📜 ⬆️ ⬇️

Spring Boot 2: what's new?

From the translator: in spite of the fact that a year has already passed, the questions about what new gave us the 2nd Boot do not end there. To write such content from scratch is not the smartest idea. Therefore, we decided to translate the article, which seems to us the most concise and at the same time quite complete.


The release of Spring Boot 2 took place in early 2018, and everyone can’t wait to see it in action. This release was the culmination of 17 months of work and over 6800 commits from 215 different people. There are a lot of cool features that are worth discussing, so let's talk about what's new in Spring Boot 2.


In this article we will look at:



Spring Boot History


Before delving into innovations, I would like to take this opportunity to tell a little about the history of Spring Boot. In a post published in August 2013, on his blog, Phil Webb announced the first landmark release of the project called Spring Boot .


Spring Boot is designed to make the creation of ready-to-work applications and services for Spring simple, without undue effort. Spring Boot is a subjective view of the Spring platform, which allows both novice and experienced Spring users to find everything they need. With the help of Boot, you can create stand-alone applications launched as 'java -jar' or distributed by a more traditional WAR format.


After about 9 months, in April 2014, Spring Boot 1.0 was released. Since then, there have been many minor releases and new useful features.


Spring Boot 1.1 (June 2014)



Spring Boot 1.2 (March 2015)



Spring Boot 1.3 (December 2016)



Spring Boot 1.4 (January 2017)



Spring Boot 1.5 (February 2017)



What's new in Spring


So what's new in Spring Boot 2? If we talk about the biggest innovation, then this update of the Spring Framework to the 5th version. Since the Spring Framework 5 came out in September 2017, most developers (like me) have been waiting for the release of Spring Boot 2. Spring Framework 5 has a considerable list of new features, but I would like to talk about only a few of the most important ones.


What's new in Spring Framework 5


Java 8+ version support


If you continue to want to create applications on the Spring Framework, you need to work with the Java 8+ version. You probably thought that this is a very important change for all of us, but for the Spring team it is even more important. This made it possible to update the source code base to Java 8 with all its new features like lambda expressions or streams. This not only makes the code more readable, but also improves the performance of the platform’s core.


Java 9 support


If you want to use Java 9, you need to upgrade to Spring Framework 5 and also to Spring Boot 2. I know that many are not yet using the latest versions of Java in production, and this is a great opportunity to experiment with new cool “toys”. Everything should work without problems when using the standard classpath, but I read about some difficulties when switching to Java 9 modules.


Spring MVC


Although Spring MVC is not at the center of the story in this article, it is worth saying that there have been several nice upgrades. I will not dwell on them, details can be found in the documentation for the Spring Framework 5 .


Spring webflux


Asynchronous data flows are central to the story of the Spring Framework 5. This is a completely different type of thinking, but fortunately for us there is no need to re-learn how to write applications in a completely new way. Spring WebFlux is a completely asynchronous and non-blocking framework built from scratch that allows you to cope with a large number of parallel connections. Although this is a paradigm revolution, it will not be so difficult to start.


Webflux


Kotlin support


Kotlin support has been added back to http://start.spring.io , but Spring Framework 5 has specialized support for this language, which has brought useful features, you can read about them here .


Improvements in testing mechanisms


The biggest change in the testing system is full support for JUnit 5 Jupiter. I’ll talk about this in more detail below, but when you launch a new application on Spring Boot 2, you still use JUnit 4 by default, but switching to JUnit 5 is a trivial task.


What's new in Spring Boot 2


Third Party Updates


With each new release of Spring Boot, the Spring team is able to update various dependencies.



* Thymeleaf starter now has a built-in thymeleaf-extras-java8time.


Security and Reactive Spring Data


With the transition to Spring WebFlux, Spring Data has added support for applications with asynchronous data streams. Currently, Cassandra, MongoDB, Couchbase and Redis have support for the asynchronous API. In Spring Boot there are POM starters for all of them, thanks to which it is very easy to start working with them.


It also became possible to use Spring Security 5.0 in our reactive applications.


Actuator


Spring Boot Actuator is nothing new, but it was rewritten from scratch. If you are not familiar with Actuator, this is what it does: it automatically displays endpoints to get information about the status of the application. Actuator in Spring Boot 1.x was written on top of servlets, and with the new reactive approaches, the Spring team needed a solution that supports both the old and reactive approaches. In addition, the following changes were made to Actuator:



Probably, there may be difficulties in the upgrade due to changes in the security model, which we will discuss later. By default, all web-endpoint's are accessible via the /actuator path with a URL in the form /actuator/{id} . The path / actuator can be changed in the settings management.endpoints.web.base-path .


There is a detailed separate documentation block for the Spring Boot Actuator Web API Endpoints , you should start with it to familiarize yourself with this tool.


Gradle plugin


I always really liked Gradle, and I absolutely loved that the team decided to rewrite the plugin for Gradle.
The Spring Boot Gradle plugin allows you to implement Spring Boot support in Gradle and allows you to package executable jar or war archives, run applications on the Spring Boot and manage dependencies through spring-boot-dependencies. Gradle plugin in Spring Boot requires Gradle 4.0 or later.


Beginning of work


To start working with the plugin, you need to load it to the project.


 buildscript { repositories { maven { url 'https://repo.spring.io/libs-milestone' } } dependencies { classpath 'org.springframework.boot:spring-boot-gradle-plugin:2.0.0.RC1' } } apply plugin: 'org.springframework.boot'

Creating executable jar and war archives


The bootRepackage task has been replaced by bootJar and bootWar to create jar and war files respectively. Both tasks have more functionality than the standard similar command Gradle, providing access to all settings and logic.


Dependency management


The Gradle plugin in Spring Boot no longer pulls the plugin to manage dependencies automatically. Instead, the Gradle Spring Boot plugin sees that the dependency management plugin is connected and imports the correct version of BOM. This allows you to better control where and how dependency management is configured. For most applications, it will be enough to add a plugin for managing dependencies:


 apply plugin: 'io.spring.dependency-management'

The Gradle plugin has its own documentation , which contains very useful information. I recommend that anyone who wants to start working with Gradle follow this link.


Simplified Security System


One of the main goals in Spring Boot 2.x was to simplify the security configuration and make it so that you can easily add custom security settings. By default, all data is protected, including static resources and enduints of Actuators. If Spring Security is in the classpath, Spring Boot will add the @EnableWebSecurity annotation, and what specific authentication mechanism will be used will determine the content-negotiation mechanism from Spring Security.


When a user configures his security rules, the standard configuration of the Spring Boot security system will no longer be valid. At this stage, the user will need to accurately write down all the safety rules. This means that all security settings are collected in one place and there are no problems with the order of processing commands with the existing WebSecurityConfigurerAdapters .


An example of individual security settings:


 http .authorizeRequests() // 1 .requestMatchers(EndpointRequest.to("status", "info")) .permitAll() // 2 .requestMatchers(EndpointRequest.toAnyEndpoint()) .hasRole("ACTUATOR") // 3 .requestMatchers(StaticResourceRequest.toCommonLocations()) .permitAll() // 4 .antMatchers("/**") .hasRole("USER") .and() ... // additional configuration

  1. /status and /info do not require authorization.
  2. All other actuators are protected by the role ACTUATOR .
  3. Location of shared static resources available to all.
  4. All other endpoint applications are protected by the USER role.

Actuator security


Given that actuator's endpoints are fixed, it is necessary to include or exclude endpoints, depending on which ones you need. Here are the settings that control this, since release 1.x they have changed.


 # ENDPOINTS WEB CONFIGURATION (WebEndpointProperties) management.endpoints.web.exposure.include=info,health # Endpoint IDs that should be included or '*' for all. management.endpoints.web.exposure.exclude= # Endpoint IDs that should be excluded. management.endpoints.web.base-path=/actuator # Base path for Web endpoints. Relative to server.servlet.context path or management.server.servlet.context-path if management.server.port is configured. management.endpoints.web.path-mapping= # Mapping between endpoint IDs and the path that should expose them.

If you are not sure how to configure these settings, bookmark the documentation for the general settings of the application .


HTTP / 2 support


Incredibly, the release of the HTTP 1.1 specification was already in 1996. I suppose it’s not necessary to remind you that the modern network is different in all respects. If you want to implement HTTP / 2 support in a Spring MVC or WebFlux application, use the following parameter.


 server.http2.enabled=true

HTTP / 2 support depends on the selected web server and application environment, since this protocol is not supported in JDK8 out of the box. Read more about this in the documentation .


Configuration parameters


In Spring Boot 1.x, the so-called relaxed binding was supported, in other words, you could define the name of the parameter in many ways (camel-case, underscore, hyphen), and eventually the value was assigned to the same property.


Relaxed binding works the same way, and the way you read variables in your code has changed:


Data read


24. Externalized Configuration


It can be up to the same docs.spring.io


Metrics


Spring Boot's own metric has been replaced by Micrometer. It is developed by the Pivotal team and quickly adapts to Pivotal projects.


Spring Boot Actuator provides autoconfiguration for Micrometer , an application metrics interface that supports many types of monitoring, including:



Micrometer


More information about Micrometer at https://micrometer.io/ .


An upgrade because of this can be painful for those who log tons of custom metrics.


Quartz Scheduler


In Spring Boot 2, there is support for the Quartz schedule execution library, which is easy to add with the spring-boot-starter-quartz starter. Supports work on RAM and on JDBC.


 <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-quartz</artifactId> </dependency>

HikariCP Connection Pool


Standard connection pool changed from Tomcat to HikariCP. If you used spring.datasource.type to get Hikari to work in the Tomcat application, you can remove it. Similarly, if you want to continue using the Tomcat pool, simply add the following to your configuration:


 spring.datasource.type=org.apache.tomcat.jdbc.pool.DataSource

Developer Tools


By default, every time the application is restarted, a report on the differences in configurations is recorded. In other words, the report shows the changes in the auto-configuration of the application that occur as you make changes such as deleting / adding beans and setting configuration parameters.


To disable the recording of this report, configure the following parameter:


 spring.devtools.restart.log-condition-evaluation-delta=false

Kotlin support


Earlier in this article it was mentioned about the official support of Kotlin. There is also a specialized Kotlin documentation block .


JUnit 5


As mentioned above, Spring Boot applications still use JUnit 4 by default. If you want to upgrade to JUnit 5, you need to exclude JUnit 4 from spring-boot-starter-test and add the necessary dependencies. You will also need plugins from the list below.


 <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> <exclusions> <exclusion> <groupId>junit</groupId> <artifactId>junit</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.junit.jupiter</groupId> <artifactId>junit-jupiter-api</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>org.junit.jupiter</groupId> <artifactId>junit-jupiter-engine</artifactId> <scope>test</scope> </dependency> </dependencies> <build> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-surefire-plugin</artifactId> <dependencies> <dependency> <groupId>org.junit.platform</groupId> <artifactId>junit-platform-surefire-provider</artifactId> <version>${junit-platform.version}</version> </dependency> </dependencies> </plugin> </plugins> </build>

Spring Boot 2 Migration Guide


I think it is possible not to talk about such an obvious fact that with such a large release just changing the version number in production is not the best way to upgrade. First of all, I would advise you to read the Spring Boot 2.0 Migration Guide . Personally, I found the solution to most of my problems in a simplified security model and parameter changes. This guide has great tips for transferring parameter files.


In Spring Boot 2.0, many configuration options have been renamed / deleted, and developers need to update application.properties / application.yml to reflect these changes. To facilitate this task, Spring Boot implemented the delivery of a new spring-boot-properties-migrator module. Being added to your project as a dependency, it will not only analyze the application environment and display diagnostic results on startup, but also temporarily migrate settings in runtime. This is a necessary action when migrating an application:


 <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-properties-migrator</artifactId> </dependency>

I don’t know what you think about it, but I’ll definitely start messing around with Spring Boot 2 and working on migrating the code to this version, but usually with any major release I’m waiting for the release of the next minor version. This applies not only to Spring, but also to other brands from Apple to Pivotal and even Angry Birds!



Source: https://habr.com/ru/post/438980/

More articles: