升级 Spring Boot 3.x + Security 流程
代码兼容升级
1、feign 框架变更的兼容修改
feign.hystrix.FallbackFactory >> org.springframework.cloud.openfeign.FallbackFactory2、Java 标准变更的兼容修改
使用批量替换下面的变更:
javax.servlet >> jakarta.servlet
javax.validation >> jakarta.validation
javax.annotation >> jakarta.annotation3、Swagger 2 注解替换 为 OpenAPI 3 注解
对应关系为:
io.swagger.annotations.Api -> io.swagger.v3.oas.annotations.tags.Tag;
o.swagger.annotations.ApiParam -> io.swagger.v3.oas.annotations.Parameter;
io.swagger.annotations.ApiOperation -> io.swagger.v3.oas.annotations.Operation;
io.swagger.annotations.ApiModel -> io.swagger.v3.oas.annotations.media.Schema
io.swagger.annotations.ApiModelProperty -> io.swagger.v3.oas.annotations.media.Schema
io.swagger.annotations.ApiImplicitParams -> io.swagger.v3.oas.annotations.Parameters
io.swagger.annotations.ApiImplicitParam -> io.swagger.v3.oas.annotations.Parameter
springfox.documentation.annotations.ApiIgnore -> @Parameter(hidden = true) || @0peration(hidden = true)示例:
@Schema(name = "DataSourEntity", description = "表单数据源")
@Schema(description = "数据源实例名称,即数据库名称")4、Mybatis-Plus 注解调整
把 @TableField(updateStrategy = FieldStrategy.IGNORED ) 改为 @TableField(updateStrategy = FieldStrategy.NEVER )
依赖及配置升级
1、升级 Maven 依赖
1.1、升级继承依赖
<parent>
<groupId>com.tianyin</groupId>
<artifactId>tianyin-cloud-parent</artifactId>
<version>2023.0.x.20251215-SNAPSHOT</version>
<relativePath/>
</parent>1.2、升级组件依赖
1.2.1、Knife4j 接口文档
<!-- For Knife4j -->
<dependency>
<groupId>com.github.xiaoymin</groupId>
<artifactId>knife4j-openapi3-jakarta-spring-boot-starter</artifactId>
<exclusions>
<exclusion>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- For SpringDoc OpenAPI -->
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
<version>${springdoc.version}</version>
</dependency>1.2.2、Dozer 对象转换
<!-- For Dozer -->
<dependency>
<groupId>com.github.dozermapper</groupId>
<artifactId>dozer-spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>com.github.hiwepy</groupId>
<artifactId>dozer-extra-converters</artifactId>
</dependency>1.3、Mybatis-Plus
<!-- For Mybatis-Plus -->
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-spring-boot3-starter</artifactId>
</dependency>
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-jsqlparser</artifactId>
</dependency>
<!-- For Mybatis Plus Generator -->
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-generator</artifactId>
</dependency>
<dependency>
<groupId>org.apache.velocity</groupId>
<artifactId>velocity-engine-core</artifactId>
</dependency>2、升级程序版本
比如,业务中台,从 1.x.x 升级到了 3.0.0-SNAPSHOT
<version>3.0.0-SNAPSHOT</version>3、配置兼容改动
3.1、调整 application.yaml 默认配置
spring 配置发生了改变,去除了一些无效配置,修改了Redis 配置的格式
################################################################################################################
###Spring Boot 监控(安全、开放信息等)配置:
################################################################################################################
management:
server:
# 启用独立运维端口
port: 50000
metrics:
tags:
# 在统计信息中添加自定义的标签
application: ${spring.application.name}
# 开启shutdown和health端点
endpoint:
shutdown:
enabled: true
health:
enabled: true
probes:
enabled: true
endpoints:
web:
# 指定上下文路径,启用相应端点
base-path: /actuator
exposure:
include: health,shutdown,metrics,prometheus
############## SpringDoc 配置 (文档: https://springdoc.org/) ##############
springdoc:
api-docs:
enabled: true
path: /v3/api-docs
packages-to-scan:
- com.tianyin.dw.standard.web.mvc
swagger-ui:
path: /swagger-ui.html
tags-sorter: alpha
operations-sorter: alpha
knife4j:
enable: true
################################################################################################################
###Spring Boot 相关组件(SpringMVC、Freemarker、Session、Cache、DataSource)配置:
################################################################################################################
spring:
# 应用信息配置
application:
name: tianyin-edu-third
# 缓存配置:
cache:
type: none
# 配置文件导入:
config:
import:
- nacos:tianyin-common.yaml
- optional:nacos:${spring.application.name}.yaml
- optional:nacos:${spring.application.name}-${spring.profiles.active}.yaml
# 数据源配置:
datasource:
name: ${spring.application.name}
# HiKariCP的数据源配置:
hikari:
enabled: true
allow-pool-suspension: true
auto-commit: false
# 连接初始化SQL
connection-init-sql: select SYSDATE()
# 连接测试语句
connection-test-query: select SYSDATE()
# 连接超时, 等待连接池分配连接的最大时长(毫秒),超过这个时长还没可用的连接则发生SQLException, 缺省:30秒
connection-timeout: 30000
initialization-fail-timeout: 30000
#一个连接idle状态的最大时长(毫秒),超时则被释放(retired),缺省:10分钟
idle-timeout: 600000
# 内存泄漏侦测入口
leak-detection-threshold: 30000
# 一个连接的最大的生命时间(毫秒),超时而且没被使用则被释放(retired),缺省:30分钟,建议设置比数据库超时时长少30秒以上,参考MySQL wait_timeout参数(show variables like '%timeout%';)
max-lifetime: 1800000
# 连接池中允许的最大连接数。缺省值:10;推荐的公式:((core_count * 2) + effective_spindle_count)
max-pool-size: 15
# 最小闲置线程
min-idle: 5
# 生效超时
validation-timeout: 30000
data:
# Redis相关配置
redis:
client-type: lettuce
# 连接超时时间(毫秒)
timeout: 50000
# 基于Lettuce客户端的Redis连接池配置
lettuce:
pool:
enabled: true
# 连接池最大连接数(使用负值表示没有限制)
max-active: 200
# 连接池最大阻塞等待时间(使用负值表示没有限制)
max-wait: -1
# 连接池中的最大空闲连接
max-idle: 10
# 连接池中的最小空闲连接
min-idle: 0
# 国际化信息配置
messages:
#指定message的basename,多个以逗号分隔,如果不加包名的话,默认从classpath路径开始,默认: messages
basename: i18n/*/messages,i18n/messages
#设定Message bundles的编码,默认: UTF-8
encoding: UTF-8
# Servlet配置
servlet:
multipart:
enabled: true #默认支持文件上传
max-file-size: -1 #不做限制
max-request-size: -1 #不做限制
# 权限控制
security:
# 默认路径拦截规则定义
filter-chain-definition-map:
'[/]': anon
'[/favicon.ico]': anon
'[/webjars/**]': anon
'[/error*]': anon
'[/swagger-ui.html]': anon
'[/swagger-ui/**]': anon
'[/doc.html]': anon
'[/v2/*]': anon
'[/v2/api-docs]': anon
'[/v3/api-docs]': anon
'[/v3/api-docs/**]': anon
'[/actuator/**]': anon
'[/actuator*]': anon
# 以上是默认配置
'[/kaptcha*]': anon
'[/druid/*]': ipaddr[192.168.1.0/24]
'[/third/config/*]': anon
'[/image/*]': anon
'[/sms/*]': anon
'[/file/listByPath]': anon
'[/env/list]': anon
stateless: true
jwt:
enabled: true
authz:
enabled: true
allow-session-creation: false
continue-chain-before-successful-authentication: true
path-pattern: /*
################################################################################################################
###JWT 授权(JwtIssueProperteis)配置:
################################################################################################################
jwt:
seed: xx1WET12^%3^(WE45
aec-key: xx288&^^%$!@#4dc
aec-iv: 0123456789abcdef
expire: 7d
algorithm: RS256
issuer: https://zhpj-test.91118.com
rsa-pub-key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CU7En9Xtl6/nnJ4tTjz6U08wFy5vMBA1UdGA5m22FhRt4B0exvhYBE1XyZp0jm4MQ071t5Re64VN8Gsx1AGujx0PW7leOSQmw1Teb3pgucT7ENn5bVmG52pe3//aWhgZUYe+8epYOK89PhmqwD7t80FZKp+T10QDeQizWx6ZEQZMApzlTj/GX64FC2Qld42B/Dcg+crjX0cI+3f9YIwQmYR9/6DifxybAs37uHSuzneqVc9Q6jJ/glYqsOuikxrV1eOgW8/gO+b6OVVKFRxgjUE4GEolkP6DdCKD/+9nrtITtHTCgka1LcDOo0PEAlu8B9UCgtB44HiQ6OTKo074QIDAQAB
rsa-pri-key: v+PYuxl8cN+hsEsp4Z6vSTGakStYdwiABjhi9GeMFCfwcJS4nBNJxsOE4OW9AUzzJeFVD8WDt+9VNcBXSkcQPZygZXNpcnKX1/YfDOoKdz/uj1omrBMdVKw3LRR5US7wqS9lBkyFqQ9upQPW5nYvxUvD4wo+ZrSwKXscsRqmTDEF7ZZzs/fRt1sH21n25GAc9RUtheDzJtx8T55+1CRSz9nq4v2x6tp9n15Vi+9Pt/gmXQy0dd5LV9okIKZisz9aQ53dEQ9+PO0wSKDV2vfkZDL6ZH1hlfpkFKsSJDapG153yy8TzFm93+jlntaPw1VBSO8NQZSN0DiB2TzNPtadr2uHoFHOwafiBaSqqVlxQ8NRnrP1KIb47KF2pTdIv52EAc44ucrfp6JzfNNzxp8AX6f0lvoV0Sl8fbGqqVEJYf+wR235SwRc5GtnMwWaWC99cO4cHFwdR3SZAksVOJSuoB1bEr9Ssgqz6+h4iCl92PD3L2np4WUdKmFM9GjXvnscOUNVWwDspA8uDoXgJdTgIap+6wbBNS1jeKplJffJe7Bne6eM39bb4dIjZZj9gc0FWeBPq48DuNhFBPlCPz+hFcFLqfjaxTBa1mmWCYcRyITZtLG26F3qtUX7WoSFKijhdn4EjLtH8SxwYquJMB/vtJWEr1HgVdocwFVFoFocI5bqQl4LcXh6RRkAqjcyDt2h6qhbeprzyuhY5WCefwIGL412EqOMZFx0AA+LDUNGSU62+ucUgHhR6VX7lDGLPd2DWPsP6Kso7OmNhTT7BygYEHf93zXsvwHpYZcsNZL5gviEbbVI4IALDUixe8lBpgytqSIGOAaxj9XVd0hYK6g0xwZaA/Sjq27SI0tahuG1JDXIoT/nSYh53mH9ysnigAnnvazWq1qnwKY5G+o62r0CF9i4RmJqMK7wljsv77oPckOXjNjyCvW+4Zx4DVwZSs748dBsqSX/ntAOnWZksFUjbe0XDHSAw/6tpHlNBXdxrqtU7Zul91cZSXK7KCdtjbnqbZaMcudnN8SEY3qtyF2kHr9Lkp7Q/KlbSUfm3ub/j9G9uNGR3qfZbydVYKO/tgho8rgdBye3oTxuSTv+tk9HI/3Gcw4V7/RHEHYKutrG1DS0vvQe4AsZn7OczrYRewLhTLZgnMW0zrOS1HFLhmxLIUNFlnqLw9fBUrcaZS4QQH7g6CKpx8njU2SVfUgUp5Kixd9f2MrlAvLaA2MI0LZz4Kq00cGIsRnwUoJPVWDLOIAtme/MC5hJ8mDOfnfAIIdt+rURkVsEkga74ddI4F+J2AeMYs3mrRezW8+lNA7VLvumwZpeldrWOotha/EPMYlA4s+AxY1FPOM1MN+KlWvlLcoLf6H+VXS5K1TlbxDlYRKv2t0iim7fzMikC953pnqPUmG2Y8ni0Y0nFUIPlrJ81SXe5X2qnBheVExw2/K4NkMpThCw7sw5cAI/CdOYewL7GLeEYqAHGRjiYy2T2hwehMRP2C+M5qs3WXkaOuXIsDWukCokpy33dY/cjJ/F5zF9Dz77h3OTto6qxwdLz+L7/8eYW5DqNLaTJGdoPCh9HwI3FK9EJntgOVxhtlV2ME0+VgNnzOtpGI5Xdj9/YmFIo4W4llNikeUF0XuRTaLDEeI=
sa-token: true3.2、修改程序启动器
- 去除 @EnableExtrasConfiguration 注解
- 增加 @EnableDiscoveryClient 注解
- 替换 @EnableGlobalMethodSecurity 为 @EnableMethodSecurity
- 增加 @Import(DozerAutoConfiguration.class) 解决 Dozer 框架不兼容 Spring Boot 3 问题
@EnableCaching(proxyTargetClass = true)
@EnableDiscoveryClient
@EnableFeignClients(basePackages = "com.tianyin.edu.**.feign")
@EnableWebSecurity
@EnableMethodSecurity(prePostEnabled = true)
@SpringBootApplication
@Import(DozerAutoConfiguration.class)镜像构建升级
1、升级 Dockerfile
Dockerfile 中的JDK 镜像改为 JDK 17
#FROM aiban-docker.pkg.coding.net/tianyin/base/openjdk:8-jdk-alpine
#FROM aiban-docker.pkg.coding.net/tianyin/base/openjdk:8-jdk-alpine-skywalking
FROM aiban-docker.pkg.coding.net/tianyin/base/openjdk:17-jdk-alpine2、升级 Jenkinsfile
在 Jenkinsfile 文件的编译模块,增加 JDK 17 编译环境代理
agent {
docker {
reuseNode 'true'
registryUrl 'https://coding-public-docker.pkg.coding.net'
image 'public/docker/openjdk:17-2024.03'
}
}
作者:杭州天音 创建时间:2025-07-16 13:45
最后编辑:杭州天音 更新时间:2025-12-29 14:11
最后编辑:杭州天音 更新时间:2025-12-29 14:11
