Development: Upgrade to Spring Boot 3, Spring 6, Hibernate 6

[julian-christl]

This is a high priority PR and we would like to merge it into develop until end of March. Please help with testing and reviewing!

Changelog

SQL Dialects

• Removal of the PostgreSQL10Dialect. Replace the dialect in your config with the PostgreSQLDialect of of the same package.
• Removal of the MySQL8Dialect. Replace the dialect in your config with the MySQLDialect of the same package.

Configuration

hibernate.dialect is deprecated and can be removed. The specified JDBC URL will select the dialect

Checklist

General

• I tested all changes and their related features with all corresponding user types on a test server.
• This is a small issue that I tested locally and was confirmed by another developer on a test server.
• Language: I followed the guidelines for inclusive, diversity-sensitive, and appreciative language.
• I chose a title conforming to the naming conventions for pull requests.

Server

• Important: I implemented the changes with a very good performance and prevented too many (unnecessary) database calls.
• I strictly followed the server coding and design guidelines.
• I documented the Java code using JavaDoc style.

Changes affecting Programming Exercises

• High priority: I tested all changes and their related features with all corresponding user types on a test server configured with the integrated lifecycle setup (LocalVC and LocalCI).
• I tested all changes and their related features with all corresponding user types on a test server configured with Gitlab and Jenkins.

Motivation and Context

Upgrading Spring Boot to major version 3

Description

• Updated Spring Boot to v3.x.x, Spring Security to v6.x.x and Hibernate to v6.x.x
• Updated multiple other dependencies that were blocked by this upgrade to their latest version
• Replaced javax imports with jakarta imports
• Added own derived Spring Security LTI 1.3 library as the original does not support Jakarta yet and hence creates conflicts
• Replaced removed IMPLICIT OAuth grant type with AUTHORIZATION_CODE
• Added own jGit HTTP server by copying the original code into our code base and replacing the javax imports
• Replaced deprecated database configurations
• Implemented our own EurekaClientRestTemplateConfiguration to keep Hazelcast working after the upgrade (A different template gets used as default in the new version, and this causes problems)
• Revert the stack trace parsing to the current state as the upgrade changes the default style
• Replace the deprecated security configurations with the recommended updated versions
• Replace ClientForwardResource with SpaWebFilter, doing the same job earlier in the request processing
• Removed support for filtering by courses when retrieving users. As it caused issues during the upgrade process. We added a flag to return users that have no user groups instead
  • If you use the later feature for bulk deletions of unused users, you may have to clean up first by removing all relations that use outdated user groups (e.g. DELETE FROM user_groups g WHERE NOT EXISTS (SELECT * FROM course c WHERE c.student_group_name = g OR c.teaching_assistant_group_name = g OR c.editor_group_name OR c.instructor_group_name);)
• Reimplemented Iris save message functionality as the entity relations caused issues during the upgrade. Due to issues in Spring Boot 2.x.x with this implementation, we did not extract these changes
• Made sure that non-existent resources return an HTTP 404 instead of a server error
• Updated further smaller deprecations

Steps for Testing

The whole application requires testing. Please refer to your specific testing instructions during a testing session or pick an area of your choosing and investigate it.

Exam Mode Testing

The whole application requires testing. Please refer to your specific testing instructions during a testing session or pick an area of your choosing and investigate it.

Testserver States

Note

These badges show the state of the test servers.
Green = Currently available, Red = Currently locked

Review Progress

Performance Review

• I (as a reviewer) confirm that the server changes (in particular related to database calls) are implemented with a very good performance

Code Review

• Code Review 1
• Code Review 2

Manual Tests

• Test 1
• Test 2
• Test 3
• Test 4

Exam Mode Test

• Test 1
• Test 2
• Test 3
• Test 4

Test Coverage

Omitted. No real functional changes and listing the test results for all files touched would take ages. It's a unique PR and hence reasonable.

[dfuchss]

See #8256 . We need to retrieve all users that belong to no course because we have to delete them on a regular basis.

[reschandreas]

I have some questions, see my comments. it would be nice if you could directly remove the star imports instead of renaming them, as we agreed in the dev team that we don't want to use them anymore.

[julian-christl]

See #8256 . We need to retrieve all users that belong to no course because we have to delete them on a regular basis.

As discussed in the issue, I readded the capability to get users that have no user group. I also updated the description accordingly. However, implementing this in the client is out of scope for this PR.

[julian-christl]

@reschandreas As discussed via DMs, I'd like to not include larger import changes in this PR to prevent bloating. We can do this in another PR.

[bassner]

https://www.youtube.com/watch?v=rR4n-0KYeKQ

outdated