What’s New in Spring Boot 2? – Spring Boot 2有什么新内容?

最后修改: 2017年 12月 12日

中文/混合/英文(键盘快捷键:t)

1. Overview

1.概述

Spring Boot brings an opinionated approach to the Spring ecosystem. First released in mid-2014. Spring Boot has been through a lot of development and improvement. Its version 2.0 is today getting ready for release at the beginning of 2018.

Spring Boot为Spring生态系统带来了一种有主见的方法。首次发布于2014年中期。Spring Boot经历了很多的发展和改进。其2.0版本今天正准备在2018年初发布。

There are different areas where this popular library tries to help us out:

这个受欢迎的图书馆试图在不同领域帮助我们。

  • Dependency management. Through starters and various package manager integrations
  • Autoconfiguration. Trying to minimize the amount of config a Spring app requires to get ready to go and favoring convention over configuration
  • Production-ready features. Such as Actuator, better logging, monitoring, metrics or various PAAS integration
  • Enhanced development experience. With multiple testing utilities or a better feedback loop using spring-boot-devtools

In this article, we’ll explore some changes and features planned for Spring Boot 2.0. We’ll also describe how these changes might help us become more productive.

在这篇文章中,我们将探讨Spring Boot 2.0计划的一些变化和功能。我们还将介绍这些变化如何帮助我们提高工作效率。

2. Dependencies

2.依赖性

2.1. Java Baseline

2.1.Java基线

Spring Boot 2.x will no longer support Java 7 and below, being Java 8 the minimum requirement.

Spring Boot 2.x将不再支持Java 7及以下版本,将Java 8作为最低要求。

It’s also the first version to support Java 9. There are no plans to support Java 9 on the 1.x branch. This means if you want to use the latest Java release and take advantage of this framework, Spring Boot 2.x is your only option.

这也是第一个支持Java 9的版本。目前还没有计划在1.x分支上支持Java 9。这意味着如果你想使用最新的Java版本并利用这个框架,Spring Boot 2.x是你唯一的选择

2.2. Bill of Materials

2.2.材料清单

With every new release of Spring Boot, versions of various dependencies of the Java ecosystem get upgraded. This is defined in Boot bill of materials aka BOM.

随着Spring Boot的每一个新版本的发布,Java生态系统的各种依赖关系的版本都会得到升级。这在Boot bill of materials aka BOM中定义。

In 2.x this is no exception. It makes no sense to list them, but we can have a look at spring-boot-dependencies.pom to see what versions are being used at any given point in time.

在2.x中,这也不例外。列出它们没有意义,但我们可以看看spring-boot-dependencies.pom,看看在任何给定的时间点上正在使用什么版本。

A few highlights regarding minimum required versions:

关于最低要求的版本,有几个亮点。

  • Tomcat minimum supported version is 8.5
  • Hibernate minimum supported version is 5.2
  • Gradle minimum supported version is 3.4

2.3. Gradle Plugin

2.3.Gradle插件

The Gradle plugin has been through major improvement and some breaking changes.

Gradle插件已经经历了重大的改进和一些突破性的变化。

To create fat jars, bootRepackage Gradle’s task gets replaced with bootJar and bootWar to build jars and wars respectively.

为了创建肥大的罐子,bootRepackageGradle的任务被替换为bootJarbootWar来分别构建罐子和战争。

If we wanted to run our apps with the Gradle plugin, in 1.x, we could execute gradle bootRun. In 2.x bootRun extends Gradle’s JavaExec. This implies it is easier for us to configure it applying the same configuration we’d typically use in classic JavaExec tasks.

如果我们想用Gradle插件来运行我们的应用程序,在1.x中,我们可以执行gradle bootRun. 在2.x中bootRun扩展了Gradle的JavaExec.这意味着我们更容易应用我们通常在经典JavaExec任务中使用的相同配置来配置它。

Sometimes we find ourselves wanting to take advantage of Spring Boot BOM. But sometimes we don’t want to build a full Boot app or repackage it.

有时我们发现自己想利用Spring Boot BOM的优势。但有时我们不想建立一个完整的Boot应用程序或重新包装它。

In this regard, it is interesting to know that Spring Boot 2.x will no longer apply the dependency management plugin by default.

在这方面,值得一提的是,Spring Boot 2.x将不再默认应用依赖管理插件

If we want Spring Boot dependency management we should add:

如果我们想要Spring Boot依赖性管理,我们应该添加。

apply plugin: 'io.spring.dependency-management'

This gives us greater flexibility with less configuration in the above-mentioned scenario.

这使我们在上述情况下以较少的配置获得更大的灵活性。

3. Autoconfiguration

3.自动配置

3.1. Security

3.1.安全性

In 2.x the security configuration gets dramatically simplified. By default, everything is secured, including static resources and Actuator endpoints.

在2.x中,安全配置得到了极大的简化。默认情况下,所有东西都是安全的,包括静态资源和执行器端点。

Once the user configures security explicitly, Spring Boot defaults will stop affecting. The user can then configure all access rules in a single place.

一旦用户明确配置了安全,Spring Boot的默认值将停止影响。然后,用户可以在一个地方配置所有的访问规则。

This will prevent us from struggling with WebSecurityConfigurerAdapter ordering issues. These problems used to happen usually when configuring Actuator and App security rules in a custom way.

这将防止我们纠结于WebSecurityConfigurerAdapter 的排序问题。这些问题过去通常发生在以自定义方式配置执行器和应用程序的安全规则时。

Let’s have a look at a simple security snippet that mixes actuator and application rules:

让我们看看一个混合了执行器和应用程序规则的简单安全片段。

http.authorizeRequests()
  .requestMatchers(EndpointRequest.to("health"))
    .permitAll() // Actuator rules per endpoint
  .requestMatchers(EndpointRequest.toAnyEndpoint())
    .hasRole("admin") // Actuator general rules
  .requestMatchers(PathRequest.toStaticResources().atCommonLocations()) 
    .permitAll() // Static resource security 
  .antMatchers("/**") 
    .hasRole("user") // Application security rules 
  // ...

3.2. Reactive Support

3.2.反应性支持

Spring Boot 2 brings a set of new starters for different reactive modules. Some examples are WebFlux, and the reactive counterparts for MongoDB, Cassandra or Redis.

Spring Boot 2为不同的反应式模块带来了一组新的启动器。一些例子是WebFlux,以及MongoDB、Cassandra或Redis的反应式对应模块。

There are also test utilities for WebFlux. In particular, we can take advantage of @WebFluxTest. This behaves similarly to the older @WebMvcTest originally introduced as part of the various testing slices back in 1.4.0.

还有一些WebFlux的测试工具。特别是,我们可以利用@WebFluxTest.,它的行为类似于早在1.4.0中作为各种测试slices的一部分而引入的老式@WebMvcTest

4. Production-Ready Features

4.准备生产的功能

Spring Boot brings some useful tools to enable us to create production-ready applications. Among other things, we can take advantage of Spring Boot Actuator.

Spring Boot带来了一些有用的工具,使我们能够创建生产就绪的应用程序。在其他方面,我们可以利用Spring Boot Actuator。

Actuator contains various tools for simplifying monitoring, tracing, and general app introspection. Further details about actuator can be found in our previous article.

Actuator 包含各种工具,用于简化监控、跟踪和一般应用程序的反省。关于actuator的更多细节可以在我们的前文中找到。

With its 2 version actuator has been through major improvements. This iteration focus on simplifying customization. It also supports other web technologies, including the new reactive module.

在其第2个版本中,actuator已经经历了重大的改进。这次迭代的重点是简化定制。它还支持其他网络技术,包括新的反应式模块。

4.1. Technology Support

4.1.技术支持

In Spring Boot 1.x only Spring-MVC was supported for actuator endpoints. In 2.x, however, it became independent and pluggable. Spring boot now brings support out of the box for WebFlux, Jersey, and Spring-MVC.

在Spring Boot 1.x中,只有Spring-MVC被支持用于执行器端点。但在2.x中,它变得独立且可插拔。Spring boot现在为WebFlux、Jersey和Spring-MVC提供了开箱即用的支持。

As before, JMX remains an option and can be enabled or disabled through configuration.

和以前一样,JMX仍然是一个选项,可以通过配置启用或禁用。

4.2. Creating Custom Endpoints

4.2.创建自定义端点

The new actuator infrastructure is technology-agnostic. Because of this, the development model has been redesigned from scratch.

新的执行器基础设施与技术无关。正因为如此,开发模式已从头开始重新设计。

The new model also brings greater flexibility and expressiveness.

新模式还带来了更大的灵活性和表现力。

Let’s see how to create a Fruits endpoint for actuator:

让我们看看如何为执行器创建一个Fruits端点。

@Endpoint(id = "fruits")
public class FruitsEndpoint {

    @ReadOperation
    public Map<String, Fruit> fruits() { ... }

    @WriteOperation
    public void addFruits(@Selector String name, Fruit fruit) { ... }
}

Once we register FruitsEndpoint in our ApplicationContext, it can be exposed as a web endpoint using our chosen technology. We could also expose it via JMX depending on our configuration.

一旦我们在ApplicationContext中注册了FruitsEndpoint它就可以使用我们选择的技术作为一个Web端点被公开。我们也可以根据我们的配置,通过 JMX 暴露它。

Translating our endpoint to web endpoints, this would result in:

将我们的端点转化为网络端点,这将导致。

  • GET on /application/fruits returning fruits
  • POST on /applications/fruits/{a-fruit} handling that fruit which should be included in the payload

There are many more possibilities. We could retrieve more granular data. Also, we could define specific implementations per underlying technology (e.g., JMX vs. Web). For the purpose of the article, we’ll keep it as a simple introduction without getting into too much detail.

还有很多可能性。我们可以检索更细化的数据。另外,我们还可以按底层技术定义具体的实现(例如,JMX与Web)。为了这篇文章的目的,我们将保持它作为一个简单的介绍,而不涉及太多细节。

4.3. Security in Actuator

4.3.执行器的安全性

In Spring Boot 1.x Actuator defines its own security model. This security model is different from the one used by our application.

在Spring Boot 1.x中,Actuator定义了自己的安全模型。这个安全模型与我们的应用程序所使用的模型不同。

This was the root of many pain points when users were trying to refine security.

当用户试图完善安全时,这是许多痛点的根源。

In 2.x the security configuration should be configured using the same config that the rest of the application uses.

在2.x中,安全配置应使用应用程序其他部分使用的相同配置来配置。

By default, most actuator endpoints are disabled. This is independent of whether Spring Security is in the classpath or not. Beyond status and info, all the other endpoints need to be enabled by the user.

默认情况下,大多数执行器端点被禁用。这与Spring Security是否在classpath中无关。除了status info,其他所有的端点都需要由用户启用。

4.4. Other Important Changes

4.4.其他重要变化

  • Most configuration properties are now under management.xxx e.g.: management.endpoints.jmx
  • Some endpoints have a new format. e.g.: env, flyway or liquibase
  • Predefined endpoint paths are no longer configurable

5. Enhanced Development Experience

5.增强开发经验

5.1. Better Feedback

5.1.更好的反馈

Spring boot introduced devtools in 1.3.

Spring boot在1.3中引入了devtools

It takes care of smoothing out typical development issues. For example, caching of view technologies. It also performs automatic restarts and browser live-reloading. Also, it enables us to remote debug apps.

它照顾到了典型的开发问题的平稳性。例如,视图技术的缓存。它还可以执行自动重启和浏览器实时重载。此外,它使我们能够远程调试应用程序。

In 2.x when our application gets restarted by devtools a ‘delta’ report will be printed out. This report will point out what changed and the impact it might have on our application.

在2.x中,当我们的应用程序被devtools重新启动时,将打印出一份 “delta “报告。这份报告将指出哪些地方发生了变化,以及它可能对我们的应用程序产生的影响。

Let’s say we define a JDBC Datasource overriding the one configured by Spring Boot.

假设我们定义了一个JDBC数据源,覆盖了Spring Boot配置的数据源。

Devtools will indicate that the one autoconfigured is no longer created. It will also point out the cause, an adverse match in @ConditionalOnMissingBean for type javax.sql.DataSource. Devtools will print this report once it performs a restart.

Devtools将指出不再创建自动配置的那个。它还将指出原因,即在@ConditionalOnMissingBean中对类型 javax.sql.DataSource.的不利匹配。Devtools一旦执行重启,将打印此报告。

5.2. Breaking Changes

5.2.破坏性变化

Due to JDK 9 issues, devtools is dropping support for remote debugging through HTTP.

由于JDK 9的问题,devtools放弃了对通过HTTP进行远程调试的支持。

6. Summary

6.总结

In this article, we covered some of the changes that Spring Boot 2 will bring.

在这篇文章中,我们介绍了Spring Boot 2将带来的一些变化。

We discussed dependencies and how Java 8 becomes the minimum supported version.

我们讨论了依赖性以及Java 8如何成为最低支持版本。

Next, we talked about autoconfiguration. We focused on security among others. We also talked about actuator and the many improvements it has received.

接下来,我们谈到了自动配置的问题。我们重点讨论了安全问题,包括其他问题。我们还谈到了执行器和它所得到的许多改进。

Lastly, we talked about some minor tweaks that happened in the development tools provided.

最后,我们谈到了在提供的开发工具中发生的一些小调整。