Skip to content

Upgrade to Spring Boot 3.2.12 LTS and Spring Cloud 2023.0.4#6

Open
devin-ai-integration[bot] wants to merge 1 commit into
mainfrom
devin/1727666147-spring-boot-3-upgrade
Open

Upgrade to Spring Boot 3.2.12 LTS and Spring Cloud 2023.0.4#6
devin-ai-integration[bot] wants to merge 1 commit into
mainfrom
devin/1727666147-spring-boot-3-upgrade

Conversation

@devin-ai-integration

Copy link
Copy Markdown

Upgrade to Spring Boot 3.2.12 LTS and Spring Cloud 2023.0.4

Summary

This PR upgrades all 7 banking microservices from Spring Boot 2.7.x to the latest LTS version (3.2.12) and updates Spring Cloud dependencies from 2021.0.8 to 2023.0.4. The upgrade addresses security vulnerabilities in older Spring Boot versions and ensures long-term support.

Key Changes:

  • Version Updates: Spring Boot 2.7.x → 3.2.12 (LTS), Spring Cloud 2021.0.8 → 2023.0.4
  • Jakarta Migration: All javax.persistence and javax.transaction imports migrated to jakarta.* namespace
  • Spring Security 6: Updated API Gateway security configuration to use Lambda DSL pattern instead of deprecated method chaining
  • Framework API Updates: Updated GlobalExceptionHandler classes to use HttpStatusCode instead of HttpStatus for Spring Framework 6 compatibility
  • Spring Cloud Modernization: Removed deprecated @EnableEurekaClient annotations (auto-enabled in Spring Cloud 2023.0.x)

Services Updated:
All 7 microservices compile successfully and existing tests pass:

  • Service-Registry, Sequence-Generator, API-Gateway (with unit tests ✓)
  • User-Service, Account-Service, Fund-Transfer, Transaction-Service (compilation ✓)

Review & Testing Checklist for Human

⚠️ High Risk - 5 Critical Items to Verify:

  • End-to-end authentication flow: Verify OAuth2/Keycloak integration still works correctly after Spring Security 6 changes
  • Database connectivity: Test all services with actual MySQL databases - Jakarta namespace migration could cause runtime JPA issues
  • Inter-service communication: Verify API Gateway properly routes requests and all Feign client calls work between microservices
  • User registration endpoint: Confirm /api/users/register is still publicly accessible (permitAll) and other endpoints require authentication
  • Full application startup: Start Service Registry first, then all other services - verify Eureka service discovery works with Spring Cloud 2023.0.4

Test Plan Recommendation

  1. Set up MySQL databases and Keycloak server per existing configuration
  2. Start services in order: Service-Registry → Sequence-Generator → API-Gateway → business services
  3. Test user registration, login, account operations, and fund transfers
  4. Monitor logs for any Jakarta/JPA related errors or authentication failures

Notes

  • Session Info: Requested by Sam Fertig (@samfert-codeium) | Devin Run
  • Security: Existing security configurations preserved (CSRF disabled, hardcoded client secrets remain)
  • Compatibility: Java 17 already compatible, Keycloak admin-client 21.0.1 should work with Spring Boot 3
  • Testing Limitation: Only compilation and unit tests verified - full integration testing requires external dependencies

- Updated all 7 microservices from Spring Boot 2.7.x to 3.2.12 (latest LTS)
- Updated Spring Cloud from 2021.0.8 to 2023.0.4 (compatible with Spring Boot 3.2)
- Migrated javax.persistence imports to jakarta.persistence in all entity classes
- Migrated javax.transaction imports to jakarta.transaction
- Updated Spring Security 6 configuration to use Lambda DSL pattern
- Updated GlobalExceptionHandler methods to use HttpStatusCode instead of HttpStatus
- Removed deprecated @EnableEurekaClient annotations (auto-enabled in Spring Cloud 2023.0.x)

Breaking changes addressed:
1. Jakarta EE 9+ namespace migration (javax → jakarta)
2. Spring Security 6 Lambda DSL for reactive security configuration
3. Spring Framework 6 ResponseEntityExceptionHandler API changes
4. Spring Cloud 2023.0.x auto-configuration improvements

All 7 microservices compile and test successfully.

Co-Authored-By: Sam Fertig <sam.fertig@codeium.com>
@devin-ai-integration

Copy link
Copy Markdown
Author

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants