Merge branch 'master' into fix-multi-env-name-resource

Author: ash-thakur-rh

CHANGELOG.md

@@ -25,8 +25,10 @@ Usage:
 * Fix #3591: Fix windows line endings for yaml literal blocks, json serialization config updated
 * Fix #3781: Native Generator does not work in Windows system, always finds multiple native executable
 * Fix #2286: Remove Guava dependency where ever possible
+* Fix #3809: Actuator liveness and readiness probe not getting generated with Spring boot 4.x.x
 * Fix #3707: Setting readOnly flag in VolumeConfig has no effect
 * Fix #2758: Inconsistency when merging fragments with same file name with different profiles
+* Fix #1458: Consideration of "ssl.enabled" properties to enable liveness/readiness probe for Spring Boot Actuator
 
 ### 1.18.2 (2025-11-03)
 * Fix #3750: Remove unneeded XMLUtil.createNewDocument method

jkube-kit/common/src/main/java/org/eclipse/jkube/kit/common/util/SpringBootConfiguration.java

@@ -31,6 +31,8 @@ public class SpringBootConfiguration {
   private String serverKeystore;
   private String managementKeystore;
   private String servletPath;
+  private boolean serverSslEnabled;
+  private boolean managementSslEnabled;
   private String serverContextPath;
   private String managementContextPath;
   private String actuatorBasePath;
@@ -54,27 +56,40 @@ public static SpringBootConfiguration from(JavaProject project) {
       .orElse(1);
     final SpringBootConfiguration.SpringBootConfigurationBuilder configBuilder = SpringBootConfiguration.builder();
     // Spring Boot 1 and common properties
+    final String serverKeystore = properties.getProperty("server.ssl.key-store");
+    final String managementKeystore = properties.getProperty("management.ssl.key-store");
+
     configBuilder
       .managementPort(Optional.ofNullable(properties.getProperty("management.port")).map(Integer::parseInt).orElse(null))
       .serverPort(Integer.parseInt(properties.getProperty("server.port", DEFAULT_SERVER_PORT)))
-      .serverKeystore(properties.getProperty("server.ssl.key-store"))
+      .serverKeystore(serverKeystore)
       .managementHealthProbesEnabled(Boolean.parseBoolean(properties.getProperty("management.health.probes.enabled")))
-      .managementKeystore(properties.getProperty("management.ssl.key-store"))
+      .managementKeystore(managementKeystore)
       .servletPath(properties.getProperty("server.servlet-path"))
       .serverContextPath(properties.getProperty("server.context-path"))
       .managementContextPath(properties.getProperty("management.context-path"))
       .actuatorBasePath("")
       .actuatorDefaultBasePath("")
-      .webFluxBasePath(properties.getProperty("spring.webflux.base-path"));
+      .webFluxBasePath(properties.getProperty("spring.webflux.base-path"))
+      .serverSslEnabled(Optional.ofNullable(properties.getProperty("server.ssl.enabled"))
+        .map(Boolean::parseBoolean)
+        .orElse(serverKeystore != null))
+      .managementSslEnabled(Optional.ofNullable(properties.getProperty("management.ssl.enabled"))
+        .map(Boolean::parseBoolean)
+        .orElse(managementKeystore != null));
     if (majorVersion > 1) {
+      final String managementServerKeystore = properties.getProperty("management.server.ssl.key-store");
       configBuilder
         .managementPort(Optional.ofNullable(properties.getProperty("management.server.port")).map(Integer::parseInt).orElse(null))
-        .managementKeystore(properties.getProperty("management.server.ssl.key-store"))
+        .managementKeystore(managementServerKeystore)
         .servletPath(properties.getProperty("server.servlet.path"))
         .serverContextPath(properties.getProperty("server.servlet.context-path"))
         .managementContextPath(properties.getProperty("management.server.servlet.context-path"))
         .actuatorBasePath(properties.getProperty("management.endpoints.web.base-path"))
-        .actuatorDefaultBasePath("/actuator");
+        .actuatorDefaultBasePath("/actuator")
+        .managementSslEnabled(Optional.ofNullable(properties.getProperty("management.server.ssl.enabled"))
+          .map(Boolean::parseBoolean)
+          .orElse(managementServerKeystore != null));
     }
     if (majorVersion == 3) {
       configBuilder

jkube-kit/common/src/test/java/org/eclipse/jkube/kit/common/util/SpringBootConfigurationTest.java

@@ -54,6 +54,9 @@ void setUp(@TempDir Path target) throws IOException {
     properties.put("management.context-path", "management.context-path");
     properties.put("management.server.servlet.context-path", "management.server.servlet.context-path");
     properties.put("management.endpoints.web.base-path", "management.endpoints.web.base-path");
+    properties.put("server.ssl.enabled", "true");
+    properties.put("management.ssl.enabled", "true");
+    properties.put("management.server.ssl.enabled", "true");
     try (OutputStream fos = Files.newOutputStream(target.resolve("application.properties"))) {
       properties.store(fos, null);
     }
@@ -134,6 +137,99 @@ void getActuatorBasePath() {
     void getActuatorDefaultBasePath() {
       assertThat(springBootConfiguration.getActuatorDefaultBasePath()).isEqualTo("/actuator");
     }
+
+    @Test
+    @DisplayName("isServerSslEnabled returns true when server.ssl.enabled is true")
+    void isServerSslEnabled_whenExplicitlyTrue() {
+      assertThat(springBootConfiguration.isServerSslEnabled()).isTrue();
+    }
+
+    @Test
+    @DisplayName("isManagementSslEnabled returns true when management.server.ssl.enabled is true")
+    void isManagementSslEnabled_whenExplicitlyTrue() {
+      assertThat(springBootConfiguration.isManagementSslEnabled()).isTrue();
+    }
+
+    @Test
+    @DisplayName("isServerSslEnabled defaults to true when keystore configured and ssl.enabled not set")
+    void isServerSslEnabled_defaultsToTrueWithKeystore(@TempDir Path target) throws IOException {
+      final Properties properties = new Properties();
+      properties.put("server.ssl.key-store", "keystore.jks");
+      try (OutputStream fos = Files.newOutputStream(target.resolve("application.properties"))) {
+        properties.store(fos, null);
+      }
+      SpringBootConfiguration config = SpringBootConfiguration.from(JavaProject.builder()
+        .properties(properties)
+        .outputDirectory(target.toFile())
+        .dependency(Dependency.builder()
+          .groupId("org.springframework.boot")
+          .artifactId("spring-boot")
+          .version("3.0")
+          .build())
+        .build());
+      assertThat(config.isServerSslEnabled()).isTrue();
+    }
+
+    @Test
+    @DisplayName("isServerSslEnabled returns false when server.ssl.enabled is false")
+    void isServerSslEnabled_whenExplicitlyFalse(@TempDir Path target) throws IOException {
+      final Properties properties = new Properties();
+      properties.put("server.ssl.key-store", "keystore.jks");
+      properties.put("server.ssl.enabled", "false");
+      try (OutputStream fos = Files.newOutputStream(target.resolve("application.properties"))) {
+        properties.store(fos, null);
+      }
+      SpringBootConfiguration config = SpringBootConfiguration.from(JavaProject.builder()
+        .properties(properties)
+        .outputDirectory(target.toFile())
+        .dependency(Dependency.builder()
+          .groupId("org.springframework.boot")
+          .artifactId("spring-boot")
+          .version("3.0")
+          .build())
+        .build());
+      assertThat(config.isServerSslEnabled()).isFalse();
+    }
+
+    @Test
+    @DisplayName("isManagementSslEnabled returns false when management.server.ssl.enabled is false")
+    void isManagementSslEnabled_whenExplicitlyFalse(@TempDir Path target) throws IOException {
+      final Properties properties = new Properties();
+      properties.put("management.server.ssl.key-store", "keystore.jks");
+      properties.put("management.server.ssl.enabled", "false");
+      try (OutputStream fos = Files.newOutputStream(target.resolve("application.properties"))) {
+        properties.store(fos, null);
+      }
+      SpringBootConfiguration config = SpringBootConfiguration.from(JavaProject.builder()
+        .properties(properties)
+        .outputDirectory(target.toFile())
+        .dependency(Dependency.builder()
+          .groupId("org.springframework.boot")
+          .artifactId("spring-boot")
+          .version("3.0")
+          .build())
+        .build());
+      assertThat(config.isManagementSslEnabled()).isFalse();
+    }
+
+    @Test
+    @DisplayName("isServerSslEnabled defaults to false when no keystore and ssl.enabled not set")
+    void isServerSslEnabled_defaultsToFalseWithoutKeystore(@TempDir Path target) throws IOException {
+      final Properties properties = new Properties();
+      try (OutputStream fos = Files.newOutputStream(target.resolve("application.properties"))) {
+        properties.store(fos, null);
+      }
+      SpringBootConfiguration config = SpringBootConfiguration.from(JavaProject.builder()
+        .properties(properties)
+        .outputDirectory(target.toFile())
+        .dependency(Dependency.builder()
+          .groupId("org.springframework.boot")
+          .artifactId("spring-boot")
+          .version("3.0")
+          .build())
+        .build());
+      assertThat(config.isServerSslEnabled()).isFalse();
+    }
   }
 
   @Nested
@@ -207,6 +303,60 @@ void getActuatorBasePath() {
     void getActuatorDefaultBasePath() {
       assertThat(springBootConfiguration.getActuatorDefaultBasePath()).isEqualTo("/actuator");
     }
+
+    @Test
+    @DisplayName("isServerSslEnabled returns true when server.ssl.enabled is true")
+    void isServerSslEnabled_whenExplicitlyTrue() {
+      assertThat(springBootConfiguration.isServerSslEnabled()).isTrue();
+    }
+
+    @Test
+    @DisplayName("isManagementSslEnabled returns true when management.server.ssl.enabled is true")
+    void isManagementSslEnabled_whenExplicitlyTrue() {
+      assertThat(springBootConfiguration.isManagementSslEnabled()).isTrue();
+    }
+
+    @Test
+    @DisplayName("isServerSslEnabled returns false when server.ssl.enabled is false")
+    void isServerSslEnabled_whenExplicitlyFalse(@TempDir Path target) throws IOException {
+      final Properties properties = new Properties();
+      properties.put("server.ssl.key-store", "keystore.jks");
+      properties.put("server.ssl.enabled", "false");
+      try (OutputStream fos = Files.newOutputStream(target.resolve("application.properties"))) {
+        properties.store(fos, null);
+      }
+      SpringBootConfiguration config = SpringBootConfiguration.from(JavaProject.builder()
+        .properties(properties)
+        .outputDirectory(target.toFile())
+        .dependency(Dependency.builder()
+          .groupId("org.springframework.boot")
+          .artifactId("spring-boot")
+          .version("2.0")
+          .build())
+        .build());
+      assertThat(config.isServerSslEnabled()).isFalse();
+    }
+
+    @Test
+    @DisplayName("isManagementSslEnabled returns false when management.server.ssl.enabled is false")
+    void isManagementSslEnabled_whenExplicitlyFalse(@TempDir Path target) throws IOException {
+      final Properties properties = new Properties();
+      properties.put("management.server.ssl.key-store", "keystore.jks");
+      properties.put("management.server.ssl.enabled", "false");
+      try (OutputStream fos = Files.newOutputStream(target.resolve("application.properties"))) {
+        properties.store(fos, null);
+      }
+      SpringBootConfiguration config = SpringBootConfiguration.from(JavaProject.builder()
+        .properties(properties)
+        .outputDirectory(target.toFile())
+        .dependency(Dependency.builder()
+          .groupId("org.springframework.boot")
+          .artifactId("spring-boot")
+          .version("2.0")
+          .build())
+        .build());
+      assertThat(config.isManagementSslEnabled()).isFalse();
+    }
   }
 
   @Nested
@@ -351,5 +501,61 @@ void getActuatorDefaultBasePath(String version) {
       assertThat(springBootConfiguration.getActuatorDefaultBasePath()).
         isEmpty();
     }
+
+    @ParameterizedTest(name = "{0}")
+    @ValueSource(strings = {"1.0", "undefined"})
+    @DisplayName("isServerSslEnabled returns true when ssl.enabled is true (Spring Boot 1)")
+    void isServerSslEnabled_whenExplicitlyTrue(String version) {
+      springBootConfiguration = SpringBootConfiguration.from(project.toBuilder()
+        .dependency(Dependency.builder()
+          .groupId("org.springframework.boot")
+          .artifactId("spring-boot")
+          .version(version)
+          .build())
+        .build());
+      assertThat(springBootConfiguration.isServerSslEnabled()).isTrue();
+    }
+
+    @Test
+    @DisplayName("isManagementSslEnabled uses management.ssl.enabled property (Spring Boot 1)")
+    void isManagementSslEnabled_withManagementSslEnabled(@TempDir Path target) throws IOException {
+      final Properties properties = new Properties();
+      properties.put("management.ssl.key-store", "keystore.jks");
+      properties.put("management.ssl.enabled", "false");
+      try (OutputStream fos = Files.newOutputStream(target.resolve("application.properties"))) {
+        properties.store(fos, null);
+      }
+      SpringBootConfiguration config = SpringBootConfiguration.from(JavaProject.builder()
+        .properties(properties)
+        .outputDirectory(target.toFile())
+        .dependency(Dependency.builder()
+          .groupId("org.springframework.boot")
+          .artifactId("spring-boot")
+          .version("1.0")
+          .build())
+        .build());
+      assertThat(config.isManagementSslEnabled()).isFalse();
+    }
+
+    @Test
+    @DisplayName("isServerSslEnabled returns false when server.ssl.enabled is false (Spring Boot 1)")
+    void isServerSslEnabled_whenExplicitlyFalse(@TempDir Path target) throws IOException {
+      final Properties properties = new Properties();
+      properties.put("server.ssl.key-store", "keystore.jks");
+      properties.put("server.ssl.enabled", "false");
+      try (OutputStream fos = Files.newOutputStream(target.resolve("application.properties"))) {
+        properties.store(fos, null);
+      }
+      SpringBootConfiguration config = SpringBootConfiguration.from(JavaProject.builder()
+        .properties(properties)
+        .outputDirectory(target.toFile())
+        .dependency(Dependency.builder()
+          .groupId("org.springframework.boot")
+          .artifactId("spring-boot")
+          .version("1.0")
+          .build())
+        .build());
+      assertThat(config.isServerSslEnabled()).isFalse();
+    }
   }
 }

jkube-kit/doc/src/main/asciidoc/inc/enricher/spring-boot-healthcheck/_jkube_healthcheck_spring_boot.adoc

@@ -24,8 +24,18 @@ If the user has enabled the `management.health.probes.enabled` property this Enr
 management.health.probes.enabled=true
 ----
 
-The port number is read from the `management.port` option, and will use the default value of `8080`
-The scheme will use HTTPS if `server.ssl.key-store` option is in use, and fallback to use `HTTP` otherwise.
+The port number is read from the `management.port` (Spring Boot 1) or `management.server.port` (Spring Boot 2+) option, and will use the default value of `8080`.
+
+The probe scheme (`http` or `https`) is determined as follows:
+
+* For probes targeting the management port:
+** If `management.server.ssl.enabled` (Spring Boot 2+) or `management.ssl.enabled` (Spring Boot 1) is explicitly set, this value determines whether HTTPS is used
+** Otherwise, HTTPS is used if `management.server.ssl.key-store` (Spring Boot 2+) or `management.ssl.key-store` (Spring Boot 1) is configured
+* For probes targeting the server port:
+** If `server.ssl.enabled` is explicitly set, this value determines whether HTTPS is used
+** Otherwise, HTTPS is used if `server.ssl.key-store` is configured
+
+This allows you to disable SSL for health probes even when a keystore is configured by setting the appropriate `ssl.enabled` property to `false`.
 
 The enricher will use the following settings by default:
 

jkube-kit/doc/src/main/asciidoc/inc/generator/_spring_boot.adoc

@@ -23,7 +23,17 @@ Beside the  <<generator-options-common, common generator options>> and the <<gen
 |===
 
 The generator adds Kubernetes liveness and readiness probes pointing to either the management or server port as read from the `application.properties`.
-If the `management.port` (for Spring Boot 1) or `management.server.port` (for Spring Boot 2) and `management.ssl.key-store` (for Spring Boot 1) or `management.server.ssl.key-store` (for Spring Boot 2) properties are set in `application.properties` otherwise or `server.ssl.key-store` property is set in `application.properties` then the probes are automatically set to use `https`.
+
+The probe scheme (`http` or `https`) is determined as follows:
+
+* For probes targeting the management port:
+** If `management.server.ssl.enabled` (Spring Boot 2+) or `management.ssl.enabled` (Spring Boot 1) is explicitly set, this value determines whether HTTPS is used
+** Otherwise, HTTPS is used if `management.server.ssl.key-store` (Spring Boot 2+) or `management.ssl.key-store` (Spring Boot 1) is configured
+* For probes targeting the server port:
+** If `server.ssl.enabled` is explicitly set, this value determines whether HTTPS is used
+** Otherwise, HTTPS is used if `server.ssl.key-store` is configured
+
+This allows you to disable SSL for health probes even when a keystore is configured by setting the appropriate `ssl.enabled` property to `false`.
 
 ifeval::["{plugin-type}" == "maven"]
 The generator works differently when called together with `{goal-prefix}:watch`.