 @@ spec:
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.service.type: loadbalancer
labels:
io.kompose.service: redis-udp
name: redis-udp
@ -156,64 +149,36 @@ spec:
- containerPort: 3005
protocol: TCP
- containerPort: 8000
hostPort: 8000
protocol: TCP
- containerPort: 8080
hostPort: 9090
protocol: TCP
- containerPort: 8081
hostPort: 9091
protocol: TCP
- containerPort: 22
hostPort: 49100
protocol: TCP
- containerPort: 8001
hostIP: 127.0.0.1
hostPort: 8001
protocol: TCP
- containerPort: 5000
hostIP: 127.0.0.1
hostPort: 5000
protocol: TCP
- containerPort: 5001
hostIP: 127.0.0.1
hostPort: 5001
protocol: TCP
- containerPort: 5002
hostIP: 127.0.0.1
hostPort: 5002
protocol: TCP
- containerPort: 5003
hostIP: 127.0.0.1
hostPort: 5003
protocol: TCP
- containerPort: 5004
hostIP: 127.0.0.1
hostPort: 5004
protocol: TCP
- containerPort: 5005
hostIP: 127.0.0.1
hostPort: 5005
protocol: TCP
- containerPort: 5006
hostIP: 127.0.0.1
hostPort: 5006
protocol: TCP
- containerPort: 5007
hostIP: 127.0.0.1
hostPort: 5007
protocol: TCP
- containerPort: 5008
hostIP: 127.0.0.1
hostPort: 5008
protocol: TCP
- containerPort: 5009
hostIP: 127.0.0.1
hostPort: 5009
protocol: TCP
- containerPort: 5010
hostIP: 127.0.0.1
hostPort: 5010
protocol: TCP
resources:
limits:
@ -227,8 +192,6 @@ spec:
apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
annotations:
kompose.service.type: loadbalancer
labels:
io.kompose.service: redis
name: redis
@ -249,7 +212,6 @@ spec:
- containerPort: 6379
protocol: TCP
- containerPort: 1235
hostPort: 1234
protocol: UDP
resources:
limits:

6
script/test/fixtures/v3.0/output-k8s.yaml vendored
View File

@ -2,8 +2,6 @@
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.service.type: headless
labels:
io.kompose.service: redis
name: redis
@ -49,8 +47,6 @@ spec:
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
kompose.service.type: headless
labels:
io.kompose.service: redis
name: redis
@ -61,8 +57,6 @@ spec:
io.kompose.service: redis
template:
metadata:
annotations:
kompose.service.type: headless
labels:
io.kompose.network/v30-default: "true"
io.kompose.service: redis

6
script/test/fixtures/v3.0/output-os.yaml vendored
View File

@ -2,8 +2,6 @@
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.service.type: headless
labels:
io.kompose.service: redis
name: redis
@ -27,8 +25,6 @@ spec:
replicas: 1
selector:
io.kompose.service: foo
strategy:
resources: {}
template:
metadata:
labels:
@ -79,8 +75,6 @@ spec:
apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
annotations:
kompose.service.type: headless
labels:
io.kompose.service: redis
name: redis