Sync documentation of main branch

_generated-doc/main/config/quarkus-all-config.adoc

@@ -76499,6 +76499,23 @@ h|[.extension-name]##WebSockets Next##
 h|Type
 h|Default
 
+a|icon:lock[title=Fixed at build time] [[quarkus-websockets-next_quarkus-websockets-next-server-activate-request-context]] [.property-path]##link:#quarkus-websockets-next_quarkus-websockets-next-server-activate-request-context[`quarkus.websockets-next.server.activate-request-context`]##
+
+[.description]
+--
+Specifies whether to activate the CDI request context when an endpoint callback is invoked. By default, the request context is only activated if needed.
+
+
+ifdef::add-copy-button-to-env-var[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_WEBSOCKETS_NEXT_SERVER_ACTIVATE_REQUEST_CONTEXT+++[]
+endif::add-copy-button-to-env-var[]
+ifndef::add-copy-button-to-env-var[]
+Environment variable: `+++QUARKUS_WEBSOCKETS_NEXT_SERVER_ACTIVATE_REQUEST_CONTEXT+++`
+endif::add-copy-button-to-env-var[]
+--
+a|tooltip:auto[The request context is only activated if needed, i.e. if there is a request scoped bean , or a bean annotated with a security annotation (such as `@RolesAllowed`) in the dependency tree of the endpoint.], tooltip:always[The request context is always activated.]
+|tooltip:auto[The request context is only activated if needed, i.e. if there is a request scoped bean , or a bean annotated with a security annotation (such as {@code @RolesAllowed}) in the dependency tree of the endpoint.]
+
 a| [[quarkus-websockets-next_quarkus-websockets-next-client-offer-per-message-compression]] [.property-path]##link:#quarkus-websockets-next_quarkus-websockets-next-client-offer-per-message-compression[`quarkus.websockets-next.client.offer-per-message-compression`]##
 
 [.description]

_generated-doc/main/config/quarkus-websockets-next.adoc

@@ -7,6 +7,23 @@ h|[.header-title]##Configuration property##
 h|Type
 h|Default
 
+a|icon:lock[title=Fixed at build time] [[quarkus-websockets-next_quarkus-websockets-next-server-activate-request-context]] [.property-path]##link:#quarkus-websockets-next_quarkus-websockets-next-server-activate-request-context[`quarkus.websockets-next.server.activate-request-context`]##
+
+[.description]
+--
+Specifies whether to activate the CDI request context when an endpoint callback is invoked. By default, the request context is only activated if needed.
+
+
+ifdef::add-copy-button-to-env-var[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_WEBSOCKETS_NEXT_SERVER_ACTIVATE_REQUEST_CONTEXT+++[]
+endif::add-copy-button-to-env-var[]
+ifndef::add-copy-button-to-env-var[]
+Environment variable: `+++QUARKUS_WEBSOCKETS_NEXT_SERVER_ACTIVATE_REQUEST_CONTEXT+++`
+endif::add-copy-button-to-env-var[]
+--
+a|tooltip:auto[The request context is only activated if needed, i.e. if there is a request scoped bean , or a bean annotated with a security annotation (such as `@RolesAllowed`) in the dependency tree of the endpoint.], tooltip:always[The request context is always activated.]
+|tooltip:auto[The request context is only activated if needed, i.e. if there is a request scoped bean , or a bean annotated with a security annotation (such as {@code @RolesAllowed}) in the dependency tree of the endpoint.]
+
 a| [[quarkus-websockets-next_quarkus-websockets-next-client-offer-per-message-compression]] [.property-path]##link:#quarkus-websockets-next_quarkus-websockets-next-client-offer-per-message-compression[`quarkus.websockets-next.client.offer-per-message-compression`]##
 
 [.description]

_generated-doc/main/config/quarkus-websockets-next_quarkus.websockets-next.adoc

@@ -7,6 +7,23 @@ h|[.header-title]##Configuration property##
 h|Type
 h|Default
 
+a|icon:lock[title=Fixed at build time] [[quarkus-websockets-next_quarkus-websockets-next-server-activate-request-context]] [.property-path]##link:#quarkus-websockets-next_quarkus-websockets-next-server-activate-request-context[`quarkus.websockets-next.server.activate-request-context`]##
+
+[.description]
+--
+Specifies whether to activate the CDI request context when an endpoint callback is invoked. By default, the request context is only activated if needed.
+
+
+ifdef::add-copy-button-to-env-var[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_WEBSOCKETS_NEXT_SERVER_ACTIVATE_REQUEST_CONTEXT+++[]
+endif::add-copy-button-to-env-var[]
+ifndef::add-copy-button-to-env-var[]
+Environment variable: `+++QUARKUS_WEBSOCKETS_NEXT_SERVER_ACTIVATE_REQUEST_CONTEXT+++`
+endif::add-copy-button-to-env-var[]
+--
+a|tooltip:auto[The request context is only activated if needed, i.e. if there is a request scoped bean , or a bean annotated with a security annotation (such as `@RolesAllowed`) in the dependency tree of the endpoint.], tooltip:always[The request context is always activated.]
+|tooltip:auto[The request context is only activated if needed, i.e. if there is a request scoped bean , or a bean annotated with a security annotation (such as {@code @RolesAllowed}) in the dependency tree of the endpoint.]
+
 a| [[quarkus-websockets-next_quarkus-websockets-next-client-offer-per-message-compression]] [.property-path]##link:#quarkus-websockets-next_quarkus-websockets-next-client-offer-per-message-compression[`quarkus.websockets-next.client.offer-per-message-compression`]##
 
 [.description]

_versions/main/guides/deploying-to-google-cloud.adoc

@@ -291,13 +291,20 @@ WARNING: This only works when your application is running inside a Google Cloud
 
 === Using Cloud SQL with native executables
 
-When generating native executables, you must also mark `jnr.ffi.provider.jffi.NativeFinalizer$SingletonHolder` as runtime initialized.
+When generating native executables, you must mark `jnr.ffi.provider.jffi.NativeFinalizer$SingletonHolder` as runtime initialized.
 
 [source,properties]
 ----
 quarkus.native.additional-build-args=--initialize-at-run-time=jnr.ffi.provider.jffi.NativeFinalizer$SingletonHolder
 ----
 
+Additionally, starting with `com.google.cloud.sql:postgres-socket-factory:1.17.0`, you must also mark `com.kenai.jffi.internal.Cleaner` as runtime initialized.
+
+[source,properties]
+----
+quarkus.native.additional-build-args=--initialize-at-run-time=jnr.ffi.provider.jffi.NativeFinalizer$SingletonHolder\\,com.kenai.jffi.internal.Cleaner
+----
+
 == Going further
 
 You can find a set of extensions to access various Google Cloud Services in the Quarkiverse (a GitHub organization for Quarkus extensions maintained by the community),

_versions/main/guides/grpc-service-implementation.adoc

@@ -521,29 +521,48 @@ quarkus.http.auth.basic=true <1>
 ----
 package org.acme.grpc.auth;
 
-import static org.assertj.core.api.Assertions.assertThat;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.is;
 
+import org.acme.proto.Greeter;
+import org.acme.proto.HelloRequest;
 import io.grpc.Metadata;
 import io.quarkus.grpc.GrpcClient;
 import io.quarkus.grpc.GrpcClientUtils;
 import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.TimeoutException;
+
+import io.quarkus.test.junit.QuarkusTest;
 import org.junit.jupiter.api.Test;
 
-public class HelloServiceTest implements Greeter {
+@QuarkusTest
+public class GreeterServiceTest {
+
+    private static final Metadata.Key<String> AUTHORIZATION = Metadata.Key.of("Authorization", Metadata.ASCII_STRING_MARSHALLER);
 
     @GrpcClient
     Greeter greeterClient;
 
     @Test
-    void shouldReturnHello() {
+    void shouldReturnHello() throws ExecutionException, InterruptedException, TimeoutException {
         Metadata headers = new Metadata();
-        headers.put("Authorization", "Basic am9objpqb2hu");
+
+        // Set the headers - Basic auth for testing
+        headers.put(AUTHORIZATION, "Basic YWxpY2U6YWxpY2U="); // alice:alice with "admin" role
         var client = GrpcClientUtils.attachHeaders(greeterClient, headers);
 
+        // Call the client
         CompletableFuture<String> message = new CompletableFuture<>();
         client.sayHello(HelloRequest.newBuilder().setName("Quarkus").build())
                 .subscribe().with(reply -> message.complete(reply.getMessage()));
-        assertThat(message.get(5, TimeUnit.SECONDS)).isEqualTo("Hello Quarkus");
+
+        // Get the values
+        String theValue = message.get(5, TimeUnit.SECONDS);
+
+        // Assert
+        assertThat(theValue, is("Hello Quarkus"));
     }
 }
 ----
@@ -596,7 +615,7 @@ import io.quarkus.security.identity.request.UsernamePasswordAuthenticationReques
 @Singleton
 public class CustomGrpcSecurityMechanism implements GrpcSecurityMechanism {
 
-    private static final String AUTHORIZATION = "Authorization";
+    private static final Metadata.Key<String> AUTHORIZATION = Metadata.Key.of("Authorization", Metadata.ASCII_STRING_MARSHALLER);
 
     @Override
     public boolean handles(Metadata metadata) {

_versions/main/guides/tls-registry-reference.adoc

@@ -28,7 +28,15 @@ endif::no-reactive-routes[]
 .
 
 As a result, applications that use the TLS Registry can be ready to handle secure communications out of the box.
-TLS Registry also provides features like automatic certificate reloading, Let's Encrypt (ACME) integration, Kubernetes Cert-Manager support, and compatibility with various keystore formats, such as PKCS12, PEM, and JKS.
+
+TLS Registry also provides automatic certificate reloading
+ifndef::no-lets-encrypt[]
+, integration with Let's Encrypt (ACME)
+endif::no-lets-encrypt[]
+ifndef::no-kubernetes-secrets-or-cert-manager[]
+, support for Kubernetes Cert-Manager,
+endif::no-kubernetes-secrets-or-cert-manager[]
+and compatibility with various keystore formats, such as PKCS12, PEM, and JKS.
 
 [[using-the-tls-registry]]
 == Using the TLS registry
@@ -675,7 +683,7 @@ quarkus.tls.http.key-store.pem.0.cert=tls.crt
 quarkus.tls.http.key-store.pem.0.key=tls.key
 ----
 
-IMPORTANT: Impacted server and client may need to listen to the `CertificateReloadedEvent` to apply the new certificates.
+IMPORTANT: Impacted server and client may need to listen to the `CertificateUpdatedEvent` to apply the new certificates.
 This is automatically done for the Quarkus HTTP server, including the management interface if it is enabled.
 
 ifndef::no-kubernetes-secrets-or-cert-manager[]

_versions/main/guides/websockets-next-reference.adoc

@@ -182,7 +182,10 @@ The session context remains active until the `@OnClose` method completes executi
 In cases where a WebSocket endpoint does not declare an `@OnOpen` method, the session context is still created.
 It remains active until the connection terminates, regardless of the presence of an `@OnClose` method.
 
-Methods annotated with `@OnTextMessage,` `@OnBinaryMessage,` `@OnOpen`, and `@OnClose` also have the request scope activated for the duration of the method execution (until it produced its result).
+Endpoint callbacks may also have the request context activated for the duration of the method execution (until it produced its result).
+By default, the request context is only activated if needed, i.e. if there is a request scoped bean , or a bean annotated with a security annotation (such as `@RolesAllowed`) in the dependency tree of the endpoint.
+However, it is possible to set the `quarkus.websockets-next.server.activate-request-context` config property to `always`.
+In this case, the request context is always activated when an endpoint callback is invoked.
 
 [[callback-methods]]
 === Callback methods