Add a `NestedFileSystemProvider` implementation so that the JDK's
`ZipFileSystem` can load content from nested jars and nested
directory entries.
Creating a `ZipFileSystem` may be a relatively expensive operation as
zip structures need to be parsed and in the case of directory entries
a virtual datablock nees to be generated on the fly. As such, we
install the `ZipFileSystem` as late as possible since in a typical
application it may never be needed.
This commit also tweaks Gradle and Maven plugins to ensure that the
service loader file is written to repackaged jars.
Closes gh-7161
Update Gradle and Maven plugins to write an empty `META-INF/BOOT.SF`
file whenever there is a nested signed jar.
This update allows Oracle Java 17 to correctly verify the nested JARs.
The file is required because `JarVerifier` has code roughly equivalent
to:
if (!jarManifestNameChecked && SharedSecrets
.getJavaUtilZipFileAccess().getManifestName(jf, true) == null) {
throw new JarException("The JCE Provider " + jarURL.toString() +
" is not signed.");
}
The `SharedSecrets.getJavaUtilZipFileAccess().getManifestName(jf, true)`
call ends up in `ZipFile.getManifestName(onlyIfSignatureRelatedFiles)`
which is a private method that we cannot override in our `NestedJarFile`
subclass. By writing an empty `.SF` file we ensure that the `Manifest`
is always returned because there are always "signature related files".
Fixes gh-28837
Update `spring-boot-loader-tests` with a test that checks verified
BouncyCastle jars can be loaded. Currently the Oracle JDK only supports
verification if the jar is unpacked.
See gh-28837
Update `spring-boot-launch-script-tests` and `spring-boot-loader-tests`
so that JDK archives are now downloaded by Gradle and cached across
builds.
Closes gh-37450
Create alternative launcher classes under the package
`org.springframework.boot.loader.launch` and use them in favor
of the previous location.
This update is designed to improve compatibility with future
changes in the loader.
Closes gh-37667
* Simplify produce/consume verify via OutputCapture
* Remove spring-boot-smoke-test-pulsar-reactive as
no other smoke tests split them out
See gh-37196
Previously, when a Servlet-based WebServer was stopped it would also
stop the ServletContext. This led to problems as Tomcat and Undertow
would then not allow a restart. Jetty would allow a restart but
duplicate servlet registrations would then be attempted.
This commit modifies the WebServer lifecycle to separate stopping
and destruction for both servlet and reactive web servers. This
allows a WebServer's stop() implementation to leave some components
running so that they can be restarted. To completely shut down a
WebServer destroy() must now be called.
Both Tomcat and Jetty WebServers have been updated to stop their
network connections when stop() is called but leave other components
running. This works with both servlet and reactive web servers.
Note that an Undertow-based Servlet web server does not support
stop and restart. Once stopped, a Servlet Deployment cannot be
restarted and it does not appear to be possible to separate the
lifecycle of its network connections and a Servlet deployment.
Reactor Netty and Undertow-based reactive web servers can now also
be stopped and then restarted. Calling stop() stops the whole server
but this does not cause a problem as there's no (application-exposed)
ServletContext involved. There may be room to optimize this in the
future if the need arises.
Closes gh-34955
Docs related to gh-33280 (log correlation) and
gh-35593 (application name in each log line) need some polishing:
- Fix project names
- Show how to avoid having the application name duplicated in logs
- Call out that a trailing space is needed in the correlation pattern
Closes gh-36035
See gh-33280
See gh-35593
Update Logback and Log4J2 so that they include the application name on
each log line. If `spring.application.name` had not been set, or if
`logging.include-application-name` is `false` then the name is not
logged.
Closes gh-35593
Most notably, this commit splits the tests that use Spring REST Docs
out into a separate task for which predictive test selection is
disabled. This allows it to be cached and use Gradle's built-in
up-to-date checking, thereby avoiding the generation of new snippets
and the need to then run the asciidoctor and asciidoctorPdf tasks.
It also updates spring-boot-smoke-test-junit-vintage to disable
predictive test selection so that we can continue to assert that
the some tests were executed.
See gh-35869
Remove `@ImportAutoConfiguration(SslAutoConfiguration.class)`, since
`SslAutoConfiguration.class` is already provided as an
auto-configuration with `@SpringBootTest`
See gh-35655
Fixes an issue where auto-configuration for Spring Authorization Server
was overriding the default exception handling (AuthenticationEntryPoint)
resulting in anonymous requests to the token endpoint being redirected
to the Spring Security login page instead of returning 401 Unauthorized.
Auto-configuration now registers a defaultAuthenticationEntryPointFor
that is added to any other entry points already configured.
See gh-35368
Add auto-configuration for `Container` beans that are also
annotated with `@ServiceConnection`. This commit allow
testcontainers to be used at development time and a new section
has been added to the documentation to describe the feature.
Closes gh-35022
Update restcontainers service connections support so that
technology specific `@ServiceConnector` annotations are not longer
required.
A single `@ServiceConnector` annotation can now be used to create
all `ConnectionDetail` beans.
Closes gh-35017
Building upon the auto-configuration support for service connections,
this commit adds support for deriving connection details from a
Testcontainers-managed container. Several service-specific
annotations have been introduced. These annotations can be used on a
container field to indicate that it is a source of the details for
a service connection.
See gh-34658
Co-Authored-By: Phillip Webb <pwebb@vmware.com>
Co-Authored-By: Mortitz Halbritter <mkammerer@vmware.com>
Update `spring-boot-smoke-test-ant` so that the ant lib folder is always
cleaned. Prior to this commit, it was possible for the folder to contain
stale artifacts.
Remove `spring-boot-smoke-test-webflux-ssl` since it's more of
an integration test than a smoke test. We could consider
relocating it to `spring-boot-integration-tests` but since we
have unit tests with a mock PCKCS11 security it's probably
best to see if we can get away without it.
See gh-32179
Rename `/actuator/httptrace` to `/actuator/httpexchanges` to better
describe its purpose and to remove confusion with distribute tracing.
This change also takes the opportunity to improve the code by making
the `HttpExchange` class (previously `HttpTrace`) fully immutable.
Closes gh-32885
Co-authored-by: Andy Wilkinson <wilkinsona@vmware.com>
This commit adds a `Build-Jdk-Spec` attribute to the manifest in a
jar or war file built with the Spring Boot Gradle plugin. This
aligns the Gradle plugin's behavior with the default Maven plugin
behavior.
This removes the need to set a `BP_JVM_VERSION` environment variable
when invoking Cloud Native Buildpacks, as the Paketo buildpacks will
honor `Build-Jdk-Spec` in a jar or war manifest to determine the
default JVM version.
Fixes gh-32829
Scott Frederick
Eddú Meléndez
Phillip Webb
Claudio Nave
Moritz Halbritter
Christoph Dreis
Andy Wilkinson
Johnny Lim
Chris Bono
Stephane Nicoll
ThomazPassarelli
Jonatan Ivanov
Steve Riesenberg
Madhura Bhave
Michael Weidmann
Krzysztof Krason
cdanger