Skip to content

Upgrade Spring Boot from 2.7.x to 3.5.7 and Spring Cloud to 2025.0.0#20

Open
devin-ai-integration[bot] wants to merge 2 commits into
mainfrom
devin/1762208311-springboot-upgrade
Open

Upgrade Spring Boot from 2.7.x to 3.5.7 and Spring Cloud to 2025.0.0#20
devin-ai-integration[bot] wants to merge 2 commits into
mainfrom
devin/1762208311-springboot-upgrade

Conversation

@devin-ai-integration

@devin-ai-integration devin-ai-integration Bot commented Nov 3, 2025

Copy link
Copy Markdown

Upgrade Spring Boot from 2.7.x to 3.5.7 and Spring Cloud to 2025.0.0

Summary

This PR upgrades all 7 microservices from Spring Boot 2.7.14/2.7.15 to 3.5.7 (latest) and Spring Cloud from 2021.0.8 to 2025.0.0 (Northfields release train). This is a major version upgrade requiring breaking change fixes for Spring Boot 3.x and Spring Cloud 2022.0.0+ compatibility.

Services upgraded:

  • API-Gateway: 2.7.14 → 3.5.7
  • Service-Registry: 2.7.14 → 3.5.7
  • User-Service: 2.7.14 → 3.5.7
  • Account-Service: 2.7.15 → 3.5.7
  • Fund-Transfer: 2.7.14 → 3.5.7
  • Transaction-Service: 2.7.15 → 3.5.7
  • Sequence-Generator: 2.7.15 → 3.5.7

Key changes made:

  1. Updated all 7 pom.xml files with new Spring Boot and Spring Cloud versions
  2. Migrated javax.*jakarta.* imports in 7 files (Jakarta EE 10 requirement for Spring Boot 3.x):
    • Entity classes: Account.java, FundTransfer.java, Transaction.java, User.java, UserProfile.java, Sequence.java
    • Service class: UserServiceImpl.java (javax.transaction.Transactional → jakarta.transaction.Transactional)
  3. Updated Spring Security configuration (API-Gateway/SecurityConfig.java) to use Spring Security 6.0 lambda DSL:
    • Replaced deprecated .authorizeExchange(), .csrf().disable(), .oauth2Login(), .oauth2ResourceServer().jwt() with lambda-based syntax
    • Added Customizer.withDefaults() for default OAuth2 configuration
  4. Removed @EnableEurekaClient annotation from 3 services (API-Gateway, User-Service, Transaction-Service) - no longer needed in Spring Cloud 2022.0.0+ as Eureka client is now auto-configured
  5. Removed javax.ws.rs exclusion from User-Service pom.xml - no longer needed in Spring Boot 3.x

Review & Testing Checklist for Human

⚠️ IMPORTANT: Only API-Gateway has been verified to compile locally. The other 6 services need verification.

  • Compile all 7 services - Run mvn clean compile for each service to ensure no compilation errors
  • Run unit tests - Execute mvn test for Service-Registry, Sequence-Generator, and API-Gateway (the services with test suites)
  • Test Eureka service discovery - Verify that API-Gateway, User-Service, and Transaction-Service still register with Service-Registry correctly despite @EnableEurekaClient removal
  • Test API Gateway OAuth2 authentication - Verify /api/users/register is publicly accessible and other endpoints require authentication. Test OAuth2 login flow and JWT resource server functionality
  • Test database operations - For User-Service, Account-Service, Fund-Transfer, and Transaction-Service, verify JPA entity operations work correctly with jakarta.persistence.* imports

Recommended test plan:

  1. Start Service-Registry first
  2. Start Sequence-Generator and verify it registers with Eureka
  3. Start API-Gateway and verify OAuth2 configuration works
  4. If you have MySQL/Keycloak configured, test User-Service, Account-Service, Fund-Transfer, and Transaction-Service end-to-end

Notes

  • All changes follow the official Spring Boot 3.0 Migration Guide
  • Java 17 is already configured (required minimum for Spring Boot 3.x)
  • Keycloak Admin Client 21.0.1 is compatible with Spring Boot 3.x and Jakarta EE
  • No CI is configured for this repository, so manual testing is critical

Link to Devin run: https://app.devin.ai/sessions/ca17b79a5eb24855a35b4d9dafd6cbc1
Requested by: Sam Fertig (@samfert-codeium)

- Updated all 7 microservice pom.xml files with Spring Boot 3.5.7 and Spring Cloud 2025.0.0
- Migrated javax.* imports to jakarta.* across all entity and service classes
- Updated Spring Security configuration to use lambda DSL for Spring Security 6.0 compatibility
- Removed javax.ws.rs exclusion from User-Service (no longer needed in Spring Boot 3.x)

Services upgraded:
- API-Gateway: 2.7.14 → 3.5.7
- Service-Registry: 2.7.14 → 3.5.7
- User-Service: 2.7.14 → 3.5.7
- Account-Service: 2.7.15 → 3.5.7
- Fund-Transfer: 2.7.14 → 3.5.7
- Transaction-Service: 2.7.15 → 3.5.7
- Sequence-Generator: 2.7.15 → 3.5.7

Co-Authored-By: Sam Fertig <sam.fertig@codeium.com>
@devin-ai-integration

Copy link
Copy Markdown
Author

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

- Remove @EnableEurekaClient annotation from API-Gateway, User-Service, and Transaction-Service (no longer needed - Eureka client is now auto-configured)
- Fix Spring Security 6.0 lambda DSL syntax in SecurityConfig using Customizer.withDefaults()
- Add Customizer import to SecurityConfig

These changes are required for compatibility with Spring Cloud 2025.0.0 (Northfields release train)

Co-Authored-By: Sam Fertig <sam.fertig@codeium.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants