From f11ba8f7f175a32c8e2b158f6924b8f1e4b1ea13 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com> Date: Mon, 4 Dec 2023 16:13:41 -0600 Subject: [PATCH] Switch to reusable workflows Issue gh-14538 Closes gh-14242 Closes gh-13195 Closes gh-10460 Closes gh-11308 --- .../continuous-integration-workflow.yml | 328 ++++-------------- .../update-scheduled-release-version.yml | 75 +--- 2 files changed, 74 insertions(+), 329 deletions(-) diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml index c377af9952..403dd7573d 100644 --- a/.github/workflows/continuous-integration-workflow.yml +++ b/.github/workflows/continuous-integration-workflow.yml @@ -9,299 +9,111 @@ on: workflow_dispatch: # Manual trigger env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - GRADLE_ENTERPRISE_CACHE_USER: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} + GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} - GRADLE_ENTERPRISE_SECRET_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} - COMMIT_OWNER: ${{ github.event.pusher.name }} - COMMIT_SHA: ${{ github.sha }} - STRUCTURE101_LICENSEID: ${{ secrets.STRUCTURE101_LICENSEID }} - ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} - ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} permissions: contents: read jobs: - prerequisites: - name: Pre-requisites for building - runs-on: ubuntu-latest - if: ${{ github.repository == 'spring-projects/spring-security' }} - outputs: - runjobs: ${{ steps.continue.outputs.runjobs }} - project_version: ${{ steps.continue.outputs.project_version }} - samples_branch: ${{ steps.continue.outputs.samples_branch }} - steps: - - uses: actions/checkout@v4 - - id: continue - name: Determine if should continue - run: | - # Run jobs if in upstream repository - echo "runjobs=true" >>$GITHUB_OUTPUT - # Extract version from gradle.properties - version=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}') - echo "project_version=$version" >>$GITHUB_OUTPUT - samples_branch=$(cat gradle.properties | grep "samplesBranch=" | awk -F'=' '{print $2}') - echo "samples_branch=$samples_branch" >>$GITHUB_OUTPUT - build_jdk_17: - name: Build JDK 17 - needs: [prerequisites] + build: + name: Build + uses: spring-io/spring-security-release-tools/.github/workflows/build.yml@v1 strategy: matrix: - os: [ubuntu-latest, windows-latest] - runs-on: ${{ matrix.os }} - if: needs.prerequisites.outputs.runjobs - steps: - - uses: actions/checkout@v4 - - name: Set up JDK 17 - uses: actions/setup-java@v4 - with: - java-version: '17' - distribution: 'temurin' - cache: 'gradle' - - name: Set up Gradle - uses: gradle/gradle-build-action@v3 - - name: Set up gradle user name - run: echo 'systemProp.user.name=spring-builds+github' >> gradle.properties - - name: Build with Gradle - env: - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} - run: ./gradlew clean build --continue -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" - snapshot_tests: - name: Test against snapshots - needs: [prerequisites] - runs-on: ubuntu-latest - if: needs.prerequisites.outputs.runjobs - steps: - - uses: actions/checkout@v4 - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v2 - with: - java-version: '17' - distribution: 'temurin' - - name: Snapshot Tests - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew test --refresh-dependencies -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" -PforceMavenRepositories=snapshot -PisOverrideVersionCatalog -PspringFrameworkVersion='6.0.+' -PreactorVersion='2022.0.+' -PspringDataVersion='2022.0.+' -PlocksDisabled --stacktrace - check_samples: - name: Check Samples project - needs: [prerequisites] + os: [ ubuntu-latest, windows-latest ] + jdk: [ 17 ] + with: + runs-on: ${{ matrix.os }} + java-version: ${{ matrix.jdk }} + distribution: temurin + secrets: inherit + test: + name: Test Against Snapshots + uses: spring-io/spring-security-release-tools/.github/workflows/test.yml@v1 + strategy: + matrix: + java-version: [ 17 ] + with: + java-version: ${{ matrix.java-version }} + test-args: --refresh-dependencies -PforceMavenRepositories=snapshot -PisOverrideVersionCatalog -PspringFrameworkVersion=6.0.+ -PreactorVersion=2022.0.+ -PspringDataVersion=2022.0.+ --stacktrace + secrets: inherit + check-samples: + name: Check Samples runs-on: ubuntu-latest - if: needs.prerequisites.outputs.runjobs + if: ${{ github.repository_owner == 'spring-projects' }} steps: - uses: actions/checkout@v4 - name: Set up gradle uses: spring-io/spring-gradle-build-action@v2 with: - java-version: '17' - distribution: 'temurin' + java-version: 17 + distribution: temurin - name: Check samples project env: LOCAL_REPOSITORY_PATH: ${{ github.workspace }}/build/publications/repos SAMPLES_DIR: ../spring-security-samples - VERSION: ${{ needs.prerequisites.outputs.project_version }} - SAMPLES_BRANCH: ${{ needs.prerequisites.outputs.samples_branch }} run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" + # Extract version from gradle.properties + version=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}') + # Extract samplesBranch from gradle.properties + samples_branch=$(cat gradle.properties | grep "samplesBranch=" | awk -F'=' '{print $2}') ./gradlew publishMavenJavaPublicationToLocalRepository - ./gradlew cloneRepository -PrepositoryName="spring-projects/spring-security-samples" -Pref="$SAMPLES_BRANCH" -PcloneOutputDirectory="$SAMPLES_DIR" - ./gradlew --project-dir "$SAMPLES_DIR" --init-script spring-security-ci.gradle -PlocalRepositoryPath="$LOCAL_REPOSITORY_PATH" -PspringSecurityVersion="$VERSION" :runAllTests - check_tangles: + ./gradlew cloneRepository -PrepositoryName="spring-projects/spring-security-samples" -Pref="$samples_branch" -PcloneOutputDirectory="$SAMPLES_DIR" + ./gradlew --project-dir "$SAMPLES_DIR" --init-script spring-security-ci.gradle -PlocalRepositoryPath="$LOCAL_REPOSITORY_PATH" -PspringSecurityVersion="$version" :runAllTests + check-tangles: name: Check for Package Tangles - needs: [ prerequisites ] runs-on: ubuntu-latest - if: needs.prerequisites.outputs.runjobs + if: ${{ github.repository_owner == 'spring-projects' }} steps: - uses: actions/checkout@v4 - name: Set up gradle uses: spring-io/spring-gradle-build-action@v2 with: - java-version: '17' - distribution: 'temurin' + java-version: 17 + distribution: temurin - name: Check for package tangles + env: + STRUCTURE101_LICENSEID: ${{ secrets.STRUCTURE101_LICENSEID }} run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" ./gradlew check s101 -Ps101.licenseId="$STRUCTURE101_LICENSEID" --stacktrace - deploy_artifacts: + deploy-artifacts: name: Deploy Artifacts - needs: [build_jdk_17, snapshot_tests, check_samples, check_tangles] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v2 - with: - java-version: '17' - distribution: 'temurin' - - name: Deploy artifacts - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew publishArtifacts finalizeDeployArtifacts -PossrhUsername="$OSSRH_TOKEN_USERNAME" -PossrhPassword="$OSSRH_TOKEN_PASSWORD" -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" --stacktrace - env: - ORG_GRADLE_PROJECT_signingKey: ${{ secrets.GPG_PRIVATE_KEY }} - ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.GPG_PASSPHRASE }} - OSSRH_TOKEN_USERNAME: ${{ secrets.OSSRH_S01_TOKEN_USERNAME }} - OSSRH_TOKEN_PASSWORD: ${{ secrets.OSSRH_S01_TOKEN_PASSWORD }} - ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} - ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} - deploy_docs: + needs: [ build, test, check-samples, check-tangles ] + uses: spring-io/spring-security-release-tools/.github/workflows/deploy-artifacts.yml@v1 + with: + should-deploy-artifacts: ${{ needs.build.outputs.should-deploy-artifacts }} + secrets: inherit + deploy-docs: name: Deploy Docs - needs: [build_jdk_17, snapshot_tests, check_samples, check_tangles] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v2 - with: - java-version: '17' - distribution: 'temurin' - - name: Deploy Docs - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew deployDocs -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace - env: - DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }} - DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }} - DOCS_HOST: ${{ secrets.DOCS_HOST }} - deploy_schema: + needs: [ build, test, check-samples, check-tangles ] + uses: spring-io/spring-security-release-tools/.github/workflows/deploy-docs.yml@v1 + with: + should-deploy-docs: ${{ needs.build.outputs.should-deploy-artifacts }} + secrets: inherit + deploy-schema: name: Deploy Schema - needs: [build_jdk_17, snapshot_tests, check_samples, check_tangles] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v2 - with: - java-version: '17' - distribution: 'temurin' - - name: Deploy Schema - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew deploySchema -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace --info - env: - DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }} - DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }} - DOCS_HOST: ${{ secrets.DOCS_HOST }} - perform_release: - name: Perform release - needs: [prerequisites, deploy_artifacts, deploy_docs, deploy_schema] - runs-on: ubuntu-latest - permissions: - contents: write - timeout-minutes: 90 - if: ${{ !endsWith(needs.prerequisites.outputs.project_version, '-SNAPSHOT') }} - env: - REPO: ${{ github.repository }} - BRANCH: ${{ github.ref_name }} - TOKEN: ${{ github.token }} - VERSION: ${{ needs.prerequisites.outputs.project_version }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v2 - with: - java-version: '17' - distribution: 'temurin' - - name: Wait for Artifactory Artifacts - if: ${{ contains(needs.prerequisites.outputs.project_version, '-RC') || contains(needs.prerequisites.outputs.project_version, '-M') }} - run: | - echo "Wait for artifacts of $REPO@$VERSION to appear on Artifactory." - until curl -f -s https://repo.spring.io/artifactory/milestone/org/springframework/security/spring-security-core/$VERSION/ > /dev/null - do - sleep 30 - echo "." - done - echo "Artifacts for $REPO@$VERSION have been released to Artifactory." - - name: Wait for Maven Central Artifacts - if: ${{ !contains(needs.prerequisites.outputs.project_version, '-RC') && !contains(needs.prerequisites.outputs.project_version, '-M') }} - run: | - echo "Wait for artifacts of $REPO@$VERSION to appear on Maven Central." - until curl -f -s https://repo1.maven.org/maven2/org/springframework/security/spring-security-core/$VERSION/ > /dev/null - do - sleep 30 - echo "." - done - echo "Artifacts for $REPO@$VERSION have been released to Maven Central." - - name: Create GitHub Release - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - echo "Tagging and publishing $REPO@$VERSION release on GitHub." - ./gradlew createGitHubRelease -PnextVersion=$VERSION -Pbranch=$BRANCH -PcreateRelease=true -PgitHubAccessToken=$TOKEN - - name: Announce Release on Slack - id: spring-security-announcing - uses: slackapi/slack-github-action@v1.25.0 - with: - payload: | - { - "text": "spring-security-announcing `${{ env.VERSION }}` is available now", - "blocks": [ - { - "type": "section", - "text": { - "type": "mrkdwn", - "text": "spring-security-announcing `${{ env.VERSION }}` is available now" - } - } - ] - } - env: - SLACK_WEBHOOK_URL: ${{ secrets.SPRING_RELEASE_SLACK_WEBHOOK_URL }} - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK - - name: Setup git config - run: | - git config user.name 'github-actions[bot]' - git config user.email 'github-actions[bot]@users.noreply.github.com' - - name: Update to next Snapshot Version - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - echo "Updating $REPO@$VERSION to next snapshot version." - ./gradlew :updateToSnapshotVersion - git commit -am "Next development version" - git push - perform_post_release: - name: Perform post-release - needs: [prerequisites, deploy_artifacts, deploy_docs, deploy_schema] - runs-on: ubuntu-latest - permissions: - contents: read - issues: write - timeout-minutes: 90 - if: ${{ endsWith(needs.prerequisites.outputs.project_version, '-SNAPSHOT') }} - env: - TOKEN: ${{ github.token }} - VERSION: ${{ needs.prerequisites.outputs.project_version }} - steps: - - uses: actions/checkout@v4 - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v2 - with: - java-version: '17' - distribution: 'temurin' - - name: Schedule next release (if not already scheduled) - run: ./gradlew scheduleNextRelease -PnextVersion=$VERSION -PgitHubAccessToken=$TOKEN + needs: [ build, test, check-samples, check-tangles ] + uses: spring-io/spring-security-release-tools/.github/workflows/deploy-schema.yml@v1 + with: + should-deploy-schema: ${{ needs.build.outputs.should-deploy-artifacts }} + secrets: inherit + perform-release: + name: Perform Release + needs: [ deploy-artifacts, deploy-docs, deploy-schema ] + uses: spring-io/spring-security-release-tools/.github/workflows/perform-release.yml@v1 + with: + should-perform-release: ${{ needs.deploy-artifacts.outputs.artifacts-deployed }} + project-version: ${{ needs.deploy-artifacts.outputs.project-version }} + milestone-repo-url: https://repo.spring.io/artifactory/milestone + release-repo-url: https://repo1.maven.org/maven2 + artifact-path: org/springframework/security/spring-security-core + slack-announcing-id: spring-security-announcing + secrets: inherit notify_result: name: Check for failures - needs: [perform_release, perform_post_release] + needs: [ perform-release ] if: failure() runs-on: ubuntu-latest permissions: diff --git a/.github/workflows/update-scheduled-release-version.yml b/.github/workflows/update-scheduled-release-version.yml index 1d1905a9b8..cc67c2f37f 100644 --- a/.github/workflows/update-scheduled-release-version.yml +++ b/.github/workflows/update-scheduled-release-version.yml @@ -3,78 +3,11 @@ name: Update Scheduled Release Version on: workflow_dispatch: # Manual trigger only. Triggered by release-scheduler.yml on main. -env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - GRADLE_ENTERPRISE_CACHE_USER: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} - GRADLE_ENTERPRISE_SECRET_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} - permissions: contents: read jobs: - update_scheduled_release_version: - name: Initiate Release If Scheduled - if: ${{ github.repository == 'spring-projects/spring-security' }} - runs-on: ubuntu-latest - permissions: - contents: read - actions: read - steps: - - id: checkout-source - name: Checkout Source Code - uses: actions/checkout@v4 - with: - token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v2 - with: - java-version: '17' - distribution: 'temurin' - - id: check-release-due - name: Check Release Due - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew gitHubCheckNextVersionDueToday - echo "is_due_today=$(cat build/github/milestones/is-due-today)" >>$GITHUB_OUTPUT - - id: check-open-issues - name: Check for open issues - if: steps.check-release-due.outputs.is_due_today == 'true' - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew gitHubCheckMilestoneHasNoOpenIssues - echo "is_open_issues=$(cat build/github/milestones/is-open-issues)" >>$GITHUB_OUTPUT - - id: validate-release-state - name: Validate State of Release - if: steps.check-release-due.outputs.is_due_today == 'true' && steps.check-open-issues.outputs.is_open_issues == 'true' - run: | - echo "The release is due today but there are open issues" - exit 1 - - id: update-version-and-push - name: Update version and push - if: steps.check-release-due.outputs.is_due_today == 'true' && steps.check-open-issues.outputs.is_open_issues == 'false' - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - git config user.name 'github-actions[bot]' - git config user.email 'github-actions[bot]@users.noreply.github.com' - ./gradlew :updateProjectVersion - updatedVersion=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}') - git commit -am "Release $updatedVersion" - git tag $updatedVersion - git push - git push origin $updatedVersion - - id: send-slack-notification - name: Send Slack message - if: failure() - uses: Gamesight/slack-workflow-status@v1.2.0 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }} - channel: '#spring-security-ci' - name: 'CI Notifier' + update-scheduled-release-version: + name: Update Scheduled Release Version + uses: spring-io/spring-security-release-tools/.github/workflows/update-scheduled-release-version.yml@v1 + secrets: inherit