Conversation
There was a problem hiding this comment.
Pull request overview
Updates the local-dev Spring-based container images to newer Spring Boot versions and adds a shared mechanism to trust Aspire/.NET development certificates (notably for Spring Boot Admin).
Changes:
- Bump Spring Boot version metadata to 3.5.10 across images.
- Add Spring Boot Admin configuration patches for Steeltoe actuator compatibility and SSL trust via a custom
ClientHttpConnector. - Introduce shared SSL trust configuration and update the build script to apply patches more robustly and copy shared SSL sources.
Reviewed changes
Copilot reviewed 23 out of 23 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| uaa-server/README.md | Updates UAA image tag and documentation links. |
| spring-boot-admin/patches/steeltoe-admin-config.patch | Adds SBA WebClient customization to tolerate Steeltoe actuator index responses in AOT. |
| spring-boot-admin/patches/spring-boot-admin-ssl-config.patch | Adds SBA ClientHttpConnector bean wired to a shared X509TrustManager. |
| spring-boot-admin/patches/enable-springbootadmin.patch | Enables SBA server and expands component scanning/imports needed for SSL + Steeltoe config. |
| spring-boot-admin/patches/build.gradle.patch | Adjusts build-image environment settings (incl. native image build args). |
| spring-boot-admin/patches/application.properties.patch | Sets SBA defaults and configures SSL package logging. |
| spring-boot-admin/metadata/SPRING_BOOT_VERSION | Bumps Spring Boot version metadata to 3.5.10. |
| spring-boot-admin/metadata/IMAGE_VERSION | Bumps SBA image version metadata. |
| spring-boot-admin/README.md | Updates SBA run instructions/tag. |
| shared/ssl-config/SslTrustConfiguration.java | Adds shared trust manager that loads dev certs from standard locations/env vars. |
| eureka-server/patches/application.properties.patch | Adds Eureka properties and enables SSL package logging. |
| eureka-server/metadata/SPRING_BOOT_VERSION | Bumps Spring Boot version metadata to 3.5.10. |
| eureka-server/metadata/IMAGE_REVISION | Introduces image revision metadata. |
| eureka-server/README.md | Updates Eureka run instructions/tag. |
| config-server/patches/enableconfigserver.patch | Updates Config Server bootstrap (enables config server/discovery + logs package info). |
| config-server/patches/application.properties.patch | Adds Config Server properties and enables SSL package logging. |
| config-server/metadata/SPRING_BOOT_VERSION | Bumps Spring Boot version metadata to 3.5.10. |
| config-server/metadata/IMAGE_VERSION | Bumps Config Server image version metadata. |
| config-server/metadata/IMAGE_REVISION | Changes revision metadata content. |
| config-server/README.md | Updates Config Server run instructions/tags. |
| build.ps1 | Enhances patch application behavior and copies shared SSL config into generated projects. |
| AGENTS.md | Adds agent guidance for patch handling/build workflow. |
| .gitattributes | Enforces LF endings for .patch files. |
Comments suppressed due to low confidence (1)
config-server/patches/enableconfigserver.patch:24
- This patch appears to truncate
ConfigServer.javaand does not include the closing braces for themainmethod and class. When applied, it will likely produce invalid Java and fail compilation. Please update the patch so the resulting file still ends with the appropriate}braces (and include the necessary context lines sopatchcan apply cleanly).
public static void main(String[] args) {
+ Package pkg = EnableConfigServer.class.getPackage();
+ logger.info("{} {} by {}", pkg.getImplementationTitle(), pkg.getImplementationVersion(), pkg.getImplementationVendor());
SpringApplication.run(ConfigServer.class, args);
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Contributor
|
To run the UAA server image built for this pull request: docker run --rm -d --pull=always -p 8080:8080 --name uaa-pr steeltoe.azurecr.io/uaa-server:pr-52 |
|
To run the Eureka server image built for this pull request: docker run --rm -d --pull=always -p 8761:8761 --name eureka-pr steeltoe.azurecr.io/eureka-server:pr-52 |
|
To run the Spring Cloud Config Server image built for this pull request: docker run --rm -d --pull=always -p 8888:8888 --name config-pr steeltoe.azurecr.io/config-server:pr-52 |
|
To run the Spring Boot Admin server image built for this pull request: docker run --rm -d --pull=always -p 9099:9099 --name sba-pr steeltoe.azurecr.io/spring-boot-admin:pr-52 |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 27 out of 27 changed files in this pull request and generated 8 comments.
Comments suppressed due to low confidence (1)
config-server/patches/application.properties.patch:15
- This logging category likely won't affect the shared trust configuration at runtime.
build.ps1copiesshared/ssl-config/SslTrustConfiguration.javainto the app's base package and rewrites its package declaration toio.steeltoe.docker.<serverName>(build.ps1:300-315), so the logger name won’t be underio.steeltoe.docker.ssl. Consider switching this tologging.level.io.steeltoe.docker=INFOor the concrete app package so the SSL trust logs can actually be controlled.
+auth.enabled=false
+logging.level.io.steeltoe.docker.ssl=INFO
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Log dependencies requested in calls to start.spring.io - Enhance patch handling to catch more failure scenarios - Use eol=lf for .patch files - fix enableconfigserver.patch
- add custom deserialization for aot/native-compiled SBA to avoid breakage over 'type' property in Steeltoe responses fixup metadata skip self-replication in Eureka
* Update eureka-server/patches/application.properties.patch * Fix line count in patch * Update build.ps1 to trim/join IMAGE_REVISION and check for non-empty * Use cryptographic signature verification in SslTrustConfiguration --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: TimHess <3947063+TimHess@users.noreply.github.com>
- Fix logging.level namespace to match actual package after build-time rewriting (io.steeltoe.docker instead of io.steeltoe.docker.ssl) - Correct AGENTS.md patch documentation for unified diff hunk headers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Reduces the need for #40