Add health endpoint 'show-components' support

Add a `show-components` property under `management.endpoint.health` and
`management.endpoint.health.group.<name>` that can be used to change
when components are displayed.

Prior to this commit it was only possible to set `show-details` which
offered an "all or nothing" approach to the resulting JSON. The new
switch allows component information to be displayed whilst still hiding
potentially sensitive details returned from the actual `HealthIndicator`.

Closes gh-15076

Author: philwebb

spring-boot-project/spring-boot-actuator-autoconfigure/src/main/asciidoc/endpoints/health.adoc

@@ -24,6 +24,9 @@ The following table describes the structure of the response:
 [cols="2,1,3"]
 include::{snippets}health/response-fields.adoc[]
 
+NOTE: The response fields above are for the V3 API.
+If you need to return V2 JSON you should use an accept header or `application/vnd.spring-boot.actuator.v2+json`
+
 
 
 [[health-retrieving-component]]

spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/health/AutoConfiguredHealthEndpointGroup.java

@@ -19,7 +19,7 @@
 import java.util.Collection;
 import java.util.function.Predicate;
 
-import org.springframework.boot.actuate.autoconfigure.health.HealthProperties.ShowDetails;
+import org.springframework.boot.actuate.autoconfigure.health.HealthProperties.Show;
 import org.springframework.boot.actuate.endpoint.SecurityContext;
 import org.springframework.boot.actuate.health.HealthEndpointGroup;
 import org.springframework.boot.actuate.health.HttpCodeStatusMapper;
@@ -40,7 +40,9 @@ class AutoConfiguredHealthEndpointGroup implements HealthEndpointGroup {
 
 	private final HttpCodeStatusMapper httpCodeStatusMapper;
 
-	private final ShowDetails showDetails;
+	private final Show showComponents;
+
+	private final Show showDetails;
 
 	private final Collection<String> roles;
 
@@ -49,14 +51,17 @@ class AutoConfiguredHealthEndpointGroup implements HealthEndpointGroup {
 	 * @param members a predicate used to test for group membership
 	 * @param statusAggregator the status aggregator to use
 	 * @param httpCodeStatusMapper the HTTP code status mapper to use
+	 * @param showComponents the show components setting
 	 * @param showDetails the show details setting
 	 * @param roles the roles to match
 	 */
 	AutoConfiguredHealthEndpointGroup(Predicate<String> members, StatusAggregator statusAggregator,
-			HttpCodeStatusMapper httpCodeStatusMapper, ShowDetails showDetails, Collection<String> roles) {
+			HttpCodeStatusMapper httpCodeStatusMapper, Show showComponents, Show showDetails,
+			Collection<String> roles) {
 		this.members = members;
 		this.statusAggregator = statusAggregator;
 		this.httpCodeStatusMapper = httpCodeStatusMapper;
+		this.showComponents = showComponents;
 		this.showDetails = showDetails;
 		this.roles = roles;
 	}
@@ -67,17 +72,28 @@ public boolean isMember(String name) {
 	}
 
 	@Override
-	public boolean includeDetails(SecurityContext securityContext) {
-		ShowDetails showDetails = this.showDetails;
-		switch (showDetails) {
+	public boolean showComponents(SecurityContext securityContext) {
+		if (this.showComponents == null) {
+			return showDetails(securityContext);
+		}
+		return getShowResult(securityContext, this.showComponents);
+	}
+
+	@Override
+	public boolean showDetails(SecurityContext securityContext) {
+		return getShowResult(securityContext, this.showDetails);
+	}
+
+	private boolean getShowResult(SecurityContext securityContext, Show show) {
+		switch (show) {
 		case NEVER:
 			return false;
 		case ALWAYS:
 			return true;
 		case WHEN_AUTHORIZED:
 			return isAuthorized(securityContext);
 		}
-		throw new IllegalStateException("Unsupported ShowDetails value " + showDetails);
+		throw new IllegalStateException("Unsupported 'show' value " + show);
 	}
 
 	private boolean isAuthorized(SecurityContext securityContext) {

spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/health/AutoConfiguredHealthEndpointGroups.java

@@ -31,7 +31,7 @@
 import org.springframework.beans.factory.NoSuchBeanDefinitionException;
 import org.springframework.beans.factory.annotation.BeanFactoryAnnotationUtils;
 import org.springframework.boot.actuate.autoconfigure.health.HealthEndpointProperties.Group;
-import org.springframework.boot.actuate.autoconfigure.health.HealthProperties.ShowDetails;
+import org.springframework.boot.actuate.autoconfigure.health.HealthProperties.Show;
 import org.springframework.boot.actuate.autoconfigure.health.HealthProperties.Status;
 import org.springframework.boot.actuate.health.HealthEndpointGroup;
 import org.springframework.boot.actuate.health.HealthEndpointGroups;
@@ -65,7 +65,8 @@ class AutoConfiguredHealthEndpointGroups implements HealthEndpointGroups {
 	AutoConfiguredHealthEndpointGroups(ApplicationContext applicationContext, HealthEndpointProperties properties) {
 		ListableBeanFactory beanFactory = (applicationContext instanceof ConfigurableApplicationContext)
 				? ((ConfigurableApplicationContext) applicationContext).getBeanFactory() : applicationContext;
-		ShowDetails showDetails = properties.getShowDetails();
+		Show showComponents = properties.getShowComponents();
+		Show showDetails = properties.getShowDetails();
 		Set<String> roles = properties.getRoles();
 		StatusAggregator statusAggregator = getNonQualifiedBean(beanFactory, StatusAggregator.class);
 		if (statusAggregator == null) {
@@ -76,18 +77,20 @@ class AutoConfiguredHealthEndpointGroups implements HealthEndpointGroups {
 			httpCodeStatusMapper = new SimpleHttpCodeStatusMapper(properties.getStatus().getHttpMapping());
 		}
 		this.primaryGroup = new AutoConfiguredHealthEndpointGroup(ALL, statusAggregator, httpCodeStatusMapper,
-				showDetails, roles);
+				showComponents, showDetails, roles);
 		this.groups = createGroups(properties.getGroup(), beanFactory, statusAggregator, httpCodeStatusMapper,
-				showDetails, roles);
+				showComponents, showDetails, roles);
 	}
 
 	private Map<String, HealthEndpointGroup> createGroups(Map<String, Group> groupProperties, BeanFactory beanFactory,
 			StatusAggregator defaultStatusAggregator, HttpCodeStatusMapper defaultHttpCodeStatusMapper,
-			ShowDetails defaultShowDetails, Set<String> defaultRoles) {
+			Show defaultShowComponents, Show defaultShowDetails, Set<String> defaultRoles) {
 		Map<String, HealthEndpointGroup> groups = new LinkedHashMap<String, HealthEndpointGroup>();
 		groupProperties.forEach((groupName, group) -> {
 			Status status = group.getStatus();
-			ShowDetails showDetails = (group.getShowDetails() != null) ? group.getShowDetails() : defaultShowDetails;
+			Show showComponents = (group.getShowComponents() != null) ? group.getShowComponents()
+					: defaultShowComponents;
+			Show showDetails = (group.getShowDetails() != null) ? group.getShowDetails() : defaultShowDetails;
 			Set<String> roles = !CollectionUtils.isEmpty(group.getRoles()) ? group.getRoles() : defaultRoles;
 			StatusAggregator statusAggregator = getQualifiedBean(beanFactory, StatusAggregator.class, groupName, () -> {
 				if (!CollectionUtils.isEmpty(status.getOrder())) {
@@ -104,7 +107,7 @@ private Map<String, HealthEndpointGroup> createGroups(Map<String, Group> groupPr
 					});
 			Predicate<String> members = new IncludeExcludeGroupMemberPredicate(group.getInclude(), group.getExclude());
 			groups.put(groupName, new AutoConfiguredHealthEndpointGroup(members, statusAggregator, httpCodeStatusMapper,
-					showDetails, roles));
+					showComponents, showDetails, roles));
 		});
 		return Collections.unmodifiableMap(groups);
 	}

spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/health/HealthProperties.java

@@ -38,10 +38,15 @@ public abstract class HealthProperties {
 	@NestedConfigurationProperty
 	private final Status status = new Status();
 
+	/**
+	 * When to show components. If not specified the 'show-details' setting will be used.
+	 */
+	private Show showComponents;
+
 	/**
 	 * When to show full health details.
 	 */
-	private ShowDetails showDetails = ShowDetails.NEVER;
+	private Show showDetails = Show.NEVER;
 
 	/**
 	 * Roles used to determine whether or not a user is authorized to be shown details.
@@ -53,11 +58,19 @@ public Status getStatus() {
 		return this.status;
 	}
 
-	public ShowDetails getShowDetails() {
+	public Show getShowComponents() {
+		return this.showComponents;
+	}
+
+	public void setShowComponents(Show showComponents) {
+		this.showComponents = showComponents;
+	}
+
+	public Show getShowDetails() {
 		return this.showDetails;
 	}
 
-	public void setShowDetails(ShowDetails showDetails) {
+	public void setShowDetails(Show showDetails) {
 		this.showDetails = showDetails;
 	}
 
@@ -102,23 +115,23 @@ public Map<String, Integer> getHttpMapping() {
 	}
 
 	/**
-	 * Options for showing details in responses from the {@link HealthEndpoint} web
+	 * Options for showing items in responses from the {@link HealthEndpoint} web
 	 * extensions.
 	 */
-	public enum ShowDetails {
+	public enum Show {
 
 		/**
-		 * Never show details in the response.
+		 * Never show the item in the response.
 		 */
 		NEVER,
 
 		/**
-		 * Show details in the response when accessed by an authorized user.
+		 * Show the item in the response when accessed by an authorized user.
 		 */
 		WHEN_AUTHORIZED,
 
 		/**
-		 * Always show details in the response.
+		 * Always show the item in the response.
 		 */
 		ALWAYS
 

spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/endpoint/web/documentation/HealthEndpointDocumentationTests.java

@@ -146,7 +146,12 @@ public boolean isMember(String name) {
 		}
 
 		@Override
-		public boolean includeDetails(SecurityContext securityContext) {
+		public boolean showComponents(SecurityContext securityContext) {
+			return true;
+		}
+
+		@Override
+		public boolean showDetails(SecurityContext securityContext) {
 			return true;
 		}
 

spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/health/AutoConfiguredHealthEndpointGroupTests.java

@@ -25,7 +25,7 @@
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;
 
-import org.springframework.boot.actuate.autoconfigure.health.HealthProperties.ShowDetails;
+import org.springframework.boot.actuate.autoconfigure.health.HealthProperties.Show;
 import org.springframework.boot.actuate.endpoint.SecurityContext;
 import org.springframework.boot.actuate.health.HttpCodeStatusMapper;
 import org.springframework.boot.actuate.health.StatusAggregator;
@@ -60,80 +60,142 @@ void setup() {
 	@Test
 	void isMemberWhenMemberPredicateMatchesAcceptsTrue() {
 		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> name.startsWith("a"),
-				this.statusAggregator, this.httpCodeStatusMapper, ShowDetails.ALWAYS, Collections.emptySet());
+				this.statusAggregator, this.httpCodeStatusMapper, null, Show.ALWAYS, Collections.emptySet());
 		assertThat(group.isMember("albert")).isTrue();
 		assertThat(group.isMember("arnold")).isTrue();
 	}
 
 	@Test
 	void isMemberWhenMemberPredicateRejectsReturnsTrue() {
 		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> name.startsWith("a"),
-				this.statusAggregator, this.httpCodeStatusMapper, ShowDetails.ALWAYS, Collections.emptySet());
+				this.statusAggregator, this.httpCodeStatusMapper, null, Show.ALWAYS, Collections.emptySet());
 		assertThat(group.isMember("bert")).isFalse();
 		assertThat(group.isMember("ernie")).isFalse();
 	}
 
 	@Test
-	void includeDetailsWhenShowDetailsIsNeverReturnsFalse() {
+	void showDetailsWhenShowDetailsIsNeverReturnsFalse() {
 		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
-				this.statusAggregator, this.httpCodeStatusMapper, ShowDetails.NEVER, Collections.emptySet());
-		assertThat(group.includeDetails(SecurityContext.NONE)).isFalse();
+				this.statusAggregator, this.httpCodeStatusMapper, null, Show.NEVER, Collections.emptySet());
+		assertThat(group.showDetails(SecurityContext.NONE)).isFalse();
 	}
 
 	@Test
-	void includeDetailsWhenShowDetailsIsAlwaysReturnsTrue() {
+	void showDetailsWhenShowDetailsIsAlwaysReturnsTrue() {
 		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
-				this.statusAggregator, this.httpCodeStatusMapper, ShowDetails.ALWAYS, Collections.emptySet());
-		assertThat(group.includeDetails(SecurityContext.NONE)).isTrue();
+				this.statusAggregator, this.httpCodeStatusMapper, null, Show.ALWAYS, Collections.emptySet());
+		assertThat(group.showDetails(SecurityContext.NONE)).isTrue();
 	}
 
 	@Test
-	void includeDetailsWhenShowDetailsIsWhenAuthorizedAndPrincipalIsNullReturnsFalse() {
+	void showDetailsWhenShowDetailsIsWhenAuthorizedAndPrincipalIsNullReturnsFalse() {
 		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
-				this.statusAggregator, this.httpCodeStatusMapper, ShowDetails.WHEN_AUTHORIZED, Collections.emptySet());
+				this.statusAggregator, this.httpCodeStatusMapper, null, Show.WHEN_AUTHORIZED, Collections.emptySet());
 		given(this.securityContext.getPrincipal()).willReturn(null);
-		assertThat(group.includeDetails(this.securityContext)).isFalse();
+		assertThat(group.showDetails(this.securityContext)).isFalse();
 	}
 
 	@Test
-	void includeDetailsWhenShowDetailsIsWhenAuthorizedAndRolesAreEmptyReturnsTrue() {
+	void showDetailsWhenShowDetailsIsWhenAuthorizedAndRolesAreEmptyReturnsTrue() {
 		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
-				this.statusAggregator, this.httpCodeStatusMapper, ShowDetails.WHEN_AUTHORIZED, Collections.emptySet());
+				this.statusAggregator, this.httpCodeStatusMapper, null, Show.WHEN_AUTHORIZED, Collections.emptySet());
 		given(this.securityContext.getPrincipal()).willReturn(this.principal);
-		assertThat(group.includeDetails(this.securityContext)).isTrue();
+		assertThat(group.showDetails(this.securityContext)).isTrue();
 	}
 
 	@Test
-	void includeDetailsWhenShowDetailsIsWhenAuthorizedAndUseIsInRoleReturnsTrue() {
+	void showDetailsWhenShowDetailsIsWhenAuthorizedAndUseIsInRoleReturnsTrue() {
 		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
-				this.statusAggregator, this.httpCodeStatusMapper, ShowDetails.WHEN_AUTHORIZED,
+				this.statusAggregator, this.httpCodeStatusMapper, null, Show.WHEN_AUTHORIZED,
 				Arrays.asList("admin", "root", "bossmode"));
 		given(this.securityContext.getPrincipal()).willReturn(this.principal);
 		given(this.securityContext.isUserInRole("root")).willReturn(true);
-		assertThat(group.includeDetails(this.securityContext)).isTrue();
+		assertThat(group.showDetails(this.securityContext)).isTrue();
 	}
 
 	@Test
-	void includeDetailsWhenShowDetailsIsWhenAuthorizedAndUseIsNotInRoleReturnsFalse() {
+	void showDetailsWhenShowDetailsIsWhenAuthorizedAndUseIsNotInRoleReturnsFalse() {
 		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
-				this.statusAggregator, this.httpCodeStatusMapper, ShowDetails.WHEN_AUTHORIZED,
+				this.statusAggregator, this.httpCodeStatusMapper, null, Show.WHEN_AUTHORIZED,
 				Arrays.asList("admin", "rot", "bossmode"));
 		given(this.securityContext.getPrincipal()).willReturn(this.principal);
 		given(this.securityContext.isUserInRole("root")).willReturn(true);
-		assertThat(group.includeDetails(this.securityContext)).isFalse();
+		assertThat(group.showDetails(this.securityContext)).isFalse();
+	}
+
+	@Test
+	void showComponentsWhenShowComponentsIsNullDelegatesToShowDetails() {
+		AutoConfiguredHealthEndpointGroup alwaysGroup = new AutoConfiguredHealthEndpointGroup((name) -> true,
+				this.statusAggregator, this.httpCodeStatusMapper, null, Show.ALWAYS, Collections.emptySet());
+		assertThat(alwaysGroup.showComponents(SecurityContext.NONE)).isTrue();
+		AutoConfiguredHealthEndpointGroup neverGroup = new AutoConfiguredHealthEndpointGroup((name) -> true,
+				this.statusAggregator, this.httpCodeStatusMapper, null, Show.NEVER, Collections.emptySet());
+		assertThat(neverGroup.showComponents(SecurityContext.NONE)).isFalse();
+	}
+
+	@Test
+	void showComponentsWhenShowDetailsIsNeverReturnsFalse() {
+		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
+				this.statusAggregator, this.httpCodeStatusMapper, Show.NEVER, Show.ALWAYS, Collections.emptySet());
+		assertThat(group.showComponents(SecurityContext.NONE)).isFalse();
+	}
+
+	@Test
+	void showComponentsWhenShowDetailsIsAlwaysReturnsTrue() {
+		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
+				this.statusAggregator, this.httpCodeStatusMapper, Show.ALWAYS, Show.NEVER, Collections.emptySet());
+		assertThat(group.showComponents(SecurityContext.NONE)).isTrue();
+	}
+
+	@Test
+	void showComponentsWhenShowDetailsIsWhenAuthorizedAndPrincipalIsNullReturnsFalse() {
+		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
+				this.statusAggregator, this.httpCodeStatusMapper, Show.WHEN_AUTHORIZED, Show.NEVER,
+				Collections.emptySet());
+		given(this.securityContext.getPrincipal()).willReturn(null);
+		assertThat(group.showComponents(this.securityContext)).isFalse();
+	}
+
+	@Test
+	void showComponentsWhenShowDetailsIsWhenAuthorizedAndRolesAreEmptyReturnsTrue() {
+		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
+				this.statusAggregator, this.httpCodeStatusMapper, Show.WHEN_AUTHORIZED, Show.NEVER,
+				Collections.emptySet());
+		given(this.securityContext.getPrincipal()).willReturn(this.principal);
+		assertThat(group.showComponents(this.securityContext)).isTrue();
+	}
+
+	@Test
+	void showComponentsWhenShowDetailsIsWhenAuthorizedAndUseIsInRoleReturnsTrue() {
+		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
+				this.statusAggregator, this.httpCodeStatusMapper, Show.WHEN_AUTHORIZED, Show.NEVER,
+				Arrays.asList("admin", "root", "bossmode"));
+		given(this.securityContext.getPrincipal()).willReturn(this.principal);
+		given(this.securityContext.isUserInRole("root")).willReturn(true);
+		assertThat(group.showComponents(this.securityContext)).isTrue();
+	}
+
+	@Test
+	void showComponentsWhenShowDetailsIsWhenAuthorizedAndUseIsNotInRoleReturnsFalse() {
+		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
+				this.statusAggregator, this.httpCodeStatusMapper, Show.WHEN_AUTHORIZED, Show.NEVER,
+				Arrays.asList("admin", "rot", "bossmode"));
+		given(this.securityContext.getPrincipal()).willReturn(this.principal);
+		given(this.securityContext.isUserInRole("root")).willReturn(true);
+		assertThat(group.showComponents(this.securityContext)).isFalse();
 	}
 
 	@Test
 	void getStatusAggregatorReturnsStatusAggregator() {
 		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
-				this.statusAggregator, this.httpCodeStatusMapper, ShowDetails.ALWAYS, Collections.emptySet());
+				this.statusAggregator, this.httpCodeStatusMapper, null, Show.ALWAYS, Collections.emptySet());
 		assertThat(group.getStatusAggregator()).isSameAs(this.statusAggregator);
 	}
 
 	@Test
 	void getHttpCodeStatusMapperReturnsHttpCodeStatusMapper() {
 		AutoConfiguredHealthEndpointGroup group = new AutoConfiguredHealthEndpointGroup((name) -> true,
-				this.statusAggregator, this.httpCodeStatusMapper, ShowDetails.ALWAYS, Collections.emptySet());
+				this.statusAggregator, this.httpCodeStatusMapper, null, Show.ALWAYS, Collections.emptySet());
 		assertThat(group.getHttpCodeStatusMapper()).isSameAs(this.httpCodeStatusMapper);
 	}