Do not set OCP serving cert annotation to management service

quarkus-qe · Sep 16, 2024 · 80d8fe2 · 80d8fe2
1 parent 398464e
commit 80d8fe2
Showing 1 changed file with 10 additions and 12 deletions.
diff --git a/quarkus-test-openshift/src/main/java/io/quarkus/test/bootstrap/inject/OpenShiftClient.java b/quarkus-test-openshift/src/main/java/io/quarkus/test/bootstrap/inject/OpenShiftClient.java
@@ -825,8 +825,15 @@ private String enrichTemplate(Service service, String template, Map<String, Stri
                             }
                         }));
             } else if (obj instanceof io.fabric8.kubernetes.api.model.Service k8Service) {
+                var k8ServiceName = k8Service.getMetadata().getName();
                 boolean isQuarkusRuntime = isQuarkusRuntime(k8Service.getMetadata().getLabels());
-                if (isQuarkusRuntime) {
+                // Subject Alternative Name (SAN) must match service DNS name,
+                // and injected certificates will have SAN set to one of OpenShift services,
+                // but we can have 2 services created for one application,
+                // one for HTTP server, one for management interface
+                // so far, we don't support management interface,
+                // which allows mount exactly one secret created for the HTTP server
+                if (isQuarkusRuntime && isNotManagementInterfaceService(k8ServiceName)) {
                     collectAnnotations(service).forEach(keyToVal -> {
                         var annotationKey = keyToVal.key();
                         var annotationVal = keyToVal.value();
@@ -850,24 +857,15 @@ private String enrichTemplate(Service service, String template, Map<String, Stri
     }
 
     private static List<OpenShiftPropertiesUtils.PropertyToValue> collectAnnotations(Service service) {
-        if (isManagementInterfaceService(service)) {
-            // Subject Alternative Name (SAN) must match service DNS name,
-            // and injected certificates will have SAN set to one of OpenShift services,
-            // but we can have 2 services created for one application,
-            // one for HTTP server, one for management interface
-            // so far, we don't support management interface,
-            // which allows mount exactly one secret created for the HTTP server
-            return List.of();
-        }
         return service.getProperties().values()
                 .stream()
                 .filter(OpenShiftPropertiesUtils::isAnnotation)
                 .map(OpenShiftPropertiesUtils::getServiceAnnotation)
                 .toList();
     }
 
-    private static boolean isManagementInterfaceService(Service service) {
-        return service.getName().endsWith("-management");
+    private static boolean isNotManagementInterfaceService(String serviceName) {
+        return serviceName == null || !serviceName.endsWith("-management");
     }
 
     private String createAppPropsForPropsThatRequireDottedFormat(Map<String, String> configProperties) {