Add SNI skip for client node configuration

charts/consul/templates/api-gateway-controller-deployment.yaml

@@ -112,7 +112,7 @@ spec:
           {{- end }}
         - name: CONSUL_HTTP_SSL
           value: "{{ .Values.global.tls.enabled }}"
-        {{- if and .Values.externalServers.enabled .Values.externalServers.tlsServerName }}
+        {{- if and (not .Values.client.enabled) .Values.externalServers.enabled .Values.externalServers.tlsServerName }}
         - name: CONSUL_TLS_SERVER_NAME
           value: {{ .Values.externalServers.tlsServerName }}
         {{- end }}

charts/consul/test/unit/api-gateway-controller-deployment.bats

@@ -2,6 +2,16 @@
 
 load _helpers
 
+testOnly() {
+  if [ "$BATS_TEST_DESCRIPTION" != "$1" ]; then
+    skip
+  fi
+}
+
+setup() {
+  testOnly "apiGateway/Deployment: CONSUL_TLS_SERVER_NAME will not be set for when clients are used"
+}
+
 @test "apiGateway/Deployment: disabled by default" {
   cd `chart_dir`
   assert_empty helm template \
@@ -1418,6 +1428,24 @@ load _helpers
   [ "${actual}" = "true" ]
 }
 
+@test "apiGateway/Deployment: CONSUL_TLS_SERVER_NAME will not be set for when clients are used" {
+  cd `chart_dir`
+  local actual=$(helm template \
+      -s templates/api-gateway-controller-deployment.yaml  \
+      --set 'apiGateway.enabled=true' \
+      --set 'apiGateway.image=bar' \
+      --set 'global.tls.enabled=true' \
+      --set 'externalServers.enabled=true' \
+      --set 'externalServers.hosts[0]=external-consul.host' \
+      --set 'externalServers.httpsPort=8501' \
+      --set 'externalServers.tlsServerName=hashi' \
+      --set 'client.enabled=true' \
+      --set 'server.enabled=false' \
+      . | tee /dev/stderr |
+      yq '.spec.template.spec.containers[] | select (.name == "api-gateway-controller") | .env[] | select(.name == "CONSUL_TLS_SERVER_NAME")' | tee /dev/stderr)
+  [ "${actual}" = "" ]
+}
+
 #--------------------------------------------------------------------
 # Admin Partitions