Skip to content

Commit

Permalink
chore(dependency): upgrade spring boot from 2.6.x to 2.7.x (spinnaker…
Browse files Browse the repository at this point in the history
…#1186)

Unpin netty-bom to align with spring boot during upgrade to spring boot 2.7.x
With spring boot 2.7.18, separate dependency management for netty-tcnative has been removed in favor of the dependency management provided by Netty’s bom.
https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.7-Release-Notes#separate-dependency-management-for-netty-tcnative-removed

Exclude DataSourcePoolMetricsAutoConfiguration class from auto-configuration to resolve circular reference issue during upgrade to spring boot 2.7.x
While upgrading spring boot 2.7.18, encounter below error during test compilation of kork-sql module:
```
***************************
APPLICATION FAILED TO START
***************************

Description:

The dependencies of some of the beans in the application context form a cycle:

┌─────┐
|  registry defined in class path resource [com/netflix/spinnaker/kork/metrics/SpectatorConfiguration.class]
↑     ↓
|  simpleMeterRegistry defined in class path resource [org/springframework/boot/actuate/autoconfigure/metrics/export/simple/SimpleMetricsExportAutoConfiguration.class]
↑     ↓
|  dataSourcePoolMetadataMeterBinder defined in class path resource [org/springframework/boot/actuate/autoconfigure/metrics/jdbc/DataSourcePoolMetricsAutoConfiguration$DataSourcePoolMetadataMetricsConfiguration.class]
↑     ↓
|  dataSource defined in class path resource [com/netflix/spinnaker/kork/sql/config/DefaultSqlConfiguration.class]
↑     ↓
|  dataSourceFactory defined in class path resource [com/netflix/spinnaker/kork/sql/config/HikariDataSourceConfiguration.class]
↑     ↓
|  hikariMetricsTrackerFactory defined in class path resource [com/netflix/spinnaker/kork/sql/config/HikariDataSourceConfiguration.class]
└─────┘

Action:

Relying upon circular references is discouraged and they are prohibited by default. Update your application to remove the dependency cycle between beans. As a last resort, it may be possible to break the cycle automatically by setting spring.main.allow-circular-references to true.
```
To fix circular reference issue excluded the `org.springframework.boot.actuate.autoconfigure.metrics.jdbc.DataSourcePoolMetricsAutoConfiguration` class from auto-configuration while building sql configuration in `DefaultSqlConfiguration` class.

Replace spring.factories with AutoConfiguration.imports file to enable auto-configuration during upgrade to spring boot 2.7.x
In spring boot 2.7.x, major change has been introduced for auto-configuration registration. The registration has been moved from spring.factories under the org.springframework.boot.autoconfigure.EnableAutoConfiguration key to a new file named META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports.
https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.7-Release-Notes#changes-to-auto-configuration
So, replacing the registration of auto-configuration classes from spring.factories to META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports.

Update mysql connector coordinate during upgrade to spring boot 2.7.x
In spring boot 2.7.8 onwards mysql connector coordinate `mysql:mysql-connector-java` has been removed and only `com.mysql:mysql-connector-j` coordinate exist.
https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.7-Release-Notes#mysql-jdbc-driver
So, updating the mysql connector coordinate as `com.mysql:mysql-connector-j` with spring boot upgrade to 2.7.18.
https://repo1.maven.org/maven2/org/springframework/boot/spring-boot-dependencies/2.7.18/spring-boot-dependencies-2.7.18.pom

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
  • Loading branch information
j-sandy and mergify[bot] authored Jun 12, 2024
1 parent fba3eea commit 8180419
Show file tree
Hide file tree
Showing 26 changed files with 33 additions and 43 deletions.
3 changes: 0 additions & 3 deletions kork-actuator/src/main/resources/META-INF/spring.factories
Original file line number Diff line number Diff line change
@@ -1,3 +0,0 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.netflix.spinnaker.kork.actuator.ActuatorEndpointsConfiguration,\
com.netflix.spinnaker.kork.actuator.ResolvedEnvEndpointAutoConfiguration
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
com.netflix.spinnaker.kork.actuator.ActuatorEndpointsConfiguration
com.netflix.spinnaker.kork.actuator.ResolvedEnvEndpointAutoConfiguration
2 changes: 0 additions & 2 deletions kork-aws/src/main/resources/META-INF/spring.factories
Original file line number Diff line number Diff line change
@@ -1,2 +0,0 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.netflix.spinnaker.kork.aws.AwsComponents
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
com.netflix.spinnaker.kork.aws.AwsComponents
Original file line number Diff line number Diff line change
@@ -1,7 +1,2 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.netflix.spinnaker.kork.configserver.autoconfig.CloudConfigAutoConfiguration, \
com.netflix.spinnaker.kork.configserver.autoconfig.SpringCloudAwsConfiguration, \
com.netflix.spinnaker.kork.configserver.autoconfig.SpringCloudAwsS3ResourceLoaderConfiguration, \
io.awspring.cloud.context.config.annotation.ContextResourceLoaderConfiguration
org.springframework.context.ApplicationListener=\
com.netflix.spinnaker.kork.configserver.CloudConfigApplicationListener
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
com.netflix.spinnaker.kork.configserver.autoconfig.CloudConfigAutoConfiguration
com.netflix.spinnaker.kork.configserver.autoconfig.SpringCloudAwsConfiguration
com.netflix.spinnaker.kork.configserver.autoconfig.SpringCloudAwsS3ResourceLoaderConfiguration
io.awspring.cloud.context.config.annotation.ContextResourceLoaderConfiguration
5 changes: 0 additions & 5 deletions kork-core/src/main/resources/META-INF/spring.factories
Original file line number Diff line number Diff line change
@@ -1,8 +1,3 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.netflix.spinnaker.kork.PlatformComponents,\
com.netflix.spinnaker.kork.discovery.DiscoveryAutoConfiguration


org.springframework.context.ApplicationListener=\
com.netflix.spinnaker.kork.spring.SpringBoot1CompatibilityApplicationListener,\
com.netflix.spinnaker.kork.web.exceptions.DefaultThreadUncaughtExceptionHandler
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
com.netflix.spinnaker.kork.PlatformComponents
com.netflix.spinnaker.kork.discovery.DiscoveryAutoConfiguration
Original file line number Diff line number Diff line change
@@ -1,2 +1 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.netflix.spinnaker.credentials.jackson.SensitiveAutoConfiguration

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
com.netflix.spinnaker.credentials.jackson.SensitiveAutoConfiguration
4 changes: 1 addition & 3 deletions kork-eureka/src/main/resources/META-INF/spring.factories
Original file line number Diff line number Diff line change
@@ -1,3 +1 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.netflix.spinnaker.kork.archaius.ArchaiusAutoConfiguration,\
com.netflix.spinnaker.kork.eureka.EurekaAutoConfiguration

Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
com.netflix.spinnaker.kork.archaius.ArchaiusAutoConfiguration
com.netflix.spinnaker.kork.eureka.EurekaAutoConfiguration
3 changes: 1 addition & 2 deletions kork-retrofit/src/main/resources/META-INF/spring.factories
Original file line number Diff line number Diff line change
@@ -1,2 +1 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.netflix.spinnaker.kork.retrofit.RetrofitServiceFactoryAutoConfiguration

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
com.netflix.spinnaker.kork.retrofit.RetrofitServiceFactoryAutoConfiguration
3 changes: 1 addition & 2 deletions kork-retrofit2/src/main/resources/META-INF/spring.factories
Original file line number Diff line number Diff line change
@@ -1,2 +1 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.netflix.spinnaker.kork.retrofit.Retrofit2ServiceFactoryAutoConfiguration

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
com.netflix.spinnaker.kork.retrofit.Retrofit2ServiceFactoryAutoConfiguration
3 changes: 1 addition & 2 deletions kork-secrets/src/main/resources/META-INF/spring.factories
Original file line number Diff line number Diff line change
@@ -1,2 +1 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.netflix.spinnaker.kork.secrets.SecretConfiguration

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
com.netflix.spinnaker.kork.secrets.SecretConfiguration
2 changes: 1 addition & 1 deletion kork-sql-test/kork-sql-test.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ dependencies {

runtimeOnly "com.h2database:h2"

testRuntimeOnly "mysql:mysql-connector-java"
testRuntimeOnly "com.mysql:mysql-connector-j"
testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine"
testRuntimeOnly "org.postgresql:postgresql"
}
2 changes: 1 addition & 1 deletion kork-sql/kork-sql.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ dependencies {
testImplementation "org.springframework.boot:spring-boot-starter-test"

testRuntimeOnly project(":kork-web")
testRuntimeOnly "mysql:mysql-connector-java"
testRuntimeOnly "com.mysql:mysql-connector-j"
}

detekt {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ import org.jooq.impl.DefaultExecuteListenerProvider
import org.slf4j.LoggerFactory
import org.springframework.beans.factory.BeanCreationException
import org.springframework.beans.factory.annotation.Value
import org.springframework.boot.actuate.autoconfigure.metrics.jdbc.DataSourcePoolMetricsAutoConfiguration
import org.springframework.boot.autoconfigure.EnableAutoConfiguration
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
Expand All @@ -55,7 +56,7 @@ import org.springframework.jdbc.datasource.TransactionAwareDataSourceProxy
@Configuration
@ConditionalOnProperty("sql.enabled")
@EnableConfigurationProperties(SqlProperties::class)
@EnableAutoConfiguration(exclude = [DataSourceAutoConfiguration::class])
@EnableAutoConfiguration(exclude = [DataSourceAutoConfiguration::class, DataSourcePoolMetricsAutoConfiguration::class])
@Import(HikariDataSourceConfiguration::class, DataSourcePoolMetadataProvidersConfiguration::class)
class DefaultSqlConfiguration {

Expand Down
3 changes: 1 addition & 2 deletions kork-swagger/src/main/resources/META-INF/spring.factories
Original file line number Diff line number Diff line change
@@ -1,2 +1 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.netflix.spinnaker.config.SpringfoxHandlerProviderBeanPostProcessor

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
com.netflix.spinnaker.config.SpringfoxHandlerProviderBeanPostProcessor
3 changes: 1 addition & 2 deletions kork-tomcat/src/main/resources/META-INF/spring.factories
Original file line number Diff line number Diff line change
@@ -1,3 +1,2 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.netflix.spinnaker.kork.tomcat.TomcatConfiguration


Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
com.netflix.spinnaker.kork.tomcat.TomcatConfiguration
15 changes: 5 additions & 10 deletions spinnaker-dependencies/spinnaker-dependencies.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,10 @@ ext {
gcp : "25.3.0",
jsch : "0.1.54",
jschAgentProxy : "0.0.9",
// spring boot 2.6.15 specifies logback 1.2.12. Pin to 1.2.13 to resolve
// spring boot 2.7.18 specifies logback 1.2.12. Pin to 1.2.13 to resolve
// CVE-2023-6378 and CVE-2023-6481 until spring boot 3.1.7 which brings in
// 1.4.14. See https://logback.qos.ch/news.html#1.3.12.
logback : "1.2.13",
netty : "4.1.100.Final",
protobuf : "3.21.12",
okhttp : "2.7.5", // CVE-2016-2402
okhttp3 : "4.9.3",
Expand All @@ -28,14 +27,12 @@ ext {
spectator : "1.0.6",
spek : "1.1.5",
spek2 : "2.0.9",
springBoot : "2.6.15",
springBoot : "2.7.18",
springCloud : "2021.0.8",
springfoxSwagger : "3.0.0",
swagger : "1.5.20", //this should stay in sync with what springfoxSwagger expects.

// Spring boot 2.6.15 bring in 9.0.75. 2.7.18
// brings in 9.0.83, which fixes all CVEs to date (20-feb-24).
//
// 2.7.18 brings in 9.0.83, which fixes all CVEs to date (20-feb-24). Continue to pin.
// See https://tomcat.apache.org/security-9.html for latest security fixes.
tomcat : "9.0.83"
]
Expand All @@ -59,8 +56,6 @@ dependencies {
// this project and need to configure gradle plugins etc.
api(platform("org.jetbrains.kotlin:kotlin-bom:$kotlinVersion"))
api(platform("io.zipkin.brave:brave-bom:${versions.brave}"))
api(platform("org.junit:junit-bom:5.8.2")) // remove with spring boot >= 2.6.2
api(platform("io.netty:netty-bom:${versions.netty}"))
api(platform("org.springframework.boot:spring-boot-dependencies:${versions.springBoot}"))
api(platform("com.amazonaws:aws-java-sdk-bom:${versions.aws}"))
api(platform("com.google.protobuf:protobuf-bom:${versions.protobuf}"))
Expand Down Expand Up @@ -180,15 +175,15 @@ dependencies {
// pf4j:3.10.0 brings in slf4j-api:2.0.6 which is not compatible with logback 1.2.x.
// And the upgraded logback version(1.3.8) is becoming incompatible with SpringBoot's LogbackLoggingSystem:
// java.lang.NoClassDefFoundError at LogbackLoggingSystem.java:293
// Hence pinning slf4j-api at 1.7.36 which spring boot 2.6.15 brings in.
// Hence pinning slf4j-api at 1.7.36 which spring boot 2.7.18 brings in.
api("org.slf4j:slf4j-api"){
version {
strictly("1.7.36")
}
}
api("org.pf4j:pf4j-update:2.3.0")

// Spring boot 2.6.15 brings in snakeyaml 1.29, which fails to parse yaml (including some
// Spring boot 2.7.18 brings in snakeyaml 1.30, which fails to parse yaml (including some
// k8s manifests). See https://github.com/spring-projects/spring-boot/issues/30159#issuecomment-1125969155.
// It's safe to upgrade beyond 1.29 with spring boot >= 2.6.12 (see
// https://github.com/spring-projects/spring-boot/issues/32228#issue-136185850.0). However,
Expand Down

0 comments on commit 8180419

Please sign in to comment.