Update the performance improvements to push certificate loading
and storage into the `JarFileEntries` class. This allows us to
keep certificates without needing to cache all entry data. We
now also keep certificates and code signers in a dedicated class
which is set whenever the full jar stream as been read, even if
the contained values are `null`. The logic that assumes META-INF
entries are not signed has been removed in favor of delegating to
the streamed entry results.
See gh-19041
Update Spring Boot nested JarFile support to improve the performance of
signed jars. Prior to this commit, `certificates` and `codeSigners`
were read by streaming the entire jar whenever the existing values
were `null`. Unfortunately, the contract for `getCertificates` and
get `getCodeSigners` states that `null` is a valid return value. This
meant that full jar streaming would occur whenever either method was
called on an entry that had no result. The problem was further
exacerbated by the fact that entries might not be cached.
See gh-19041
Update `ValidationBindHandler` so that pushed fields that reference
map keys can be used. This fixes a regression that was introduced in
commit 4483f417 when we switched to a `AbstractBindingResult` that no
longer required public getters/setters.
Closes gh-20350
Remove casting "timestamp" to `java.util.Date` in
`ErrorMvcAutoConfiguration` as the cast is not necessary and it
prevents other types (e.g. `java.time`) from being used.
See gh-23256
Prior to this commit, Actuator would sanitize properties values when
serializing them on the dedicated endpoint. Keys like "password" or
"secret" are entirely sanitized, but other keys like "uri" or "address"
are considered as URI types and only the password part of the user info
is sanitized.
This commit fixes the sanitization process where lists of such URI types
would not match the first entries of the list since they're starting
with `'['`. This commit improves the regexp matching process to sanitize
all URIs within a collection.
The documentation is also updated to better underline the processing
difference between complete sanitization and selective sanitization for
URIs.
Fixes gh-23037
Extend `initializeSystem` to search the exception stack for a
FileNotFoundException before reporting the error. This allows
us to provide a similar stack trace to the one that used to be
thrown when we had the `ResourceUtils.getURL` check.
See gh-22946
Remove `ResourceUtils.getURL` checking from `LoggingApplicationListener`
so that logging systems can implement custom location support.
Prior to this commit, we checked in the listener if the specified config
location could be opened as a URL. This unfortunately prevents Log4J
extensions such as `log4j-spring-cloud-config-client` from implementing
configurable SSL and credentials support.
See gh-22946
Create a new `JarFileWrapper` class so that we can wrap and existing
`JarFile` and offer a version that can be safely closed.
Prior to this commit, we provided wrapper functionality in the `JarFile`
class itself. Unfortunately, because we override `close` and also create
a lot of wrappers this caused memory issues when running on Java 11.
With Java 11 `java.util.zip.ZipFile` class uses `FinalizableResource`
for any implementation that overrides `close()`. This means that any
wrapper classes will not be garbage collected until the JVM finalizer
thread runs.
Closes gh-22991
Update metrics auto-configurations so that they are auto-configured
after `CompositeMeterRegistryAutoConfiguration` in order to ensure
the `MeterRegistry` bean has been defined.
Prior to this commit, metrics auto-configurations that depended on a
`MeterRegistry` has `@AutoConfigureAfter(MetricsAutoConfiguration.class)`
which is not sufficient since `MetricsAutoConfiguration` does not export
a `MeterRegistry`.
See gh-21134
Prior to this commit, DebugAgentEnvironmentPostProcessor throws a
RuntimeException with a generic error message if its initialization
fails. The causing exception is discarded, which makes error analysis
unnecessarily difficult.
This commit attaches the cause to the newly thrown RuntimeException.
See gh-22777
Previously, the endpoints' responses could occasionally exceed
WebClient's in-memory buffer limt, for example if the threads endpoint
was reporting a large number of threads or the threads had large
stacks.
This commit disables WebClient's in-memory buffer size limit so that
the tests passing is not dependent on the size of the endpoints'
responses.
Closes gh-22743
Previously, waitsForQuietPeriod would iterate 10 times, touching a new
file and then sleeping for 100ms at it did so. With a quiet period of
200ms, this was intended to result in a single change set containing
10 files. However, the test would fail occasionally as multiple change
sets were detected. The test is multi-threaded and is, therefore, at
the mercy of the scheduler. If the thread that is iterating and
touching the files takes over 200ms to be scheduled – exceeding the
watcher's quiet period – the watcher may detect a change set while the
changes are still being made. Eliminating this possibilty would require
the test to participate in the watcher's synchronization, which would
require some changes to its implementation. Instead, this commit
aims to avoid the problem by sleeping for 1/10 of the time (10ms) and
expecting a single change set of 100 files. The hope is that the much
shorter sleep time will result in the file touching thread being
scheduled well within the 200ms quiet period.
Closes gh-22732
This commit harmonizes dependency declarations for Jackson in the
actuator. Both Jackson and JSR 310 are back to optional in the core
actuator module and mandatory when using the auto-configuration.
Closes gh-22624
Prior to this change, TaskExecutorBuilder used seconds as its precision
to map the awaitTerminationPeriod value. This caused a loss of
millisecond information in the period.
This commit fixes the loss by converting the period to millisecond and
using setAwaitTerminationMillis to configure the executor.
See gh-22604
Previously, ignoring invalid fields would cause the failure for an
unknown field to be ignored, irrespective of the ignoreUnknownFields
attribute on `@ConfigurationProperties`.
This commit updates the NoUnboundElementsBindHandler to ensure that
any UnboundConfigurationPropertiesException is thrown rather than
being ignored when the handler has been wrapped by an
IgnoreErrorsBindHandler.
Fixes gh-22308
The fix for gh-20916 updated DefinitionsParser so that the
ResolvableType for each MockBean or SpyBean field included the
implementation class from which the field was found. Where the field
was declared with a variable generic signature that was made constant
by its implementation class, this allowed the correct concrete type to
be determined. It also had the unintended side-effect of preventing two
test classes with identical `@MockBean` and `@SpyBean` configuration
from sharing a context as the resolvable types for their mock and spy
bean fields would now be different.
This commit updates DefinitionsParser to only include the
implementation class in the ResolvableType if the field's generic type
is variable. For cases where it is not variable, this restores the
behaviour prior to the fix for gh-20916.
Fixes gh-22566
Previously, background pre-init was started in response to the
application starting event. This meant that it would be running while
the logging turbo filter was in place and was rejecting all logging.
As a result, any logging performed during pre-init would be lost.
This commit changes background pre-init so that it is now started
in response to the application environment prepared event. By this
point, the logging turbo filter has been removed as the logging levels
have been configured from the environment.
Closes gh-21897
Previously, only UndertowOptions was used as the source of options for
both server and socket options, but it only contains server options.
As a result, attempting to configure any socket options defined by
XNIO's Options class would fail.
This commit updates the property-based configuration of options to use
UndertowOptions as the source for server options and XNIO's Options as
the source for socket options.
Fixes gh-22502
The generated snippets were not declared as an output to the
`spring-boot-actuator-autoconfigure` test goal so when the test was
pulled from the cache, it did not contain the `generated-snippets`
directory. This directory is required as an input to the Asciidoctor
plugin.
See gh-22555
This adds build caching and build scans.
The changes required disabling scans when using the maven invoker
plugin in order to not cause duplicate build scans when invoking other
maven builds. There is also an empty `.mvn` folder in the
spring-boot-starters project to prevent duplicate build scans as well
since there is no way to pass properties to the maven-javadoc-plugin.
The checkstyle plugin was causing a cache miss with the
`propertyExpansion` because it contains an absolute path. The absolute
path is now ignored and instead the files are added as inputs to the
checkstyle plugin. This only enables the local build cache. The remote
cache is not yet enabled.
On my local machine:
./mvnw clean install build times go from about 30 minutes to about 10 minutes.
./mvnw clean install -Pfull build times go from about 60 minutes to about 13 minutes.
See gh-22089
Previously, regular bean definitions for configuration properties classes
that attempt to use constructor binding were detected in a bean factory
post-processor, ConfigurationPropertiesBeanDefinitionValidator. This
validation examined every standard bean definition and failed if it
encountered one for a class that should have used constructor binding.
There were two downsides to this approach:
1. Reflection used to identify if the bean should be using constructor
binding triggered class loading that could prevent subsequent
instrumentation by a load-time weaver.
2. The cost of the validation was incurred when there was no
misconfiguration to report.
This commit replaces ConfigurationPropertiesBeanDefinitionValidator
with a failure analyzer. This failure analyzer only runs once a failure
has occurred and the application context is not going to complete
refresh. This avoids causing problems with subsequent instrumentation
and also avoids the cost of validation and error reporting unless there
is an error.
Fixes gh-20798
Since Spring Framework 4.3.0.RC2, a default embedded value resolver
has been registered with the bean factory when one is not otherwise
configured. This meant that placeholders in `@Value` would be resolved
with or without PropertyPlaceholderAutoConfiguration defining a
PropertySourcesPlaceholderConfigurer bean. However, placeholders in
bean definitions would only be resolved if a
PropertySourcesPlaceholderConfigurer was defined.
This commit updates PropertyPlaceholderAutoConfigurationTests to align
with this change in Framework. We now test that placeholders are
resolved in `@Value` annotations with or without the auto-configuration
and that placeholders in bean definitions are only resolved with the
auto-configured.
Closes gh-22230
Previously, if TomcatMetricsBinder destroy() was called before it had
received an ApplicationStartedEvent an NPE would be thrown due to
TomcatMetrics being null. This NPE was then caught and logged at
warning level by the disposable bean adapter.
This prevents the NPE by checking that the TomcatMetrics instance is
null before calling close() on it.
See gh-22141
Previously, the thread dump endpoint's response could exceed
WebClient's in-memory buffer limt when there were a large number of
threads or the threads had large stacks.
This commit disables WebClient's in-memory buffer size limit so that
the test passing is not dependent on the number of active threads and
their stack sizes.
Closes gh-22101
Prior to Spring Data Redis version 2.2.8, the contents of the
Properties object returned from the
ReactiveRedisConnection.ServerCommands.info API were the same
for clustered and non-clustered Redis configurations, containing a set
of key/value pairs. This allowed ReactiveRedisHealthIndicator to get
a version property using a well-known key. Starting with Spring Data
Redis 2.2.8, the info property keys contain a host:port prefix in a
clustered Redis configuration. This prevented
ReactiveRedisHealthIndicator from getting the version property as
before and resulted in the health always being reported as DOWN.
This commit adjusts ReactiveRedisHealthIndicator to detect the
clustered configuration from Spring Data Redis and find the version
property for one of the reported cluster nodes.
Fixes gh-22061
Update `Group` properties so that the `showDetails` value does not
inherit `Show.NEVER`. Prior to this commit, the `Group` properties
would not correctly inherit a `showDetails` value from the main
`management.endpoint.health.show-details` property.
See gh-22022
Previously, the configuration property table generation was reading
both the main metadata and the additional metadata from each project.
This was unnecessary as the annotation processor will have already
merged the additional metadata into the main metadata before writing
it to disk. Processing both the main and additional metadata led to
a clash as the metadata overlapped. When the entry in the additional
metadata won the clash, the resulting entry in the configuration
property table would lose any details that aren't contained in the
additional metadata.
This commit updates the property table generation code to only use
the main metadata files.
Fixes gh-21131
Previously, when file-based logging was enabled, Logback would output
the following during logging system initialization:
LOGBACK: No context given for c.q.l.core.rolling.SizeAndTimeBasedRollingPolicy
This commit updates the default logback configuration to set the
context on the SizeAndTimeBasedRollingPolicy that it creates.
Fixes gh-21056
This commit aligns log4j2's behavior with logback such that loggers
with a null configuredLevel are also returned by the actuator endpoint.
Fixes gh-20037
This commit updates the logic for handling binding exceptions in the
management context when it is separate from the application context.
The changes allow the exception details to be visible to
DefaultErrorAttributes without causing the servlet container to
detect an error condition.
Fixes gh-21036
Previously, AutoConfigureMockMvc used Spring Security's default filter
ordering, ignoring the value configured by SecurityProperties that is
used at runtime. This resulted in different ordering at runtime and in
tests.
This commit updates the configuration for AutoConfigureMockMvc to
import the Spring Security filter auto-configuration, thereby ensuring
that the ordering configured via SecurityProperties is applied.
Fixes gh-21801
Stephane Nicoll
Phillip Webb
mathieufortin01
lock14
David Good
Andy Wilkinson
Ralph Goers
spencergibb
Ivo Smid
dreis2211
Martin Benda
Maciej Walkowiak
smlc
Johnny Lim
John Franco
Madhura Bhave
Gabriele Bianchet-David
davidbilge
biergit
Tadaya Tsuyukubo
Nelson Osacky
Clayton Walker
XenoAmess
im47cn
May
Scott Frederick
Leo Li
Konrado85
Marco Pens
Tomek Szmytka
lltx