Merge remote-tracking branch 'origin/master' into whitesource-sbt-con…

…fig-fix

* origin/master: (35 commits)
  feat(notification): Notify in case of Release failure (SAP#5045)
  fix(docs): remove dead links (SAP#5051)
  chore: remove obsolete cloud sdk conversion file (SAP#5036)
  feat: fail if script is not found in package.json file (SAP#5029)
  feat(sonar): Enable trustengine for token retrieval (SAP#5046)
  feat(trustengine): Add new resource reference to parameter docs generation (SAP#5038)
  docs: add unit test tags flag (SAP#4947)
  CONTRIBUTING.md (SAP#5042)
  addon.yml may now contain wildCard MAXX (SAP#5039)
  fix(codeqlExecuteScan): handle spaces in path to maven settings file (SAP#5037)
  feat(trustengine): Integrate Trust Engine into step config resolver (SAP#5032)
  fix(http): Use configured logger for retryClient (SAP#5040)
  Updated helm.sh/helm from 13.14.0 to 13.14.2 (SAP#5041)
  Copy full project (SAP#5033)
  feat(vault): support complex data types in secrets (SAP#5006)
  Added pagination logic for retrieving projects from Black Duck server (SAP#5031)
  Update aws deps (SAP#5034)
  Add possible values and default (SAP#5030)
  Fix security issues reported by Black Duck (SAP#5014)
  Exposing build artifact metadata from maven and npm  (SAP#5008)
  ...

.github/workflows/documentation.yml

@@ -23,7 +23,7 @@ jobs:
 
       - uses: actions/setup-go@v5
         with:
-          go-version: '1.21.x'
+          go-version: '1.22.4'
 
       - name: Install Groovy
         run: sudo apt-get update && sudo apt-get install groovy -y

.github/workflows/release-go.yml

@@ -1,24 +1,23 @@
 name: Create new Release
 
 on:
+  workflow_dispatch:
   repository_dispatch:
     types: perform-release
   schedule:
     - cron: '0 9 * * 1'
 
 jobs:
   build:
+    permissions: write-all
     name: Publish
     runs-on: ubuntu-latest
     steps:
       - uses: styfle/[email protected]
+
       - uses: actions/checkout@v4
-      # Workaround for https://github.com/SAP/jenkins-library/issues/1723, build only works with jdk8 currently
-      - uses: actions/setup-java@v4
-        with:
-          java-version: 8
-          distribution: zulu
-      - name: Prepare Release
+
+      - name: Prepare assets and increment version
         run: |
           curl --insecure --silent --location --write-out '%{http_code}' --output ./piper_master https://github.com/SAP/jenkins-library/releases/latest/download/piper_master
           curl --insecure --silent --location --write-out '%{http_code}' --output ./piper_master-darwin.x86_64 https://github.com/SAP/jenkins-library/releases/latest/download/piper_master-darwin.x86_64
@@ -28,12 +27,59 @@ jobs:
           cp ./piper_master-darwin.arm64 ./piper-darwin.arm64
           npm install semver --quiet
           echo "PIPER_version=v$(node_modules/.bin/semver -i minor $(curl --silent "https://api.github.com/repos/$GITHUB_REPOSITORY/releases/latest" | jq -r .tag_name))" >> $GITHUB_ENV
+
       - uses: SAP/project-piper-action@master
-        name: 'publish Linux master binary'
+        name: Publish prerelease
         with:
           piper-version: master
           command: githubPublishRelease
-          flags: --token ${{ secrets.GITHUB_TOKEN }} --assetPathList ./piper_master --assetPathList ./piper --assetPathList ./piper_master-darwin.x86_64 --assetPathList ./piper-darwin.x86_64 --assetPathList ./piper_master-darwin.arm64 --assetPathList ./piper-darwin.arm64
+          flags: >
+            --preRelease true
+            --token ${{ secrets.GITHUB_TOKEN }}
+            --assetPathList ./piper --assetPathList ./piper_master
+            --assetPathList ./piper-darwin.x86_64 --assetPathList ./piper_master-darwin.x86_64
+            --assetPathList ./piper-darwin.arm64 --assetPathList ./piper_master-darwin.arm64
+
+      - name: Download Piper binary from recently published prerelease
+        uses: robinraju/release-downloader@v1
+        with:
+          tag: ${{ env.PIPER_version }}
+          fileName: 'piper'
+
+      - name: Test binary (check output for 'commit:' substring)
+        run: |
+          chmod +x piper
+          if ./piper version | grep -Fq "commit:"; then
+              echo "piper binary test is successful"
+          else
+              echo "piper binary test failed"
+              ./piper version
+              exit 1
+          fi
+
+      - name: Get recently published prerelease id
+        id: release_id
+        run: >
+          curl -L -s -o resp.json
+          -H "Accept: application/vnd.github.raw+json"
+          -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}"
+          ${{ github.api_url }}/repos/${{ github.repository }}/releases
+
+          echo "release_id=$(jq 'first(.[] | select(.tag_name == "${{ env.PIPER_version }}")).id' resp.json)" >> "$GITHUB_OUTPUT"
+
+      - name: Convert prereleae to Release
+        run: >
+          curl --fail-with-body -L -X PATCH
+          -H "Accept: application/vnd.github+json"
+          -H "Authorization: Bearer ${{ github.token }}"
+          ${{ github.api_url }}/repos/${{ github.repository }}/releases/${{ steps.release_id.outputs.release_id }}
+          -d '{"prerelease": false, "make_latest": true}'
+
+      # Workaround for https://github.com/SAP/jenkins-library/issues/1723, build only works with jdk8 currently
+      - uses: actions/setup-java@v4
+        with:
+          java-version: 8
+          distribution: zulu
       - name: Build and publish jar for consumption in unit tests
         run: mvn package
       - uses: SAP/project-piper-action@master
@@ -42,3 +88,42 @@ jobs:
           piper-version: master
           command: githubPublishRelease
           flags: --token ${{ secrets.GITHUB_TOKEN }} --version latest --assetPath ./target/jenkins-library.jar
+
+  post:
+    name: Post Action
+    runs-on: ubuntu-latest
+    needs: [build]
+    if: always()
+    steps:
+      # Check status of the worklfow
+      - uses: martialonline/workflow-status@v4
+        id: check
+
+      # This step expects base64 encoded JSON object as below:
+      # {
+      #   "smtp_url": "smtp+starttls://user:password@server:port",
+      #   "smtp_mail_from": "[email protected]",
+      #   "smtp_mail_rcpt": "[email protected]",
+      # }
+      - name: Decode SMTP secrets and set them in GITHUB_ENV
+        id: smtp_secrets
+        if: steps.check.outputs.status == 'failure' || steps.check.outputs.status == 'cancelled'
+        run: >
+          echo "${{ secrets.SMTP_CONFIG }}" |
+          base64 --decode |
+          jq -r 'to_entries[] | "\(.key)=\(.value)"' |
+          while read line; do
+            echo "$line" >> $GITHUB_ENV; echo "::add-mask::${line#*=}";
+          done
+      - name: Notify Piper team on failure or cancelled
+        if: steps.smtp_secrets.conclusion == 'success'
+        uses: dawidd6/action-send-mail@v3
+        with:
+          connection_url: ${{ env.smtp_url }}
+          subject: Workflow failure in ${{ github.repository }}
+          priority: high
+          to: ${{ env.smtp_mail_rcpt }}
+          from: Piper on GitHub <${{ env.smtp_mail_from }}>
+          body: |
+            Workflow '${{ github.workflow }}' has a job with status '${{ steps.check.outputs.status }}'.
+            Workflow link: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}

.github/workflows/update-go-dependencies.yml

@@ -13,7 +13,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
         with:
-          go-version: '1.21.x'
+          go-version: '1.22.4'
       - name: Perform update
         run: |
           git checkout -B gh-action-update-golang-dependencies

.github/workflows/upload-go-master.yml

@@ -13,7 +13,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
         with:
-          go-version: '1.21.x'
+          go-version: '1.22.4'
       - env:
           CGO_ENABLED: 0
         run: |