From e118fcfbd7ea37ebb28daed606ae8e2e77115d91 Mon Sep 17 00:00:00 2001 From: Prathamesh Musale Date: Tue, 14 Apr 2026 06:21:44 +0000 Subject: [PATCH] Only map host ports for network_mode: host services (fixes so-c71) extraPortMappings unconditionally mapped all compose service ports to the host, causing conflicts with local services (postgres 5432, redis 6379, etc.). Now only services with network_mode: host get port mappings. Ports 80/443 for Caddy ingress are always mapped. Co-Authored-By: Claude Opus 4.6 (1M context) --- stack_orchestrator/deploy/k8s/helpers.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/stack_orchestrator/deploy/k8s/helpers.py b/stack_orchestrator/deploy/k8s/helpers.py index 396c286b..d0c66483 100644 --- a/stack_orchestrator/deploy/k8s/helpers.py +++ b/stack_orchestrator/deploy/k8s/helpers.py @@ -748,12 +748,18 @@ def _generate_kind_port_mappings(parsed_pod_files): f" - containerPort: {port_string}\n hostPort: {port_string}\n" ) seen.add((port_string, "TCP")) - # Map ports declared in compose services + # Map ports only for services with network_mode: host. + # Other service ports are internal — they go through the Ingress on + # 80/443 and don't need host port mappings. Mapping all compose ports + # unconditionally (the previous behavior) caused conflicts with local + # services like postgres (5432) and redis (6379). for pod in parsed_pod_files: parsed_pod_file = parsed_pod_files[pod] if "services" in parsed_pod_file: for service_name in parsed_pod_file["services"]: service_obj = parsed_pod_file["services"][service_name] + if service_obj.get("network_mode") != "host": + continue for port_entry in service_obj.get("ports", []): port_str = str(port_entry) protocol = "TCP"