Split spring boot features into multiple sections

See gh-27132

spring-boot-project/spring-boot-docs/src/docs/asciidoc/actuator.adoc

@@ -1,5 +1,5 @@
 [[actuator]]
-= Spring Boot Actuator: Production-ready Features
+= Production-ready Features
 include::attributes.adoc[]
 
 

spring-boot-project/spring-boot-docs/src/docs/asciidoc/actuator/endpoints.adoc

@@ -314,9 +314,15 @@ TIP: If you want to implement your own strategy for when endpoints are exposed,
 
 
 [[actuator.endpoints.security]]
-=== Securing HTTP Endpoints
-You should take care to secure HTTP endpoints in the same way that you would any other sensitive URL.
-If Spring Security is present, endpoints are secured by default using Spring Security’s content-negotiation strategy.
+=== Security
+For security purposes, all actuators other than `/health` are disabled by default.
+The configprop:management.endpoints.web.exposure.include[] property can be used to enable the actuators.
+
+NOTE: Before setting the `management.endpoints.web.exposure.include`, ensure that the exposed actuators do not contain sensitive information and/or are secured by placing them behind a firewall or by something like Spring Security.
+
+If Spring Security is on the classpath and no other `WebSecurityConfigurerAdapter` or `SecurityFilterChain` bean is present, all actuators other than `/health` are secured by Spring Boot auto-configuration.
+If you define a custom `WebSecurityConfigurerAdapter` or `SecurityFilterChain` bean, Spring Boot auto-configuration will back off and you will be in full control of actuator access rules.
+
 If you wish to configure custom security for HTTP endpoints, for example, only allow users with a certain role to access them, Spring Boot provides some convenient `RequestMatcher` objects that can be used in combination with Spring Security.
 
 A typical Spring Security configuration might look something like the following example:
@@ -352,6 +358,15 @@ include::{docs-java}/actuator/endpoints/security/exposeall/MySecurityConfigurati
 NOTE: In both the examples above, the configuration applies only to the actuator endpoints.
 Since Spring Boot's security configuration backs off completely in the presence of any `SecurityFilterChain` bean, you will need to configure an additional `SecurityFilterChain` bean with rules that apply to the rest of the application.
 
+[[actuator.endpoints.security.csrf]]
+==== Cross Site Request Forgery Protection
+Since Spring Boot relies on Spring Security's defaults, CSRF protection is turned on by default.
+This means that the actuator endpoints that require a `POST` (shutdown and loggers endpoints), `PUT` or `DELETE` will get a 403 forbidden error when the default security configuration is in use.
+
+NOTE: We recommend disabling CSRF protection completely only if you are creating a service that is used by non-browser clients.
+
+Additional information about CSRF protection can be found in the {spring-security-docs}#csrf[Spring Security Reference Guide].
+
 
 
 [[actuator.endpoints.caching]]
@@ -1061,7 +1076,7 @@ When a Spring Boot application shuts down:
 |`CORRECT`
 |`REFUSING_TRAFFIC`
 |New requests are rejected
-|If enabled, <<features#features.graceful-shutdown,graceful shutdown processes in-flight requests>>.
+|If enabled, <<web#web.graceful-shutdown,graceful shutdown processes in-flight requests>>.
 
 |Shutdown complete
 |N/A

spring-boot-project/spring-boot-docs/src/docs/asciidoc/actuator/jmx.adoc

@@ -2,7 +2,15 @@
 == Monitoring and Management over JMX
 Java Management Extensions (JMX) provide a standard mechanism to monitor and manage applications.
 By default, this feature is not enabled and can be turned on by setting the configuration property configprop:spring.jmx.enabled[] to `true`.
-Spring Boot exposes management endpoints as JMX MBeans under the `org.springframework.boot` domain by default.
+Spring Boot exposes the most suitable `MBeanServer` as a bean with an ID of `mbeanServer`.
+Any of your beans that are annotated with Spring JMX annotations (`@ManagedResource`, `@ManagedAttribute`, or `@ManagedOperation`) are exposed to it.
+
+If your platform provides a standard `MBeanServer`, Spring Boot will use that and default to the VM `MBeanServer` if necessary.
+If all that fails, a new `MBeanServer` will be created.
+
+See the {spring-boot-autoconfigure-module-code}/jmx/JmxAutoConfiguration.java[`JmxAutoConfiguration`] class for more details.
+
+Spring Boot also exposes management endpoints as JMX MBeans under the `org.springframework.boot` domain by default.
 To Take full control over endpoints registration in the JMX domain, consider registering your own `EndpointObjectNameFactory` implementation.
 
 

spring-boot-project/spring-boot-docs/src/docs/asciidoc/actuator/metrics.adoc

@@ -628,7 +628,7 @@ To add to the default tags, provide one or more ``@Bean``s that implement `WebMv
 To replace the default tags, provide a `@Bean` that implements `WebMvcTagsProvider`.
 
 TIP: In some cases, exceptions handled in Web controllers are not recorded as request metrics tags.
-Applications can opt-in and record exceptions by <<features#features.developing-web-applications.spring-mvc.error-handling, setting handled exceptions as request attributes>>.
+Applications can opt-in and record exceptions by <<web#web.servlet.spring-mvc.error-handling, setting handled exceptions as request attributes>>.
 
 
 
@@ -667,7 +667,7 @@ To add to the default tags, provide one or more ``@Bean``s that implement `WebFl
 To replace the default tags, provide a `@Bean` that implements `WebFluxTagsProvider`.
 
 TIP: In some cases, exceptions handled in controllers and handler functions are not recorded as request metrics tags.
-Applications can opt-in and record exceptions by <<features#features.developing-web-applications.spring-webflux.error-handling, setting handled exceptions as request attributes>>.
+Applications can opt-in and record exceptions by <<web#web.reactive.webflux.error-handling, setting handled exceptions as request attributes>>.
 
 
 

spring-boot-project/spring-boot-docs/src/docs/asciidoc/anchor-rewrite.properties

@@ -778,3 +778,169 @@ rsocket-properties=application-properties.rsocket
 actuator-properties=application-properties.actuator
 devtools-properties=application-properties.devtools
 testing-properties=application-properties.testing
+features.caching=io.caching
+features.caching.provider=io.caching.provider
+features.caching.provider.generic=io.caching.provider.generic
+features.caching.provider.jcache=io.caching.provider.jcache
+features.caching.provider.ehcache2=io.caching.provider.ehcache2
+features.caching.provider.hazelcast=io.caching.provider.hazelcast
+features.caching.provider.infinispan=io.caching.provider.infinispan
+features.caching.provider.couchbase=io.caching.provider.couchbase
+features.caching.provider.redis=io.caching.provider.redis
+features.caching.provider.caffeine=io.caching.provider.caffeine
+features.caching.provider.simple=io.caching.provider.simple
+features.caching.provider.none=io.caching.provider.none
+features.jta=io.jta
+features.jta.atomikos=io.jta.atomikos
+features.jta.javaee=io.jta.javaee
+features.jta.mixing-xa-and-non-xa-connections=io.jta.mixing-xa-and-non-xa-connections
+features.jta.supporting-alternative-embedded-transaction-manager=io.jta.supporting-alternative-embedded-transaction-manager
+features.email=io.email
+features.quartz=io.quartz
+features.resttemplate=io.rest-client.resttemplate
+features.resttemplate.customization=io.rest-client.resttemplate.customization
+features.webclient=io.rest-client.webclient
+features.webclient.runtime=io.rest-client.webclient.runtime
+features.webclient.customization=io.rest-client.webclient.customization
+features.validation=io.validation
+features.webservices=io.webservices
+features.webservices.template=io.webservices.template
+features.messaging=messaging
+features.messaging.amqp=messaging.amqp
+features.messaging.amqp.rabbit=messaging.amqp.rabbit
+features.messaging.amqp.sending=messaging.amqp.sending
+features.messaging.amqp.receiving=messaging.amqp.receiving
+features.messaging.jms.activemq=messaging.jms.activemq
+features.messaging.jms.artemis=messaging.jms.artemis
+features.messaging.jms.jndi=messaging.jms.jndi
+features.messaging.jms.sending=messaging.jms.sending
+features.messaging.jms.receiving=messaging.jms.receiving
+features.messaging.kafka=messaging.kafka
+features.messaging.kafka.sending=messaging.kafka.sending
+features.messaging.kafka.receiving=messaging.kafka.receiving
+features.messaging.kafka.streams=messaging.kafka.streams
+features.messaging.kafka.additional-properties=messaging.kafka.additional-properties
+features.messaging.kafka.embedded=messaging.kafka.embedded
+features.rsocket=messaging.rsocket
+features.rsocket.strategies-auto-configuration=messaging.rsocket.strategies-auto-configuration
+features.rsocket.server-auto-configuration=messaging.rsocket.server-auto-configuration
+features.rsocket.messaging=messaging.rsocket.messaging
+features.rsocket.requester=messaging.rsocket.requester
+features.spring-integration=messaging.spring-integration
+features.websockets=messaging.websockets
+features.developing-web-applications=web
+features.graceful-shutdown=web.graceful-shutdown
+features.developing-web-applications.spring-webflux=web.reactive.webflux
+features.developing-web-applications.spring-webflux.auto-configuration=web.reactive.webflux.auto-configuration
+features.developing-web-applications.spring-webflux.httpcodecs=web.reactive.webflux.httpcodecs
+features.developing-web-applications.spring-webflux.static-context=web.reactive.webflux.static-content
+features.developing-web-applications.spring-webflux.welcome-page=web.reactive.webflux.welcome-page
+features.developing-web-applications.spring-webflux.template-engines=web.reactive.webflux.template-engines
+features.developing-web-applications.spring-webflux.error-handling=web.reactive.webflux.error-handling
+features.developing-web-applications.spring-webflux.error-pages=web.reactive.webflux.error-handling.error-pages
+features.developing-web-applications.spring-webflux.web-filters=web.reactive.webflux.web-filters
+features.developing-web-applications.spring-mvc=web.servlet.spring-mvc
+features.developing-web-applications.spring-mvc.auto-configuration=web.servlet.spring-mvc.auto-configuration
+features.developing-web-applications.spring-mvc.message-converters=web.servlet.spring-mvc.message-converters
+features.developing-web-applications.spring-mvc.json=web.servlet.spring-mvc.json
+features.developing-web-applications.spring-mvc.message-codes=web.servlet.spring-mvc.message-codes
+features.developing-web-applications.spring-mvc.static-content=web.servlet.spring-mvc.static-content
+features.developing-web-applications.spring-mvc.welcome-page=web.servlet.spring-mvc.welcome-page
+features.developing-web-applications.spring-mvc.content-negotiation=web.servlet.spring-mvc.content-negotiation
+features.developing-web-applications.spring-mvc.binding-initializer=web.servlet.spring-mvc.binding-initializer
+features.developing-web-applications.spring-mvc.template-engines=web.servlet.spring-mvc.template-engines
+features.developing-web-applications.spring-mvc.error-handling=web.servlet.spring-mvc.error-handling
+features.developing-web-applications.spring-mvc.error-handling.error-pages=web.servlet.spring-mvc.error-handling.error-pages
+features.developing-web-applications.spring-mvc.error-handling.error-pages-without-spring-mvc=web.servlet.spring-mvc.error-handling.error-pages-without-spring-mvc
+features.developing-web-applications.spring-mvc.error-handling.in-a-war-deployment=web.servlet.spring-mvc.error-handling.in-a-war-deployment
+features.developing-web-applications.spring-mvc.cors=web.servlet.spring-mvc.cors
+features.developing-web-applications.jersey=web.servlet.jersey
+features.developing-web-applications.embedded-container=web.servlet.embedded-container
+features.developing-web-applications.embedded-container.servlets-filters-listeners=web.servlet.embedded-container.servlets-filters-listeners
+features.developing-web-applications.embedded-container.servlets-filters-listeners.beans=web.servlet.embedded-container.servlets-filters-listeners.beans
+features.developing-web-applications.embedded-container.context-initializer=web.servlet.embedded-container.context-initializer
+features.developing-web-applications.embedded-container.context-initializer.scanning=web.servlet.embedded-container.context-initializer.scanning
+features.developing-web-applications.embedded-container.application-context=web.servlet.embedded-container.application-context
+features.developing-web-applications.embedded-container.customizing=web.servlet.embedded-container.customizing
+features.developing-web-applications.embedded-container.customizing.programmatic=web.servlet.embedded-container.customizing.programmatic
+features.developing-web-applications.embedded-container.customizing.direct=web.servlet.embedded-container.customizing.direct
+features.developing-web-applications.embedded-container.jsp-limitations=web.servlet.embedded-container.jsp-limitations
+features.developing-web-applications.reactive-server=web.reactive.reactive-server
+features.developing-web-applications.reactive-server-resources-configuration=web.reactive.reactive-server-resources-configuration
+features.spring-hateoas=web.spring-hateoas
+features.security=web.security
+features.security.spring-mvc=web.security.spring-mvc
+features.security.spring-webflux=web.security.spring-webflux
+features.security.oauth2=web.security.oauth2
+features.security.oauth2.client=web.security.oauth2.client
+features.security.oauth2.client.common-providers=web.security.oauth2.client.common-providers
+features.security.oauth2.server=web.security.oauth2.server
+features.security.authorization-server=web.security.oauth2.authorization-server
+features.security.saml2=web.security.saml2
+features.security.saml2.relying-party=web.security.saml2.relying-party
+features.security.actuator=actuator.endpoints.security
+features.security.actuator.csrf=actuator.endpoints.security.csrf
+features.spring-session=web.spring-session
+features.nosql=data.nosql
+features.nosql.redis=data.nosql.redis
+features.nosql.redis.connecting=data.nosql.redis.connecting
+features.nosql.mongodb=data.nosql.mongodb
+features.nosql.mongodb.connecting=data.nosql.mongodb.connecting
+features.nosql.mongodb.template=data.nosql.mongodb.template
+features.nosql.mongodb.repositories=data.nosql.mongodb.repositories
+features.nosql.mongodb.embedded=data.nosql.mongodb.embedded
+features.nosql.neo4j=data.nosql.neo4j
+features.nosql.neo4j.connecting=data.nosql.neo4j.connecting
+features.nosql.neo4j.repositories=data.nosql.neo4j.repositories
+features.nosql.solr=data.nosql.solr
+features.nosql.solr.connecting=data.nosql.solr.connecting
+features.nosql.elasticsearch=data.nosql.elasticsearch
+features.nosql.elasticsearch.connecting-using-rest=data.nosql.elasticsearch.connecting-using-rest
+features.nosql.elasticsearch.connecting-using-reactive-rest=data.nosql.elasticsearch.connecting-using-reactive-rest
+features.nosql.elasticsearch.connecting-using-spring-data=data.nosql.elasticsearch.connecting-using-spring-data
+features.nosql.elasticsearch.repositories=data.nosql.elasticsearch.repositories
+features.nosql.cassandra=data.nosql.cassandra
+features.nosql.cassandra.connecting=data.nosql.cassandra.connecting
+features.nosql.cassandra.repositories=data.nosql.cassandra.repositories
+features.nosql.couchbase=data.nosql.couchbase
+features.nosql.couchbase.connecting=data.nosql.couchbase.connecting
+features.nosql.couchbase.repositories=data.nosql.couchbase.repositories
+features.nosql.ldap=data.nosql.ldap
+features.nosql.ldap.connecting=data.nosql.ldap.connecting
+features.nosql.ldap.repositories=data.nosql.ldap.repositories
+features.nosql.ldap.embedded=data.nosql.ldap.embedded
+features.nosql.influxdb=data.nosql.influxdb
+features.nosql.influxdb.connecting=data.nosql.influxdb.connecting
+features.sql=data.sql
+features.sql.datasource=data.sql.datasource
+features.sql.datasource.embedded=data.sql.datasource.embedded
+features.sql.datasource.production=data.sql.datasource.production
+features.sql.datasource.configuration=data.sql.datasource.configuration
+features.sql.datasource.connection-pool=data.sql.datasource.connection-pool
+features.sql.datasource.jndi=data.sql.datasource.jndi
+features.sql.jdbc-template=data.sql.jdbc-template
+features.sql.jpa-and-spring-data=data.sql.jpa-and-spring-data
+features.sql.jpa-and-spring-data.entity-classes=data.sql.jpa-and-spring-data.entity-classes
+features.sql.jpa-and-spring-data.repositories=data.sql.jpa-and-spring-data.repositories
+features.sql.jpa-and-spring-data.envers-repositories=data.sql.jpa-and-spring-data.envers-repositories
+features.sql.jpa-and-spring-data.creating-and-dropping=data.sql.jpa-and-spring-data.creating-and-dropping
+features.sql.jpa-and-spring-data.open-entity-manager-in-view=data.sql.jpa-and-spring-data.open-entity-manager-in-view
+features.sql.jdbc=data.sql.jdbc
+features.sql.h2-web-console=data.sql.h2-web-console
+features.sql.h2-web-console.custom-path=data.sql.h2-web-console.custom-path
+features.sql.jooq=data.sql.jooq
+features.sql.jooq.codegen=data.sql.jooq.codegen
+features.sql.jooq.dslcontext=data.sql.jooq.dslcontext
+features.sql.jooq.sqldialect=data.sql.jooq.sqldialect
+features.sql.jooq.customizing=data.sql.jooq.customizing
+features.sql.r2dbc=data.sql.r2dbc
+features.sql.r2dbc.embedded=data.sql.r2dbc.embedded
+features.sql.r2dbc.using-database-client=data.sql.r2dbc.using-database-client
+features.sql.r2dbc.repositories=data.sql.r2dbc.repositories
+features.container-images.building=container-images.efficient-images
+features.container-images.building.buildpacks=container-images.buildpacks
+features.container-images.building.dockerfiles=container-images.dockerfiles
+features.container-images=container-images.efficient-images
+features.container-images.layering=container-images.efficient-images.layering
+features.jmx=actuator.jmx
+deployment.containers=container-images.efficient-images.unpacking

spring-boot-project/spring-boot-docs/src/docs/asciidoc/container-images.adoc

@@ -0,0 +1,11 @@
+[[container-images]]
+= Container Images
+include::attributes.adoc[]
+
+Spring Boot applications can be containerized <<container-images#container-images.dockerfiles,using Dockerfiles>>, or by <<container-images#container-images.buildpacks,using Cloud Native Buildpacks to create optimized docker compatible container images that you can run anywhere>>.
+
+include::container-images/efficient-images.adoc[]
+
+include::container-images/dockerfiles.adoc[]
+
+include::container-images/cloud-native-buildpacks.adoc[]

spring-boot-project/spring-boot-docs/src/docs/asciidoc/container-images/cloud-native-buildpacks.adoc

@@ -0,0 +1,19 @@
+[[container-images.buildpacks]]
+== Cloud Native Buildpacks
+Dockerfiles are just one way to build docker images.
+Another way to build docker images is directly from your Maven or Gradle plugin, using buildpacks.
+If you’ve ever used an application platform such as Cloud Foundry or Heroku then you’ve probably used a buildpack.
+Buildpacks are the part of the platform that takes your application and converts it into something that the platform can actually run.
+For example, Cloud Foundry’s Java buildpack will notice that you’re pushing a `.jar` file and automatically add a relevant JRE.
+
+With Cloud Native Buildpacks, you can create Docker compatible images that you can run anywhere.
+Spring Boot includes buildpack support directly for both Maven and Gradle.
+This means you can just type a single command and quickly get a sensible image into your locally running Docker daemon.
+
+Refer to the individual plugin documentation on how to use buildpacks with {spring-boot-maven-plugin-docs}#build-image[Maven] and {spring-boot-gradle-plugin-docs}#build-image[Gradle].
+
+NOTE: The https://github.com/paketo-buildpacks/spring-boot[Paketo Spring Boot buildpack] has also been updated to support the `layers.idx` file so any customization that is applied to it will be reflected in the image created by the buildpack.
+
+NOTE: In order to achieve reproducible builds and container image caching, Buildpacks can manipulate the application resources metadata (such as the file "last modified" information).
+You should ensure that your application does not rely on that metadata at runtime.
+Spring Boot can use that information when serving static resources, but this can be disabled with configprop:spring.web.resources.cache.use-last-modified[]