From d73f060088f13030a0ab4d98ec314a01cd1dba17ea80e05f1b4a9f41dc13ab70 Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fvogt@suse.com>
Date: Wed, 7 Dec 2022 17:36:12 +0000
Subject: [PATCH] Accepting request 1041171 from
 home:dancermak:branches:devel:microos

Add patch to fix openQA failures

OBS-URL: https://build.opensuse.org/request/show/1041171
OBS-URL: https://build.opensuse.org/package/show/devel:microos/podman?expand=0&rev=11
---
 ...issing-hostPort-to-containerPort-is-.patch | 93 +++++++++++++++++++
 podman.changes                                |  4 +-
 podman.spec                                   |  2 +
 3 files changed, 98 insertions(+), 1 deletion(-)
 create mode 100644 0001-Revert-Default-missing-hostPort-to-containerPort-is-.patch

diff --git a/0001-Revert-Default-missing-hostPort-to-containerPort-is-.patch b/0001-Revert-Default-missing-hostPort-to-containerPort-is-.patch
new file mode 100644
index 0000000..404f197
--- /dev/null
+++ b/0001-Revert-Default-missing-hostPort-to-containerPort-is-.patch
@@ -0,0 +1,93 @@
+From 07151aaec3312b3235847106cfd76608c2d823e5 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Dan=20=C4=8Cerm=C3=A1k?= <dcermak@suse.com>
+Date: Wed, 7 Dec 2022 17:28:39 +0100
+Subject: [PATCH] Revert "Default missing hostPort to containerPort is defined
+ in kube.yaml"
+
+This reverts commit f5fc0960e5eddf64a7d8fbf8fbfd3652b4ee5db3.
+---
+ pkg/specgen/generate/kube/kube.go |  3 ---
+ test/e2e/play_kube_test.go        |  6 ++++++
+ test/system/700-play.bats         | 24 ------------------------
+ 3 files changed, 6 insertions(+), 27 deletions(-)
+
+diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go
+index 5186a2f72..b707c52a2 100644
+--- a/pkg/specgen/generate/kube/kube.go
++++ b/pkg/specgen/generate/kube/kube.go
+@@ -918,9 +918,6 @@ func getPodPorts(containers []v1.Container) []types.PortMapping {
+ 			if p.HostPort != 0 && p.ContainerPort == 0 {
+ 				p.ContainerPort = p.HostPort
+ 			}
+-			if p.HostPort == 0 && p.ContainerPort != 0 {
+-				p.HostPort = p.ContainerPort
+-			}
+ 			if p.Protocol == "" {
+ 				p.Protocol = "tcp"
+ 			}
+diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go
+index 97823e232..6fe299b38 100644
+--- a/test/e2e/play_kube_test.go
++++ b/test/e2e/play_kube_test.go
+@@ -133,6 +133,8 @@ spec:
+   containers:
+   - name: podnameEqualsContainerNameYaml
+     image: quay.io/libpod/alpine:latest
++    ports:
++    - containerPort: 80
+ `
+ 
+ var podWithoutAName = `
+@@ -237,6 +239,8 @@ spec:
+         - "1.5"
+         name: alpine
+         image: quay.io/libpod/alpine:latest
++        ports:
++        - containerPort: 80
+         livenessProbe:
+           exec:
+             command:
+@@ -270,6 +274,8 @@ spec:
+         - "1.5"
+         name: alpine
+         image: quay.io/libpod/alpine:latest
++        ports:
++        - containerPort: 80
+         livenessProbe:
+           exec:
+             command:
+diff --git a/test/system/700-play.bats b/test/system/700-play.bats
+index 5f3eb1ef2..3ff1e1ed6 100644
+--- a/test/system/700-play.bats
++++ b/test/system/700-play.bats
+@@ -392,27 +392,3 @@ status: {}
+     run_podman rm -a -f
+     run_podman rm -f -t0 myyaml
+ }
+-
+-@test "podman kube play - hostport" {
+-    HOST_PORT=$(random_free_port)
+-    echo "
+-apiVersion: v1
+-kind: Pod
+-metadata:
+-  labels:
+-    app: test
+-  name: test_pod
+-spec:
+-  containers:
+-    - name: server
+-      image: $IMAGE
+-      ports:
+-        - name: hostp
+-          containerPort: $HOST_PORT
+-" > $PODMAN_TMPDIR/testpod.yaml
+-
+-    run_podman kube play $PODMAN_TMPDIR/testpod.yaml
+-    run_podman pod inspect test_pod --format "{{.InfraConfig.PortBindings}}"
+-    assert "$output" = "map[$HOST_PORT/tcp:[{ $HOST_PORT}]]"
+-    run_podman kube down $PODMAN_TMPDIR/testpod.yaml
+-}
+-- 
+2.38.1
+
diff --git a/podman.changes b/podman.changes
index f8e69f6..88e4ffd 100644
--- a/podman.changes
+++ b/podman.changes
@@ -6,6 +6,8 @@ Tue Nov 22 08:20:16 UTC 2022 - dcermak@suse.com
 - drop /usr/share/user-tmpfiles.d/podman-docker.conf on SLE & Leap
 - remove rpmlintrc (contained only obsolete filters)
 - remove obsolete with_libostree (we don't build on anything older than SLE 15)
+- add patch: 0001-Revert-Default-missing-hostPort-to-containerPort-is-.patch
+  (hotfix for https://github.com/containers/podman/issues/16765)
 - Update to version 4.3.1:
 
 4.3.1:
@@ -136,7 +138,7 @@ Wed Sep 21 02:01:16 UTC 2022 - asarai@suse.com
   * fix podman events with custom format
   * Drop stale config value resulting in asymmetric config
   * Fix list of default capabilities
-  * Add container GID to additional groups
+  * Add container GID to additional groups (CVE-2022-2989 / bsc#1202809, removes patch 0001-Add-container-GID-to-additional-groups.patch)
   * libpod: Ensure that generated container names are random
   * Fix bind-mount-option annotation in gen/play kube
   * Improved Windows compatibility for machine command
diff --git a/podman.spec b/podman.spec
index e1bee18..9219b65 100644
--- a/podman.spec
+++ b/podman.spec
@@ -27,6 +27,8 @@ URL:            https://%{project}
 Source0:        %{name}-%{version}.tar.xz
 Source1:        podman.conf
 Source2:        README.SUSE.SLES
+# hotfix for https://github.com/containers/podman/issues/16765
+Patch0:         0001-Revert-Default-missing-hostPort-to-containerPort-is-.patch
 BuildRequires:  bash-completion
 BuildRequires:  cni
 BuildRequires:  device-mapper-devel