In our project we need to tweak the SSL stack, so we use a WebServerFactoryCustomizer, which also sets the port to 8443.
When I tried to bind actuator to port 8080 using properties it didn't work and actuator was always on the public port.
As it turns out in ManagementPortType you check for:
return ((managementPort == null || (serverPort == null && managementPort.equals(8080))
|| (managementPort != 0 && managementPort.equals(serverPort))) ? SAME : DIFFERENT);
So when you modify the public server port using customizers, this doesn't work. @wilkinsona already stated in gitter that it may be difficult to to determine that in the OnManagementPortCondition, but I wanted to document this issue here and also provide the workaround:
Just set the server.port anyway, even if you override it in the customizer, if you want to have actuator on port 8080. (You could even use any value != 8080 if you override it anyway)
This also leads me to another small problem. I have also configured the management.server.address to "localhost" for security reasons an this also was ignored in this case, which opens the management interface to the public by accident, although it should have been "private".
May I suggest to add a property to override the ManagementPortType to make it explicit? This also opens the possibility to document that fact in the reference documentation.
Comment From: philwebb
We've opened #22187 to deal with the management.server.address issue.
Comment From: philwebb
We've discussed this today as team and feel that an additional management.server.type property is likely to cause confusion for most users. I think the best solution is to specify the ports in your application.properties, even if they will ultimately be replaced by the customizer.