In general we do not recommend using @PropertySource due to them being
added to the environment too late for auto-configuration to use them. This
commit updates the documentation to mention them in the list of external
sources along with a note.
Closes gh-18900
Previously, our Gradle plugin was not tested against Gradle 6.0,
a number of deprecation warnings were output when using the plugin
with Gradle 6, and some functionality related to the application
plugin did not work as expected.
This commit tests the plugin against Gradle 6. It also avoids calling
deprecated APIs. The plugin is compatibile against Gradle 4.10 where
the deprecated APIs' replacements are not available so reflection is
used to call the replcaements. Lastly, the way in which the base name
of the boot distribution that is created when the application plugin
is applied has been modified to ensure that it is effective when using
Gradle 6.
Closes gh-18663
Previously, the documentation did not provide any guidance on using
Jersey alongside Spring MVC or any other web framework.
This improves the documentation in two ways:
1. It notes that, in the presence of both Jersey and Spring MVC, the
Actuator will prefer Spring MVC for exposing HTTP endpoints.
2. It adds a how-to describing how to configure Jersey to forward
requests for which it has no handler on to the rest of the filter
chain. When Spring MVC is the other framework, this allows them to
be handled by its dispatcher servlet.
Closes gh-17523
This commit is a continuation of the work done in 987a5f81. In
addition to developers and licenses that are covered in the earlier
commit, a number of other settings are still inherited from the
starter parent. This commit updates the documentation to show them
being overridden as well.
Closes gh-18532
Publishing to Maven Central requires spring-boot-starter-parent to
declare its license and developers. When a user then uses
spring-boot-starter-parent as their project's parent, these values
are inherited and this is almost certainly unwanted.
This commit updates the documentation to recommend and demonstrate
overriding the license and developers that are inherited from the
starter parent.
Closes gh-18532
Previously, the security risks and our recommendations on how to
mitigate them were not documented as clearly as they could have been.
This commit makes some changes to try to address this:
1. The security risk is now noted at the beginning of the section
2. The recommendation to use SSL is now documented more prominently
and an alternative recommendation to only use remote support on
a trusted network has been added.
3. The example secret has been removed to prevent copy and paste
4. A recommendation to use a secret that is unique and strong has been
added
Closes gh-18825
Previously, the endpoint tables in the documentation include an
"Enabled by default" column that listed whether or not an endpoint
was enabled by default. This resulted in some confusion as an endpoint
could be listed as being enabled by default but not actually be
enabled as the requirements for it being auto-configured has not been
met.
This commit removes the "Enabled by default" column and replaces it,
where needed, with some extra information in the "Description"
column that describes what is needed for the endpoint to be
auto-configured.
Closes gh-18633
In 2.2.0, @ConfigurationPropertiesScan was enabled by default.
Unfortunately, this had the unexpected side-effect of breaking
conditional enablement of a @ConfigurationProperties class via
@EnableConfigurationProperties if the @ConfigurationProperties class
was in a package covered by scanning.
This commit remove @ConfigurationPropertiesScan from
@SpringBootApplication so that it is no longer enabled by default.
2.1.x users who rely upon such conditional enablement of
@ConfigurationProperties classes can now upgrade to 2.2.x without
having to make any changes. Users who do not have such a need and are
in a position to use configuration properties scanning can now opt-in
by adding @ConfigurationPropertiesScan to their main application class
alongside @SpringBootApplication.
Closes gh-18674
This commit creates a new configuration property
`spring.codec.max-in-memory-size` which configures the maximum
amount of data to be buffered in memory by codecs (both client and
server).
This property has no default value - it will let Spring Framework handle
the default behavior, currently enforcing a 256KB for provided codecs.
Fixes gh-18828
Previously, the documentation did not describe how to combine
multiple security components when one component's
WebSecurityConfigurerAdapter or SecurityWebFilterChain would cause
the other components' beans of the same type to back off.
This commit adds a note that such cases should be handled by the user
defining their own WebSecurityConfigurerAdapter or
SecurityWebFilterChain that configures the use of all of the
components as required.
Closes gh-18507
Prior to this commit, all supported servers would share the same
configuration property `server.connection-timeout`. Unfortunately, in
many cases the behavior of this timeout changes depending on the server.
From actual connection setup timeout, to detecting and closing idle
connections, this property cannot be properly translated from one server
implementation to another.
This commit deprecates this configuration property and introduces server
specific properties:
* `server.jetty.connection-idle-timeout`
(Time that the connection can be idle before it is closed.)
* `server.netty.connection-timeout`
(Connection timeout of the Netty channel.)
* `server.tomcat.connection-timeout`
(Amount of time the connector will wait, after accepting a connection,
for the request URI line to be presented.)
* `server.undertow.no-request-timeout`
(Amount of time a connection can sit idle without processing a request,
before it is closed by the server.)
`server.connection-timeout` is now deprecated and will be removed in a
future release.
Fixes gh-18473
This commit adds a note to spring-boot-features.adoc to clarify that
using javadoc tags to format configuration property descriptions is not
supported.
See gh-18578
Previously, Maven's default behaviour was relied up which resulted
in the artifact ID being appended to each URL as it was inherited.
This behaviour can only be disabled in Maven 3.6 and later, a version
that we cannot use due to an incompatibility with the Flatten Plugin.
This commit works around Maven's default behaviour by defining
properties for the SCM URL, connection, and developer connection and
then explicitly defining the settings in each pom using these
properties. The explicit definition of the properties in each pom
prevents them being inherited from the parent, thereby disabling the
unwanted appending of the artifact ID to the URL.
Fixes gh-18328
Update `@ConfigurationProperties` constructor binding support to only
apply when a `@ConstructorBinding` annotation is present on either the
type or the specific constructor to use.
Prior to this commit we didn't have a good way to tell when constructor
binding should be used vs regular autowiring.
For convenience, an `@ImmutableConfigurationProperties` meta-annotation
has also been added which is composed of `@ConfigurationProperties` and
`@ConstructorBinding`.
Closes gh-18469
Add a `show-components` property under `management.endpoint.health` and
`management.endpoint.health.group.<name>` that can be used to change
when components are displayed.
Prior to this commit it was only possible to set `show-details` which
offered an "all or nothing" approach to the resulting JSON. The new
switch allows component information to be displayed whilst still hiding
potentially sensitive details returned from the actual `HealthIndicator`.
Closes gh-15076
This commit warns developers about the fact that plugging RSocket into
an existing web server is only possible with Reactor Netty web servers.
RSocket itself is using Reactor Netty, so this is why we can plug an
RSocket over websocket handler in an existing Reactor Netty handler.
This feature is not possible with other web servers, as existing APIs do
not make that possible.
Fixes gh-17494
This new property allows to customize `fileNamePattern` if it is set.
Otherwise, a default pattern remains. Also, new property is supported
`logging.pattern.rolling-file-name`.
See gh-18151
Update configuration properties support to allow the `@Component`
annotation to be used on `@ConfigurationProperties` beans as long
as they are mutable.
This restores the behavior of Spring Boot 2.1 for mutable beans whilst
still allowing us to enforce the stricter rules for immutable value
object configuration properties.
Closes gh-18138
Update the MockMvc documentation to provide more details about the
pros and cons of such an approach, specifically calling out the
difference with error page handling.
See gh-16718
This commit renames ApplicationHealthIndicator to PingHealthIndicator
and changes the auto-configuration so that it is now always configured
by default.
Closes gh-17926
Update the `HealthEndpoint` to support health groups. The
`HealthEndpointSettings` interface has been replaced with
`HealthEndpointGroups` which provides access to the primary group
as well as an optional set of additional groups.
Groups can be configured via properties and may have custom
`StatusAggregator` and `HttpCodeStatusMapper` settings.
Closes gh-14022
Co-authored-by: Stephane Nicoll <snicoll@pivotal.io>
Overhaul `HealthEndpoint` support to make it easier to support health
groups. Prior to this commit the `HealthIndicator` interface was used
for both regular indicators and composite indicators. In addition the
`Health` result was used to both represent individual, system and
composite health. This design unfortunately means that all health
contributors need to be aware of the `HealthAggregator` and could not
easily support heath groups if per-group aggregation is required.
This commit reworks many aspects of the health support in order to
provide a cleaner separation between a `HealthIndicator`and a
composite. The following changes have been made:
- A `HealthContributor` interface has been introduced to represent
the general concept of something that contributes health information.
A contributor can either be a `HealthIndicator` or a
`CompositeHealthContributor`.
- A `HealthComponent` class has been introduced to mirror the
contributor arrangement. The component can be either
`CompositeHealth` or `Health`.
- The `HealthAggregator` interface has been replaced with a more
focused `StatusAggregator` interface which only deals with `Status`
results.
- `CompositeHealthIndicator` has been replaced with
`CompositeHealthContributor` which only provides access to other
contributors. A composite can no longer directly return `Health`.
- `HealthIndicatorRegistry` has been replaced with
`HealthContributorRegistry` and the default implementation now
uses a copy-on-write strategy.
- `HealthEndpoint`, `HealthEndpointWebExtension` and
`ReactiveHealthEndpointWebExtension` now extend a common
`HealthEndpointSupport` class. They are now driven by a
health contributor registry and `HealthEndpointSettings`.
- The `HealthStatusHttpMapper` class has been replaced by a
`HttpCodeStatusMapper` interface.
- The `HealthWebEndpointResponseMapper` class has been replaced
by a `HealthEndpointSettings` strategy. This allows us to move
role related logic and `ShowDetails` to the auto-configure module.
- `SimpleHttpCodeStatusMapper` and `SimpleStatusAggregator`
implementations have been added which are configured via constructor
arguments rather than setters.
- Endpoint auto-configuration has been reworked and the
`CompositeHealthIndicatorConfiguration` class has been replaced
by `CompositeHealthContributorConfiguration`.
- The endpoint JSON has been changed make `details` distinct from
`components`.
See gh-17926
Missing change logs would lead to an exception even
if the checkChangeLogLocation was set to false. Spring Boot's check
would pass but Liquibase would fail later making this property redundant.
Fixes gh-16232
Update `@Selector` with a `match` attribute that can be used to select
all remaining path segments. An endpoint method like this:
select(@Selector(match = Match.ALL_REMAINING) String... selection)
Will now have all reaming path segments injected into the `selection`
parameter.
Closes gh-17743
Previously, the sourceDocumentExtension used for the single-page
documentation was htmlsingleadoc and for the multi-page docs they
were adoc and htmladoc. When finding source files to render, the
Asciidoctor Maven Plugin looks for files with a name that ends with
one of the configured extensions. This resulted in the
index.htmlsingleadoc file matching the adoc extention in the
multi-page configuration in addition to the intended match for the
index.htmladoc. As a result both the single-page and multi-page
indexes were rendered when rendering the multi-page documentation.
In addition to this unwanted rendering, if the single-page index was
rendered after the multi-page index, the multi-page index would be
overwritten by the single-page index, leaving the multi-page docs with
the wrong index file. Asciidoctor uses File.listFiles() during its
source file discovery which is documented as having no guarantee
that the resulting array will be in any specific order. As a result,
there was also no guarantee about which index we'd end up with.
Closes gh-17263
Apply checkstyle rule to ensure that private and package private
classes do not have unnecessary public methods. Test classes have
also been unified as much as possible to use default scoped
inner-classes.
Closes gh-7316
This commit also removes the workaround that required to exclude junit 4
explicitly now that a related issue in JUnit Jupiter has been fixed.
Closes gh-17266
On error cases, the "outcome" tag would be missing from recorded metrics
for the `WebClient`.
This commit fixes this issue and improves the reference documentation by
mentioning the tag values used for error cases, when the client response
is not received (I/O errors, client error, etc).
Fixes gh-17219
This commit changes the default file extension for Freemarker templates
from `*.ftl` to `*.ftlh`. This commit also enables by default the
Freemarker setting `"recognize_standard_file_extensions"` to ensure that
HTML escaping is performed by default in Spring Boot applications.
Applications should adapt to this change by changing the file extensions
of existing templates to `.ftlh`.
Closes gh-15131
As of Spring Data Moore, a new reactive template and the
corresponding repositories support have been added.
This commit auto-configures a `ReactiveElasticsearchTemplate`
with the configuration properties under the
`spring.data.elasticsearch.client.reactive` namespace.
To enable this feature, applications require both Spring Data
Elasticsearch dependencies (typically
`spring-boot-starter-data-elasticsearch`) and dependencies
for a `WebClient` (often `spring-boot-starter-webflux`).
The support for the reactive Elasticsearch repositories is
also provided.
Closes gh-16214
This commit auto-configures the Elasticsearch REST client support
as a template for Spring Data Elasticsearch. As of this commit,
using the transport client is still possible but developers
should migrate.
This commit also removes the deprecated annotation on the
Elasticsearch auto-configuration for the transport client, since
this deprecation notice is already present on the configuration
property.
Closes gh-17024
Closes gh-16542
This commit auto-configures CBOR (see https://cbor.io/) codecs in the
RSocketStrategies, using Jackson binary format support.
The required dependency is added to the rsocket starter. Binary codecs
are well suited for RSocket payloads, so this codec is added first to
the list of codecs (before the JSON one already supported).
Closes gh-16830
This commit auto-configures a prototype `RSocketRequester.Builder` bean
for building requester instances. This builder is pre-configured with
auto-detected `RSocketStrategies` (same as the server side).
Closes gh-16280
Prior to this commit, the audit auto-configuration provided
an `InMemoryAuditEventRepository` bean. This commit changes the auto-config
so that an `AuditEventRepository` is not provided and instead the auto-config
is conditional on the presence of a `AuditEventRepository` bean. This is done
to encourage the use of a custom implementation of `AuditEventRepository`
since the in-memory one is quite limited and not suitable for production.
A flag is available if the auto-configuration needs to be turned off even
in the presence of a bean.
Closes gh-16110
Prior to this commit, the http trace auto-configuration provided
an `InMemoryHttpTraceRepository` bean. This commit changes the auto-config
so that an `HttpTraceRepository` is not provided and instead the auto-config
is conditional on the presence of a `HttpTraceRepository` bean. This is done
to encourage the use of a custom implementation of `HttpTraceRepository`
since the in-memory one is quite limited and not suitable for production.
A flag is available if the auto-configuration needs to be turned off even
in the presence of a bean.
Closes gh-15039
When `management.metrics.web.server.auto-time-requests` is enabled
(default=true), Spring Boot collects metrics on controller methods even
when they are not annotated with `@Timed`.
When this happens, created metrics are based on the default
`@Timed` configuration and there is no way to customize the
configuration of those auto-timed controller metrics.
This commit adds default configurations to auto-timed requests on both
client and server sides.
See gh-15988