Merge branch '3.2.x' into 3.3.x

Closes gh-42513
2024-10-04 15:25:21 +02:00 · 2024-10-04 15:25:21 +02:00 · ae677d4ddc
parent 7b4cd03066 20b3e6120d
commit ae677d4ddc
17 changed files with 191 additions and 175 deletions
--- a/.github/actions/await-http-resource/action.yml
+++ b/.github/actions/await-http-resource/action.yml
@ -1,5 +1,5 @@
 name: Await HTTP Resource
-description: Waits for an HTTP resource to be available (a HEAD request succeeds)
+description: 'Waits for an HTTP resource to be available (a HEAD request succeeds)'
 inputs:
  url:
    description: 'The URL of the resource to await'
--- a/.github/actions/build/action.yml
+++ b/.github/actions/build/action.yml
@ -1,47 +1,47 @@
-name: 'Build'
+name: Build
 description: 'Builds the project, optionally publishing it to a local deployment repository'
 inputs:
-  java-version:
+  commercial-release-repository-url:
+    description: 'URL of the release repository'
    required: false
-    default: '17'
-    description: 'The Java version to compile and test with'
-  java-early-access:
+  commercial-repository-password:
+    description: 'Password for authentication with the commercial repository'
    required: false
-    default: 'false'
-    description: 'Whether the Java version is in early access'
-  java-toolchain:
+  commercial-repository-username:
+    description: 'Username for authentication with the commercial repository'
+    required: false
+  commercial-snapshot-repository-url:
+    description: 'URL of the snapshot repository'
+    required: false
+  develocity-access-key:
+    description: 'Access key for authentication with ge.spring.io'
    required: false
-    default: 'false'
-    description: 'Whether a Java toolchain should be used'
  java-distribution:
+    description: 'Java distribution to use'
    required: false
    default: 'liberica'
-    description: 'The distribution of Java to use'
-  publish:
+  java-early-access:
+    description: 'Whether the Java version is in early access'
    required: false
    default: 'false'
+  java-toolchain:
+    description: 'Whether a Java toolchain should be used'
+    required: false
+    default: 'false'
+  java-version:
+    description: 'Java version to compile and test with'
+    required: false
+    default: '17'
+  publish:
    description: 'Whether to publish artifacts ready for deployment to Artifactory'
-  develocity-access-key:
    required: false
-    description: 'The access key for authentication with ge.spring.io'
-  commercial-repository-username:
-    required: false
-    description: 'Username for authentication with the commercial repository'
-  commercial-repository-password:
-    required: false
-    description: 'Password for authentication with the commercial repository'
-  commercial-release-repository-url:
-    required: false
-    description: 'URL of the release repository'
-  commercial-snapshot-repository-url:
-    required: false
-    description: 'URL of the snapshot repository'
+    default: 'false'
 outputs:
  build-scan-url:
-    description: 'The URL, if any, of the build scan produced by the build'
+    description: 'URL, if any, of the build scan produced by the build'
    value: ${{ (inputs.publish == 'true' && steps.publish.outputs.build-scan-url) || steps.build.outputs.build-scan-url }}
  version:
-    description: 'The version that was built'
+    description: 'Version that was built'
    value: ${{ steps.read-version.outputs.version }}
 runs:
  using: composite
@ -50,18 +50,18 @@ runs:
      uses: ./.github/actions/prepare-gradle-build
      with:
        develocity-access-key: ${{ inputs.develocity-access-key }}
-        java-version: ${{ inputs.java-version }}
+        java-distribution: ${{ inputs.java-distribution }}
        java-early-access: ${{ inputs.java-early-access }}
        java-toolchain: ${{ inputs.java-toolchain }}
-        java-distribution: ${{ inputs.java-distribution }}
+        java-version: ${{ inputs.java-version }}
    - name: Build
      id: build
      if: ${{ inputs.publish == 'false' }}
      shell: bash
      env:
-        COMMERCIAL_REPO_USERNAME: ${{ inputs.commercial-repository-username }}
-        COMMERCIAL_REPO_PASSWORD: ${{ inputs.commercial-repository-password }}
        COMMERCIAL_RELEASE_REPO_URL: ${{ inputs.commercial-release-repository-url }}
+        COMMERCIAL_REPO_PASSWORD: ${{ inputs.commercial-repository-password }}
+        COMMERCIAL_REPO_USERNAME: ${{ inputs.commercial-repository-username }}
        COMMERCIAL_SNAPSHOT_REPO_URL: ${{ inputs.commercial-snapshot-repository-url }}
      run: ./gradlew build
    - name: Publish
@ -69,9 +69,9 @@ runs:
      if: ${{ inputs.publish == 'true' }}
      shell: bash
      env:
-        COMMERCIAL_REPO_USERNAME: ${{ inputs.commercial-repository-username }}
-        COMMERCIAL_REPO_PASSWORD: ${{ inputs.commercial-repository-password }}
        COMMERCIAL_RELEASE_REPO_URL: ${{ inputs.commercial-release-repository-url }}
+        COMMERCIAL_REPO_PASSWORD: ${{ inputs.commercial-repository-password }}
+        COMMERCIAL_REPO_USERNAME: ${{ inputs.commercial-repository-username }}
        COMMERCIAL_SNAPSHOT_REPO_URL: ${{ inputs.commercial-snapshot-repository-url }}
      run: ./gradlew -PdeploymentRepository=$(pwd)/deployment-repository ${{ !startsWith(github.event.head_commit.message, 'Next development version') && 'build' || '' }} publishAllPublicationsToDeploymentRepository
    - name: Read Version From gradle.properties
--- a/.github/actions/create-github-release/action.yml
+++ b/.github/actions/create-github-release/action.yml
@ -1,11 +1,11 @@
 name: Create GitHub Release
-description: Create the release on GitHub with a changelog
+description: 'Create the release on GitHub with a changelog'
 inputs:
  milestone:
-    description: Name of the GitHub milestone for which a release will be created
+    description: 'Name of the GitHub milestone for which a release will be created'
    required: true
  token:
-    description: Token to use for authentication with GitHub
+    description: 'Token to use for authentication with GitHub'
    required: true
 runs:
  using: composite
@ -13,11 +13,11 @@ runs:
    - name: Generate Changelog
      uses: spring-io/github-changelog-generator@185319ad7eaa75b0e8e72e4b6db19c8b2cb8c4c1 #v0.0.11
      with:
+        config-file: .github/actions/create-github-release/changelog-generator.yml
        milestone: ${{ inputs.milestone }}
        token: ${{ inputs.token }}
-        config-file: .github/actions/create-github-release/changelog-generator.yml
    - name: Create GitHub Release
+      shell: bash
      env:
        GITHUB_TOKEN: ${{ inputs.token }}
-      shell: bash
      run: gh release create ${{ format('v{0}', inputs.milestone) }} --notes-file changelog.md
--- a/.github/actions/prepare-gradle-build/action.yml
+++ b/.github/actions/prepare-gradle-build/action.yml
@ -1,25 +1,25 @@
-name: 'Prepare Gradle Build'
+name: Prepare Gradle Build
 description: 'Prepares a Gradle build. Sets up Java and Gradle and configures Gradle properties'
 inputs:
-  java-version:
+  develocity-access-key:
+    description: 'Access key for authentication with ge.spring.io'
    required: false
-    default: '17'
-    description: 'The Java version to use for the build'
-  java-early-access:
-    required: false
-    default: 'false'
-    description: 'Whether the Java version is in early access. When true, forces java-distribution to temurin'
-  java-toolchain:
-    required: false
-    default: 'false'
-    description: 'Whether a Java toolchain should be used'
  java-distribution:
+    description: 'Java distribution to use'
    required: false
    default: 'liberica'
-    description: 'The distribution of Java to use'
-  develocity-access-key:
+  java-early-access:
+    description: 'Whether the Java version is in early access. When true, forces java-distribution to temurin'
    required: false
-    description: 'The access key for authentication with ge.spring.io'
+    default: 'false'
+  java-toolchain:
+    description: 'Whether a Java toolchain should be used'
+    required: false
+    default: 'false'
+  java-version:
+    description: 'Java version to use for the build'
+    required: false
+    default: '17'
 runs:
  using: composite
  steps:
--- a/.github/actions/print-jvm-thread-dumps/action.yml
+++ b/.github/actions/print-jvm-thread-dumps/action.yml
@ -1,5 +1,5 @@
 name: Print JVM thread dumps
-description: Prints a thread dump for all running JVMs
+description: 'Prints a thread dump for all running JVMs'
 runs:
  using: composite
  steps:
--- a/.github/actions/publish-gradle-plugin/action.yml
+++ b/.github/actions/publish-gradle-plugin/action.yml
@ -1,22 +1,22 @@
 name: Publish Gradle Plugin
-description: Publishes Spring Boot's Gradle plugin to the Plugin Portal
+description: 'Publishes Spring Boot''s Gradle plugin to the Plugin Portal'
 inputs:
-  jfrog-cli-config-token:
-    description: 'Config token for the JFrog CLI'
-    required: true
-  plugin-version:
-    description: 'Version of the plugin'
-    required: true
+  build-number:
+    description: 'Build number to use when downloading plugin artifacts'
+    required: false
+    default: ${{ github.run_number }}
  gradle-plugin-publish-key:
    description: 'Gradle publishing key'
    required: true
  gradle-plugin-publish-secret:
    description: 'Gradle publishing secret'
    required: true
-  build-number:
-    description: 'The build number to use when downloading plugin artifacts'
-    required: false
-    default: ${{ github.run_number }}
+  jfrog-cli-config-token:
+    description: 'Config token for the JFrog CLI'
+    required: true
+  plugin-version:
+    description: 'Version of the plugin'
+    required: true
 runs:
  using: composite
  steps:
--- a/.github/actions/publish-to-sdkman/action.yml
+++ b/.github/actions/publish-to-sdkman/action.yml
@ -1,6 +1,10 @@
 name: Publish to SDKMAN!
-description: Publishes the release as a new candidate version on SDKMAN!
+description: 'Publishes the release as a new candidate version on SDKMAN!'
 inputs:
+  make-default:
+    description: 'Whether the release should be made the default version'
+    required: false
+    default: 'false'
  sdkman-consumer-key:
    description: 'Key for publishing to SDKMAN!'
    required: true
@ -8,16 +12,13 @@ inputs:
    description: 'Token for publishing to SDKMAN!'
    required: true
  spring-boot-version:
-    description: 'The version to publish'
+    description: 'Version to publish'
    required: true
-  make-default:
-    description: 'Whether the release should be made the default version'
-    required: false
-    default: false
 runs:
  using: composite
  steps:
-    - shell: bash
+    - name: Publish Release
+      shell: bash
      run: >
        curl -X POST \
          -H "Consumer-Key: ${{ inputs.sdkman-consumer-key }}" \
@ -26,8 +27,9 @@ runs:
          -H "Accept: application/json" \
          -d '{"candidate": "springboot", "version": "${{ inputs.spring-boot-version }}", "url": "${{ format('https://repo.maven.apache.org/maven2/org/springframework/boot/spring-boot-cli/{0}/spring-boot-cli-{0}-bin.zip', inputs.spring-boot-version) }}"}' \
          https://vendors.sdkman.io/release
-    - shell: bash
+    - name: Flag Release as Default
      if: ${{ inputs.make-default == 'true' }}
+      shell: bash
      run: >
        curl -X PUT \
          -H "Consumer-Key: ${{ inputs.sdkman-consumer-key }}" \
--- a/.github/actions/send-notification/action.yml
+++ b/.github/actions/send-notification/action.yml
@ -1,33 +1,39 @@
 name: Send Notification
-description: Sends a Google Chat message as a notification of the job's outcome
+description: 'Sends a Google Chat message as a notification of the job''s outcome'
 inputs:
-  webhook-url:
-    description: 'Google Chat Webhook URL'
-    required: true
+  build-scan-url:
+    description: 'URL of the build scan to include in the notification'
+    required: false
+  run-name:
+    description: 'Name of the run to include in the notification'
+    required: false
+    default: ${{ format('{0} {1}', github.ref_name, github.job) }}
  status:
    description: 'Status of the job'
    required: true
-  build-scan-url:
-    description: 'URL of the build scan to include in the notification'
-  run-name:
-    description: 'Name of the run to include in the notification'
-    default: ${{ format('{0} {1}', github.ref_name, github.job) }}
+  webhook-url:
+    description: 'Google Chat Webhook URL'
+    required: true
 runs:
  using: composite
  steps:
-    - shell: bash
+    - name: Prepare Variables
+      shell: bash
      run: |
        echo "BUILD_SCAN=${{ inputs.build-scan-url == '' && ' [build scan unavailable]' || format(' [<{0}|Build Scan>]', inputs.build-scan-url) }}" >> "$GITHUB_ENV"
        echo "RUN_URL=${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" >> "$GITHUB_ENV"
-    - shell: bash
+    - name: Success Notification
      if: ${{ inputs.status == 'success' }}
+      shell: bash
      run: |
        curl -X POST '${{ inputs.webhook-url }}' -H 'Content-Type: application/json' -d '{ text: "<${{ env.RUN_URL }}|${{ inputs.run-name }}> was successful ${{ env.BUILD_SCAN }}"}' || true
-    - shell: bash
+    - name: Failure Notification
      if: ${{ inputs.status == 'failure' }}
+      shell: bash
      run: |
        curl -X POST '${{ inputs.webhook-url }}' -H 'Content-Type: application/json' -d '{ text: "<users/all> *<${{ env.RUN_URL }}|${{ inputs.run-name }}> failed* ${{ env.BUILD_SCAN }}"}' || true
-    - shell: bash
+    - name: Cancel Notification
      if: ${{ inputs.status == 'cancelled' }}
+      shell: bash
      run: |
        curl -X POST '${{ inputs.webhook-url }}' -H 'Content-Type: application/json' -d '{ text: "<${{ env.RUN_URL }}|${{ inputs.run-name }}> was cancelled"}' || true
--- a/.github/actions/sync-to-maven-central/action.yml
+++ b/.github/actions/sync-to-maven-central/action.yml
@ -1,11 +1,11 @@
 name: Sync to Maven Central
-description: Syncs a release to Maven Central and waits for it to be available for use
+description: 'Syncs a release to Maven Central and waits for it to be available for use'
 inputs:
  jfrog-cli-config-token:
    description: 'Config token for the JFrog CLI'
    required: true
-  spring-boot-version:
-    description: 'The version of Spring Boot that is being synced to Central'
+  ossrh-s01-staging-profile:
+    description: 'Staging profile to use when syncing to Central'
    required: true
  ossrh-s01-token-username:
    description: 'Username for authentication with s01.oss.sonatype.org'
@ -13,8 +13,8 @@ inputs:
  ossrh-s01-token-password:
    description: 'Password for authentication with s01.oss.sonatype.org'
    required: true
-  ossrh-s01-staging-profile:
-    description: 'Staging profile to use when syncing to Central'
+  spring-boot-version:
+    description: 'Version of Spring Boot that is being synced to Central'
    required: true
 runs:
  using: composite
@ -29,14 +29,14 @@ runs:
    - name: Sync
      uses: spring-io/nexus-sync-action@42477a2230a2f694f9eaa4643fa9e76b99b7ab84 # v0.0.1
      with:
-        username: ${{ inputs.ossrh-s01-token-username }}
-        password: ${{ inputs.ossrh-s01-token-password }}
-        staging-profile-name: ${{ inputs.ossrh-s01-staging-profile }}
-        create: true
-        upload: true
        close: true
-        release: true
+        create: true
        generate-checksums: true
+        password: ${{ inputs.ossrh-s01-token-password }}
+        release: true
+        staging-profile-name: ${{ inputs.ossrh-s01-staging-profile }}
+        upload: true
+        username: ${{ inputs.ossrh-s01-token-username }}
    - name: Await
      uses: ./.github/actions/await-http-resource
      with:
--- a/.github/workflows/build-and-deploy-snapshot.yml
+++ b/.github/workflows/build-and-deploy-snapshot.yml
@ -8,8 +8,8 @@ concurrency:
 jobs:
  build-and-deploy-snapshot:
    name: Build and Deploy Snapshot
-    runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }}
    if: ${{ github.repository == 'spring-projects/spring-boot' || github.repository == 'spring-projects/spring-boot-commercial' }}
+    runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }}
    steps:
      - name: Check Out Code
        uses: actions/checkout@v4
@ -17,40 +17,40 @@ jobs:
        id: build-and-publish
        uses: ./.github/actions/build
        with:
+          commercial-release-repository-url: ${{ vars.COMMERCIAL_RELEASE_REPO_URL }}
+          commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }}
+          commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }}
+          commercial-snapshot-repository-url: ${{ vars.COMMERCIAL_SNAPSHOT_REPO_URL }}
          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
          publish: true
-          commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }}
-          commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }}
-          commercial-release-repository-url: ${{ vars.COMMERCIAL_RELEASE_REPO_URL }}
-          commercial-snapshot-repository-url: ${{ vars.COMMERCIAL_SNAPSHOT_REPO_URL }}
      - name: Deploy
        uses: spring-io/artifactory-deploy-action@26bbe925a75f4f863e1e529e85be2d0093cac116 # v0.0.1
        with:
-          uri: ${{ vars.COMMERCIAL_DEPLOY_REPO_URL || 'https://repo.spring.io' }}
-          username: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_USERNAME || secrets.ARTIFACTORY_USERNAME }}
-          password: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_PASSWORD || secrets.ARTIFACTORY_PASSWORD }}
          build-name: ${{ vars.COMMERCIAL && format('spring-boot-commercial-{0}', github.ref_name) || format('spring-boot-{0}', github.ref_name) }}
-          repository: ${{ vars.COMMERCIAL && 'spring-commercial-snapshot-local' || 'libs-snapshot-local' }}
-          project: ${{ vars.COMMERCIAL && 'spring' }}
          folder: 'deployment-repository'
+          password: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_PASSWORD || secrets.ARTIFACTORY_PASSWORD }}
+          project: ${{ vars.COMMERCIAL && 'spring' }}
+          repository: ${{ vars.COMMERCIAL && 'spring-commercial-snapshot-local' || 'libs-snapshot-local' }}
          signing-key: ${{ secrets.GPG_PRIVATE_KEY }}
          signing-passphrase: ${{ secrets.GPG_PASSPHRASE }}
+          uri: ${{ vars.COMMERCIAL_DEPLOY_REPO_URL || 'https://repo.spring.io' }}
+          username: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_USERNAME || secrets.ARTIFACTORY_USERNAME }}
      - name: Send Notification
-        uses: ./.github/actions/send-notification
        if: always()
+        uses: ./.github/actions/send-notification
        with:
-          webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}
-          status: ${{ job.status }}
          build-scan-url: ${{ steps.build-and-publish.outputs.build-scan-url }}
          run-name: ${{ format('{0} | Linux | Java 17', github.ref_name) }}
+          status: ${{ job.status }}
+          webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}
    outputs:
      version: ${{ steps.build-and-publish.outputs.version }}
  trigger-docs-build:
    name: Trigger Docs Build
-    runs-on: ubuntu-latest
    needs: build-and-deploy-snapshot
    permissions:
      actions: write
+    runs-on: ubuntu-latest
    steps:
      - name: Run Deploy Docs Workflow
        env:
@ -61,11 +61,11 @@ jobs:
    needs: build-and-deploy-snapshot
    uses: ./.github/workflows/verify.yml
    secrets:
+      commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }}
+      commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }}
      google-chat-webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}
      opensource-repository-password: ${{ secrets.ARTIFACTORY_PASSWORD }}
      opensource-repository-username: ${{ secrets.ARTIFACTORY_USERNAME }}
-      commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }}
-      commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }}
      token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }}
    with:
      version: ${{ needs.build-and-deploy-snapshot.outputs.version }}
--- a/.github/workflows/build-pull-request.yml
+++ b/.github/workflows/build-pull-request.yml
@ -5,19 +5,19 @@ permissions:
 jobs:
  build:
    name: Build Pull Request
-    runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }}
    if: ${{ github.repository == 'spring-projects/spring-boot' }}
+    runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }}
    steps:
      - name: Free Disk Space
        uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
        with:
-          large-packages: false
          docker-images: false
+          large-packages: false
      - name: Set Up JDK 17
        uses: actions/setup-java@v4
        with:
-          java-version: '17'
          distribution: 'liberica'
+          java-version: '17'
      - name: Check Out
        uses: actions/checkout@v4
      - name: Validate Gradle Wrapper
@ -30,11 +30,11 @@ jobs:
          GRADLE_ENTERPRISE_URL: 'https://ge.spring.io'
        run: ./gradlew -Dorg.gradle.internal.launcher.welcomeMessageEnabled=false --no-daemon --no-parallel --continue build
      - name: Print JVM Thread Dumps When Cancelled
-        uses: ./.github/actions/print-jvm-thread-dumps
        if: cancelled()
+        uses: ./.github/actions/print-jvm-thread-dumps
      - name: Upload Build Reports
-        uses: actions/upload-artifact@v4
        if: failure()
+        uses: actions/upload-artifact@v4
        with:
          name: build-reports
          path: '**/build/reports/'
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -8,8 +8,8 @@ concurrency:
 jobs:
  ci:
    name: '${{ matrix.os.name}} | Java ${{ matrix.java.version}}'
-    runs-on: ${{ matrix.os.id }}
    if: ${{ github.repository == 'spring-projects/spring-boot' || github.repository == 'spring-projects/spring-boot-commercial' }}
+    runs-on: ${{ matrix.os.id }}
    strategy:
      fail-fast: false
      matrix:
@ -45,20 +45,20 @@ jobs:
        id: build
        uses: ./.github/actions/build
        with:
-          java-version: ${{ matrix.java.version }}
-          java-early-access: ${{ matrix.java.early-access || 'false' }}
-          java-toolchain: ${{ matrix.java.toolchain }}
-          java-distribution: ${{ matrix.java.distribution }}
-          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
-          commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }}
-          commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }}
          commercial-release-repository-url: ${{ vars.COMMERCIAL_RELEASE_REPO_URL }}
+          commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }}
+          commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }}
          commercial-snapshot-repository-url: ${{ vars.COMMERCIAL_SNAPSHOT_REPO_URL }}
+          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
+          java-early-access: ${{ matrix.java.early-access || 'false' }}
+          java-distribution: ${{ matrix.java.distribution }}
+          java-toolchain: ${{ matrix.java.toolchain }}
+          java-version: ${{ matrix.java.version }}
      - name: Send Notification
-        uses: ./.github/actions/send-notification
        if: always()
+        uses: ./.github/actions/send-notification
        with:
-          webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}
-          status: ${{ job.status }}
          build-scan-url: ${{ steps.build.outputs.build-scan-url }}
          run-name: ${{ format('{0} | {1} | Java {2}', github.ref_name, matrix.os.name, matrix.java.version) }}
+          status: ${{ job.status }}
+          webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}
--- a/.github/workflows/distribute.yml
+++ b/.github/workflows/distribute.yml
@ -2,12 +2,8 @@ name: Distribute
 on:
  workflow_dispatch:
    inputs:
-      version:
-        description: 'The version to bundle and distribute'
-        required: true
-        type: string
      build-number:
-        description: 'The number of the build to use to create the bundle'
+        description: 'Number of the build to use to create the bundle'
        required: true
        type: string
      create-bundle:
@ -15,6 +11,10 @@ on:
        required: true
        type: boolean
        default: true
+      version:
+        description: 'Version to bundle and distribute'
+        required: true
+        type: string
 jobs:
  distribute-spring-enterprise-release-bundle:
    runs-on: ${{ vars.UBUNTU_SMALL || 'ubuntu-latest' }}
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -8,8 +8,8 @@ concurrency:
 jobs:
  build-and-stage-release:
    name: Build and Stage Release
-    runs-on: ${{ vars.UBUNTU_MEDIUIM || 'ubuntu-latest' }}
    if: ${{ github.repository == 'spring-projects/spring-boot' || github.repository == 'spring-projects/spring-boot-commercial' }}
+    runs-on: ${{ vars.UBUNTU_MEDIUIM || 'ubuntu-latest' }}
    steps:
      - name: Check Out Code
        uses: actions/checkout@v4
@ -17,38 +17,38 @@ jobs:
        id: build-and-publish
        uses: ./.github/actions/build
        with:
+          commercial-release-repository-url: ${{ vars.COMMERCIAL_RELEASE_REPO_URL }}
+          commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }}
+          commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }}
+          commercial-snapshot-repository-url: ${{ vars.COMMERCIAL_SNAPSHOT_REPO_URL }}
          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
          publish: true
-          commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }}
-          commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }}
-          commercial-release-repository-url: ${{ vars.COMMERCIAL_RELEASE_REPO_URL }}
-          commercial-snapshot-repository-url: ${{ vars.COMMERCIAL_SNAPSHOT_REPO_URL }}
      - name: Stage Release
        uses: spring-io/artifactory-deploy-action@26bbe925a75f4f863e1e529e85be2d0093cac116 # v0.0.1
        with:
-          uri: ${{ vars.COMMERCIAL_DEPLOY_REPO_URL || 'https://repo.spring.io' }}
-          username: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_USERNAME || secrets.ARTIFACTORY_USERNAME }}
-          password: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_PASSWORD || secrets.ARTIFACTORY_PASSWORD }}
          build-name: ${{ vars.COMMERCIAL && format('spring-boot-commercial-{0}', github.ref_name) || format('spring-boot-{0}', github.ref_name) }}
-          repository: ${{ vars.COMMERCIAL && 'spring-enterprise-maven-stage-local' || 'libs-staging-local' }}
-          project: ${{ vars.COMMERCIAL && 'spring' }}
          folder: 'deployment-repository'
+          password: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_PASSWORD || secrets.ARTIFACTORY_PASSWORD }}
+          project: ${{ vars.COMMERCIAL && 'spring' }}
+          repository: ${{ vars.COMMERCIAL && 'spring-enterprise-maven-stage-local' || 'libs-staging-local' }}
          signing-key: ${{ secrets.GPG_PRIVATE_KEY }}
          signing-passphrase: ${{ secrets.GPG_PASSPHRASE }}
+          uri: ${{ vars.COMMERCIAL_DEPLOY_REPO_URL || 'https://repo.spring.io' }}
+          username: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_USERNAME || secrets.ARTIFACTORY_USERNAME }}
    outputs:
      version: ${{ steps.build-and-publish.outputs.version }}
  verify:
    name: Verify
    needs: build-and-stage-release
    uses: ./.github/workflows/verify.yml
-    with:
-      staging: true
-      version: ${{ needs.build-and-stage-release.outputs.version }}
    secrets:
      google-chat-webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}
      repository-password: ${{ secrets.ARTIFACTORY_PASSWORD }}
      repository-username: ${{ secrets.ARTIFACTORY_USERNAME }}
      token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }}
+    with:
+      staging: true
+      version: ${{ needs.build-and-stage-release.outputs.version }}
  sync-to-maven-central:
    name: Sync to Maven Central
    if: ${{ !COMMERCIAL }}
@ -134,12 +134,12 @@ jobs:
          token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }}
  trigger-docs-build:
    name: Trigger Docs Build
-    runs-on: ubuntu-latest
    needs:
      - build-and-stage-release
      - sync-to-maven-central
    permissions:
      actions: write
+    runs-on: ubuntu-latest
    steps:
      - name: Run Deploy Docs Workflow
        env:
--- a/.github/workflows/run-system-tests.yml
+++ b/.github/workflows/run-system-tests.yml
@ -8,8 +8,8 @@ concurrency:
 jobs:
  run-system-tests:
    name: 'Java ${{ matrix.java.version}}'
-    runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }}
    if: ${{ github.repository == 'spring-projects/spring-boot' }}
+    runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }}
    strategy:
      matrix:
        java:
@ -24,17 +24,17 @@ jobs:
        uses: ./.github/actions/prepare-gradle-build
        with:
          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
-          java-version: ${{ matrix.java.version }}
          java-toolchain: ${{ matrix.java.toolchain }}
+          java-version: ${{ matrix.java.version }}
      - name: Run System Tests
        id: run-system-tests
        shell: bash
        run: ./gradlew systemTest
      - name: Send Notification
-        uses: ./.github/actions/send-notification
        if: always()
+        uses: ./.github/actions/send-notification
        with:
-          webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}
-          status: ${{ job.status }}
          build-scan-url: ${{ steps.run-system-tests.outputs.build-scan-url }}
-          run-name: ${{ format('{0} | System Tests | Java {1}', github.ref_name, matrix.java.version) }}
+          run-name: ${{ format('{0} | System Tests | Java {1}', github.ref_name, matrix.java.version) }}
+          status: ${{ job.status }}
+          webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}
--- a/.github/workflows/trigger-docs-build.yml
+++ b/.github/workflows/trigger-docs-build.yml
@ -8,8 +8,8 @@ permissions:
 jobs:
  trigger-docs-build:
    name: Trigger Docs Build
-    runs-on: ${{ vars.UBUNTU_SMALL || 'ubuntu-latest' }}
    if: github.repository_owner == 'spring-projects'
+    runs-on: ${{ vars.UBUNTU_SMALL || 'ubuntu-latest' }}
    steps:
    - name: Check Out
      uses: actions/checkout@v4
--- a/.github/workflows/verify.yml
+++ b/.github/workflows/verify.yml
@ -2,25 +2,33 @@ name: Verify
 on:
  workflow_call:
    inputs:
-      version:
-        required: true
-        type: string
      staging:
+        description: 'Whether the release to verify is in the staging repository'
        required: false
        default: false
        type: boolean
+      version:
+        description: 'Version to verify'
+        required: true
+        type: string
    secrets:
-      opensource-repository-username:
-        required: false
-      opensource-repository-password:
+      commercial-repository-password:
+        description: 'Password for authentication with the commercial repository'
        required: false
      commercial-repository-username:
-        required: false
-      commercial-repository-password:
+        description: 'Username for authentication with the commercial repository'
        required: false
      google-chat-webhook-url:
+        description: 'Google Chat Webhook URL'
        required: true
+      opensource-repository-password:
+        description: 'Password for authentication with the open-source repository'
+        required: false
+      opensource-repository-username:
+        description: 'Username for authentication with the open-source repository'
+        required: false
      token:
+        description: 'Token to use for authentication with GitHub'
        required: true
 jobs:
  verify:
@ -30,8 +38,8 @@ jobs:
      - name: Check Out Release Verification Tests
        uses: actions/checkout@v4
        with:
-          repository: spring-projects/spring-boot-release-verification
          ref: 'v0.0.6'
+          repository: spring-projects/spring-boot-release-verification
          token: ${{ secrets.token }}
      - name: Check Out Send Notification Action
        uses: actions/checkout@v4
@ -57,24 +65,24 @@ jobs:
          echo 'org.gradle.daemon=false' >> $HOME/.gradle/gradle.properties
      - name: Run Release Verification Tests
        env:
-          RVT_VERSION: ${{ inputs.version }}
+          RVT_COMMERCIAL_REPOSITORY_PASSWORD: ${{ secrets.commercial-repository-password }}
+          RVT_COMMERCIAL_REPOSITORY_USERNAME: ${{ secrets.commercial-repository-username }}
+          RVT_OSS_REPOSITORY_PASSWORD: ${{ secrets.opensource-repository-password }}
+          RVT_OSS_REPOSITORY_USERNAME: ${{ secrets.opensource-repository-username }}
          RVT_RELEASE_TYPE: ${{ vars.COMMERCIAL && 'commercial' || 'oss' }}
          RVT_STAGING: ${{ inputs.staging }}
-          RVT_OSS_REPOSITORY_USERNAME: ${{ secrets.opensource-repository-username }}
-          RVT_OSS_REPOSITORY_PASSWORD: ${{ secrets.opensource-repository-password }}
-          RVT_COMMERCIAL_REPOSITORY_USERNAME: ${{ secrets.commercial-repository-username }}
-          RVT_COMMERCIAL_REPOSITORY_PASSWORD: ${{ secrets.commercial-repository-password }}
+          RVT_VERSION: ${{ inputs.version }}
        run: ./gradlew spring-boot-release-verification-tests:test
      - name: Upload Build Reports on Failure
-        uses: actions/upload-artifact@v4
        if: failure()
+        uses: actions/upload-artifact@v4
        with:
          name: build-reports
          path: '**/build/reports/'
      - name: Send Notification
-        uses: ./send-notification/.github/actions/send-notification
        if: always()
+        uses: ./send-notification/.github/actions/send-notification
        with:
-          webhook-url: ${{ secrets.google-chat-webhook-url }}
-          status: ${{ job.status }}
          run-name: ${{ format('{0} | Verification | {1}', github.ref_name, inputs.version) }}
+          status: ${{ job.status }}
+          webhook-url: ${{ secrets.google-chat-webhook-url }}