kic: only ask sudo for privileged ports tunnel docker for mac

pkg/minikube/tunnel/kic/ssh_conn.go

@@ -36,7 +36,6 @@ func createSSHConn(name, sshPort, sshKey string, svc *v1.Service) *sshConn {
 	// extract sshArgs
 	sshArgs := []string{
 		// TODO: document the options here
-		"ssh",
 		"-o", "UserKnownHostsFile=/dev/null",
 		"-o", "StrictHostKeyChecking no",
 		"-N",
@@ -45,6 +44,8 @@ func createSSHConn(name, sshPort, sshKey string, svc *v1.Service) *sshConn {
 		"-i", sshKey,
 	}
 
+	askForSudo := false
+	var privilegedPorts []int32
 	for _, port := range svc.Spec.Ports {
 		arg := fmt.Sprintf(
 			"-L %d:%s:%d",
@@ -53,10 +54,27 @@ func createSSHConn(name, sshPort, sshKey string, svc *v1.Service) *sshConn {
 			port.Port,
 		)
 
+		// check if any port is privileged
+		if port.Port < 1024 {
+			privilegedPorts = append(privilegedPorts, port.Port)
+			askForSudo = true
+		}
+
 		sshArgs = append(sshArgs, arg)
 	}
 
-	cmd := exec.Command("sudo", sshArgs...)
+	command := "ssh"
+
+	if askForSudo {
+		// TODO: use out package
+		fmt.Printf("The service %s requires priviledged ports to be exposed: %v\n", svc.Name, privilegedPorts)
+		fmt.Printf("sudo permission will be asked for it.\n")
+
+		command = "sudo"
+		sshArgs = append([]string{"ssh"}, sshArgs...)
+	}
+
+	cmd := exec.Command(command, sshArgs...)
 
 	return &sshConn{
 		name:    name,