This commit reworks the support for enabling and disabling endpoints,
replacing the on/off support that it provided with a finer-grained
access model that supports only allowing read-only access to endpoint
operations in addition to disabling an endpoint (access of none) and
fully enabling it (access of unrestricted).
The following properties are deprecated:
- management.endpoints.enabled-by-default
- management.endpoint.<id>.enabled
Their replacements are:
- management.endpoints.access.default
- management.endpoint.<id>.access
Similarly, the enableByDefault attribute on @Endpoint has been
deprecated with a new defaultAccess attribute replacing it.
Additionally, a new property has been introduced that allows an
operator to control the level of access to Actuator endpoints
that is permitted:
- management.endpoints.access.max-permitted
This property caps any access that may has been configured for
an endpoint. For example, if
management.endpoints.access.max-permitted is set to read-only and
management.endpoint.loggers.access is set to unrestricted, only
read-only access to the loggers endpoint will be allowed.
Closes gh-39046
Add `toAdditionalPaths(...)` methods on the servlet and reactive
`EndpointRequest` classes to support matching of additional paths.
A new `AdditionalPathsMapper` interface provides the mappings between
endpoint IDs and any additional paths that they might use. The existing
`AutoConfiguredHealthEndpointGroups` class has been updated to implement
the interface.
Auto-configurations have also been updated so that additional health
endpoint paths (typically `/livez` and `/readyz`) are permitted
when using Spring Security without any custom configuration.
Fixes gh-40962
Deprecate `EndpointExposure.CLOUD_FOUNDRY` and introduce an alternative
implementation based on a pluggable abstraction.
The new `EndpointExposureOutcomeContributor` interface may now be used
to influence `@OnAvailableEndpointCondition` exposure results. Several
infrastructure beans that previously used the condition have been
refactored to always be registered, but tolerate missing endpoints.
A new smoke test application has been added that demonstrates how the
abstraction can be used by a third-party.
Closes gh-41135
Co-authored-by: Phillip Webb <phil.webb@broadcom.com>
As of spring-projects/spring-framework#24560, Spring provides additional
metadata for scheduled tasks:
* next execution time
* last execution outcome (including status, time and raised exception)
This commit leverages this information to enhance the existing
`scheduledtasks` Actuator endpoint.
Closes gh-17585
Spring Framework wraps `Task` and `ScheduledTask` runnables to collect
and share metadata about task execution and scheduling.
The `ScheduledTasksEndpoint` descriptors were relying on the fact that
tasks would never be wrapped. Spring Framework already wrapped runnables
in various cases, for methods returning `Callable` or reactive types.
This commit makes use of the `toString()` method to describe the
runnable. Runnable implementations can override this method for
displaying purposes on the actuator endpoint.
See spring-projects/spring-framework#24560
See gh-41177
Replace `DockerImageNames` with a enum and relocate it from the
`testcontainers` to `container` package. The enum now also
becomes a common location that we can use to apply container
configuration such as timeouts.
Closes gh-41164
Co-authored-by: Phillip Webb <phil.webb@broadcom.com>
Prior to this commit, applications could declare Actuator Endpoints
using web framework-specific annotations, such as `@ServletEndpoint`,
@ControllerEndpoint and @RestControllerEndpoint.
Such annotations are closely tied to the programming model of specific
web technologies, such as Servlet or Spring MVC. Unlike other
`@Endpoint` support, they are not portable and will not work
transparently over blocking/reactive and transports.
Because of the strong adherence of this support with the underlying
infrastructure, it makes it impossible to evolve the implementation of
Actuator support without breaking this use case. The reference
documentation has been advocating for using `@Endpoint` and
`@*Operation` for custom endpoints for a long time now.
This commit deprecates this specific support in favor of the recommended
approach.
Closes gh-31768
Deprecates the support for simpleclient but ensures that it can work in
conjunction with support for the latest Prometheus client
auto-configuration.
This involves breaking changes to update public classes to support the
latest Prometheus client. Deprecated support for Prometheus simpleclient
is provided in renamed classes.
See gh-40023
At present, Actuator sessions endpoint is supported only on a Servlet stack and also requires an indexed session repository. With Spring Session moving to non-indexed session repositories as a default for some session stores, this means that sessions endpoint won't be available unless users opt into a (non-default) indexed session repository.
This commit updates SessionEndpoint so that it is able to work with a non-indexed session repository. In such setup, it exposes operations for fetching session by id and deleting the session.
Additionally, this also adds support for reactive stack by introducing ReactiveSessionEndpoint and its auto-configuration support.
See gh-32046
Phillip Webb
Andy Wilkinson
Moritz Halbritter
Yanming Zhou
Johnny Lim
Scott Frederick
Jonatan Ivanov
cms04
Brian Clozel
chu3la
Ahmed Ashour
Khan, C M Abdullah
Spencer Gibb
Tommy Ludwig
Wzy19930507
Tobias Lippert
Vedran Pavic
Andy Wilkinson