From e6735e5de34fe53e7f382161fe52b54e4a0f5ab7 Mon Sep 17 00:00:00 2001
From: stiv03 <stoyanivanov03@gmail.com>
Date: Thu, 25 Sep 2025 16:48:20 +0300
Subject: [PATCH] Fix GACD service keys not renewed when existing service is
 used LMCROSSITXSADEPLOY-2958

---
 .../cf/clients/CustomServiceKeysClient.java   | 26 +++++++
 .../process/steps/DetectDeployedMtaStep.java  | 74 ++++++++++++++++++-
 2 files changed, 99 insertions(+), 1 deletion(-)

diff --git a/multiapps-controller-core/src/main/java/org/cloudfoundry/multiapps/controller/core/cf/clients/CustomServiceKeysClient.java b/multiapps-controller-core/src/main/java/org/cloudfoundry/multiapps/controller/core/cf/clients/CustomServiceKeysClient.java
index 733843fd25..5804870f7f 100644
--- a/multiapps-controller-core/src/main/java/org/cloudfoundry/multiapps/controller/core/cf/clients/CustomServiceKeysClient.java
+++ b/multiapps-controller-core/src/main/java/org/cloudfoundry/multiapps/controller/core/cf/clients/CustomServiceKeysClient.java
@@ -1,8 +1,11 @@
 package org.cloudfoundry.multiapps.controller.core.cf.clients;
 
+import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
+import java.util.Objects;
+import java.util.UUID;
 import java.util.function.Function;
 import java.util.stream.Collectors;
 
@@ -22,6 +25,9 @@ public class CustomServiceKeysClient extends CustomControllerClient {
     private static final String SERVICE_KEYS_BY_METADATA_SELECTOR_URI = SERVICE_KEYS_RESOURCE_BASE_URI + "?type=key&label_selector={value}";
     private static final String INCLUDE_SERVICE_INSTANCE_RESOURCES_PARAM = "&include=service_instance";
 
+    private static final String SERVICE_KEYS_BY_SERVICE_GUIDS_URI =
+        SERVICE_KEYS_RESOURCE_BASE_URI + "?type=key&service_instance_guids={guids}" + INCLUDE_SERVICE_INSTANCE_RESOURCES_PARAM;
+
     private final CloudEntityResourceMapper resourceMapper = new CloudEntityResourceMapper();
 
     public CustomServiceKeysClient(ApplicationConfiguration configuration, WebClientFactory webClientFactory, CloudCredentials credentials,
@@ -47,6 +53,26 @@ public List<DeployedMtaServiceKey> getServiceKeysByMetadataAndGuids(String space
             () -> getServiceKeysByMetadataInternal(labelSelector, services));
     }
 
+    public List<DeployedMtaServiceKey> getServiceKeysByServiceInstanceGuids(Collection<UUID> serviceInstanceGuids) {
+        if (serviceInstanceGuids == null || serviceInstanceGuids.isEmpty()) {
+            return Collections.emptyList();
+        }
+        String guidsCsv = toCsv(serviceInstanceGuids);
+        return new CustomControllerClientErrorHandler().handleErrorsOrReturnResult(
+            () -> getListOfResources(new ServiceKeysResponseMapper(null),
+                                     SERVICE_KEYS_BY_SERVICE_GUIDS_URI,
+                                     guidsCsv)
+        );
+    }
+
+    private static String toCsv(Collection<?> values) {
+        return values.stream()
+                     .filter(Objects::nonNull)
+                     .map(Object::toString)
+                     .distinct()
+                     .collect(Collectors.joining(","));
+    }
+
     private List<DeployedMtaServiceKey> getServiceKeysByMetadataInternal(String labelSelector, List<DeployedMtaService> services) {
         String uriSuffix = INCLUDE_SERVICE_INSTANCE_RESOURCES_PARAM;
         List<DeployedMtaService> managedServices = getManagedServices(services);
diff --git a/multiapps-controller-process/src/main/java/org/cloudfoundry/multiapps/controller/process/steps/DetectDeployedMtaStep.java b/multiapps-controller-process/src/main/java/org/cloudfoundry/multiapps/controller/process/steps/DetectDeployedMtaStep.java
index 09711ac4c2..9eb5dd0a3d 100644
--- a/multiapps-controller-process/src/main/java/org/cloudfoundry/multiapps/controller/process/steps/DetectDeployedMtaStep.java
+++ b/multiapps-controller-process/src/main/java/org/cloudfoundry/multiapps/controller/process/steps/DetectDeployedMtaStep.java
@@ -1,8 +1,13 @@
 package org.cloudfoundry.multiapps.controller.process.steps;
 
 import java.text.MessageFormat;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Optional;
+import java.util.Set;
+import java.util.UUID;
 
 import jakarta.inject.Inject;
 import jakarta.inject.Named;
@@ -13,15 +18,19 @@
 import org.cloudfoundry.multiapps.controller.core.cf.clients.WebClientFactory;
 import org.cloudfoundry.multiapps.controller.core.cf.detect.DeployedMtaDetector;
 import org.cloudfoundry.multiapps.controller.core.cf.metadata.MtaMetadata;
+import org.cloudfoundry.multiapps.controller.core.cf.v2.ResourceType;
 import org.cloudfoundry.multiapps.controller.core.model.DeployedMta;
 import org.cloudfoundry.multiapps.controller.core.model.DeployedMtaService;
 import org.cloudfoundry.multiapps.controller.core.model.DeployedMtaServiceKey;
 import org.cloudfoundry.multiapps.controller.core.security.serialization.SecureSerialization;
 import org.cloudfoundry.multiapps.controller.core.security.token.TokenService;
+import org.cloudfoundry.multiapps.controller.core.util.CloudModelBuilderUtil;
 import org.cloudfoundry.multiapps.controller.core.util.NameUtil;
 import org.cloudfoundry.multiapps.controller.process.Constants;
 import org.cloudfoundry.multiapps.controller.process.Messages;
 import org.cloudfoundry.multiapps.controller.process.variables.Variables;
+import org.cloudfoundry.multiapps.mta.model.DeploymentDescriptor;
+import org.cloudfoundry.multiapps.mta.model.Resource;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.context.annotation.Scope;
@@ -102,7 +111,70 @@ private List<DeployedMtaServiceKey> detectDeployedServiceKeys(String mtaId, Stri
         var creds = new CloudCredentials(token, true);
 
         CustomServiceKeysClient serviceKeysClient = getCustomServiceKeysClient(creds, context.getVariable(Variables.CORRELATION_ID));
-        return serviceKeysClient.getServiceKeysByMetadataAndGuids(spaceGuid, mtaId, mtaNamespace, deployedMtaServices);
+
+        List<DeployedMtaServiceKey> managedServicesKeys = serviceKeysClient.getServiceKeysByMetadataAndGuids(spaceGuid, mtaId, mtaNamespace,
+                                                                                                             deployedMtaServices);
+        List<DeployedMtaServiceKey> existingServicesKeys = getExistingServicesKeys(context, serviceKeysClient);
+
+        return combineManagedAndExistingServiceKeys(managedServicesKeys, existingServicesKeys);
+    }
+
+    private List<DeployedMtaServiceKey> combineManagedAndExistingServiceKeys(List<DeployedMtaServiceKey> managedServicesKeys,
+                                                                             List<DeployedMtaServiceKey> existingServicesKeys) {
+        Set<DeployedMtaServiceKey> merged = new LinkedHashSet<>();
+        if (managedServicesKeys != null) {
+            merged.addAll(managedServicesKeys);
+        }
+        if (existingServicesKeys != null) {
+            merged.addAll(existingServicesKeys);
+        }
+
+        return new ArrayList<>(merged);
+    }
+
+    private List<DeployedMtaServiceKey> getExistingServicesKeys(ProcessContext context, CustomServiceKeysClient serviceKeysClient) {
+
+        List<String> existingServiceNames = getExistingServiceNamesFromDescriptor(context);
+        List<DeployedMtaServiceKey> existingKeys = Collections.emptyList();
+
+        if (!existingServiceNames.isEmpty()) {
+            CloudControllerClient client = context.getControllerClient();
+
+            List<UUID> existingGuids = new ArrayList<>();
+            for (String name : existingServiceNames) {
+                UUID serviceGuid = client.getServiceInstance(name)
+                                         .getGuid();
+                if (serviceGuid != null) {
+                    existingGuids.add(serviceGuid);
+                }
+            }
+
+            if (!existingGuids.isEmpty()) {
+                existingKeys = serviceKeysClient.getServiceKeysByServiceInstanceGuids(existingGuids);
+            }
+        }
+        return existingKeys;
+
+    }
+
+    private List<String> getExistingServiceNamesFromDescriptor(ProcessContext context) {
+        DeploymentDescriptor descriptor = context.getVariable(Variables.DEPLOYMENT_DESCRIPTOR);
+
+        if (descriptor == null || descriptor.getResources() == null) {
+            return Collections.emptyList();
+        }
+
+        List<String> existingServicesNames = new ArrayList<>();
+        for (Resource resource : descriptor.getResources()) {
+            ResourceType resourceType = CloudModelBuilderUtil.getResourceType(resource);
+
+            if (resourceType == ResourceType.EXISTING_SERVICE) {
+                existingServicesNames.add(resource.getName());
+            }
+        }
+        return existingServicesNames.stream()
+                                    .distinct()
+                                    .toList();
     }
 
     private void logNoMtaDeployedDetected(String mtaId, String mtaNamespace) {