Fix README.md according the latest state of code

Author: artembilan

README.md

@@ -51,7 +51,8 @@ https://github.com/spring-io/spring-github-workflows/blob/78b29123a17655f019d800
 #### Maven SNAPSHOT caller workflow:
 https://github.com/spring-io/spring-github-workflows/blob/78b29123a17655f019d800690cc906d692f836a9/samples/ci-snapshot-maven.yml#L1-L13
 
-The Gradle SNAPSHOT build workflow requires `ARTIFACTORY_USERNAME` & `ARTIFACTORY_PASSWORD` secretes to authorise JFrog Artifactory plugin; the Maven one uses JFrog CLI action and requires a `JF_ARTIFACTORY_SPRING` instead.
+Both Gradle and Maven SNAPSHOT build workflow requires `ARTIFACTORY_USERNAME` & `ARTIFACTORY_PASSWORD` secretes to authorise [spring-io/artifactory-deploy-action](https://github.com/spring-io/artifactory-deploy-action).
+Optionally, all the artifacts can be signed if `GPG_PASSPHRASE` and `GPG_PRIVATE_KEY` secrets are provided.
 
 ## Release Workflow
 
@@ -87,47 +88,8 @@ The `buildToolArgs` parameter for this job means extra build tool arguments.
 For example, the mentioned `dist` value is a Gradle task in the project.
 Can be any Maven goal or other command line arguments.
 
-The signing released artifacts before pushing to the repository is done now by build tool.
-The Gradle workflow is enhanced with specific init script to apply a `signing` plugin.
-There is no way to inject any goals for Maven build, so the POM file of the project must have the `maven-gpg-plugin` configuration with this profile:
-
-````xml
-		<profile>
-			<id>sign</id>
-			<activation>
-				<property>
-					<name>gpg.passphrase</name>
-				</property>
-			</activation>
-			<build>
-				<plugins>
-					<plugin>
-						<groupId>org.apache.maven.plugins</groupId>
-						<artifactId>maven-gpg-plugin</artifactId>
-						<version>3.0.1</version>
-						<executions>
-							<execution>
-								<id>sign-artifacts</id>
-								<phase>verify</phase>
-								<goals>
-									<goal>sign</goal>
-								</goals>
-								<configuration>
-									<gpgArguments>
-										<arg>--pinentry-mode</arg>
-										<arg>loopback</arg>
-										<arg>--no-tty</arg>
-									</gpgArguments>
-								</configuration>
-							</execution>
-						</executions>
-					</plugin>
-				</plugins>
-			</build>
-		</profile>
-````
-
-The Maven release workflow uses `crazy-max/ghaction-import-gpg` to export `gpg_private_key` and `passphrase` based on respective secrets.
+The signing released artifacts is done by the [spring-io/artifactory-deploy-action](https://github.com/spring-io/artifactory-deploy-action) if `GPG_PASSPHRASE` and `GPG_PRIVATE_KEY` secrets are provided.
+In the end all the artifacts, together with their signatures, are uploaded to the Artifactory according to the respective workflow inputs.  
 
 In the end you just need to go to the `Actions` tab on your project, press `Run workflow` on your release workflow and choose a branch from drop-down list to release currently scheduled Milestone against. 
 Such a release workflow can also be scheduled (`cron`, fo example) against branches matrix.
@@ -207,32 +169,15 @@ jobs:
 ```
 The workflow reacts to non-empty `due_on` property of the event's milestone payload and check if this property really was changed on milestone edit. 
 
-## Gradle Init Scripts
+## "Dispatch Workflow and Wait" Action
 
-The `next-dev-version-init.gradle` script adds a `nextDevelopmentVersion` task which is used when release has been staged and job is ready to push `Next development version` commit.
-The `spring-artifactory-init.gradle` script adds the `org.jfrog.gradle.plugin.artifactory.ArtifactoryPlugin` and `signing` plugins.
-Configures them for those projects where the `maven-publish` plugin is applied.
-The `signing` is activated if no `OSSRH_STAGING_PROFILE_NAME` environment variable is present, but `GPG_PASSPHRASE` & `GPG_PRIVATE_KEY` are present.
-The Artifactory plugin requires these environment variables:
+The [spring-dispatch-workflow-and-wait](.github/actions/spring-dispatch-workflow-and-wait/action.yml) action implements the logic to call `gh workflow run` for the provided workflow file and wait until it is complete, successful or not.
+This action is used in the `verify-staged` job of the release workflow.
 
-```
-ARTIFACTORY_URL
-ARTIFACTORY_REPOSITORY
-ARTIFACTORY_USERNAME
-ARTIFACTORY_PASSWORD
-ARTIFACTORY_BUILD_PROJECT
-ARTIFACTORY_BUILD_NAME
-ARTIFACTORY_BUILD_NUMBER
-ARTIFACTORY_BUILD_URL
-ARTIFACTORY_USER_AGENT_NAME
-ARTIFACTORY_USER_AGENT_VERSION
-ARTIFACTORY_VCS_REVISION
-ARTIFACTORY_VCS_URL
-```
+## Gradle Init Scripts
 
-See more information about these properties in the JFrog [documentation](https://github.com/jfrog/build-info-go/blob/main/buildinfo-schema.json).
-See also [spring-artifactory-gradle-build/action.yml](.github/actions/spring-artifactory-gradle-build/action.yml) how those environment variables are calculated.
-The `artifactoryPublish` & `signing` tasks deal with `publishing.publications.mavenJava`.
-The `artifactoryPublish` also adds `zip.*` properties into `zip` artifacts.
+The `[deployment-repository-init.gradle](utils/deployment-repository-init.gradle)` script adds a Maven repository for publishing artifacts into a local directory (`/deployment-repository`) via respective `publishAllPublicationsToDeploymentRepository` Gradle task.
+Then [spring-io/artifactory-deploy-action](https://github.com/spring-io/artifactory-deploy-action) picks up those artifacts for uploading to the Artifactory.
+The Maven build does that via `deploy` goal and respective `-DaltDeploymentRepository=local::file:deployment-repository` CLI option.
 
 See more information in the [Reusing Workflows](https://docs.github.com/en/actions/using-workflows/reusing-workflows).