Merge develop into master for release

.github/workflows/_build+publish-pds-solution.yml

@@ -70,6 +70,7 @@ jobs:
           export SCANCODE_VERSION
           export SPDX_TOOL_VERSION
           export TERN_VERSION
+          export XRAY_WRAPPER_VERSION
           export DOCKER_REGISTRY="${ACTIONS_SECHUB_REGISTRY}/pds-${PDS_SOLUTION}"
           export VERSION_TAG=`./09-compute-image-tag.sh ${PDS_VERSION}`
           export BASE_IMAGE="${ACTIONS_SECHUB_REGISTRY}/pds-base:${PDS_VERSION}"

.github/workflows/build+publish-all-pds-solutions.yml

@@ -20,12 +20,6 @@ jobs:
       pds-solution: checkmarx
       pds-version: ${{ inputs.pds-version }}
 
-  call_build_pds-loc:
-    uses: mercedes-benz/sechub/.github/workflows/_build+publish-pds-solution.yml@develop
-    with:
-      pds-solution: loc
-      pds-version: ${{ inputs.pds-version }}
-
   # 2023-06-12: findsecuritybugs deactivated due to upstream fix is not yet released
   # call_build_pds-findsecuritybugs:
   #   uses: mercedes-benz/sechub/.github/workflows/_build+publish-pds-solution.yml@develop
@@ -45,6 +39,18 @@ jobs:
       pds-solution: gosec
       pds-version: ${{ inputs.pds-version }}
 
+  call_build_pds-iac:
+    uses: mercedes-benz/sechub/.github/workflows/_build+publish-pds-solution.yml@develop
+    with:
+      pds-solution: iac
+      pds-version: ${{ inputs.pds-version }}
+
+  call_build_pds-loc:
+    uses: mercedes-benz/sechub/.github/workflows/_build+publish-pds-solution.yml@develop
+    with:
+      pds-solution: loc
+      pds-version: ${{ inputs.pds-version }}
+
   call_build_pds-multi:
     uses: mercedes-benz/sechub/.github/workflows/_build+publish-pds-solution.yml@develop
     with:
@@ -74,3 +80,9 @@ jobs:
     with:
       pds-solution: tern
       pds-version: ${{ inputs.pds-version }}
+
+  call_build_pds-xray:
+    uses: mercedes-benz/sechub/.github/workflows/_build+publish-pds-solution.yml@develop
+    with:
+      pds-solution: xray
+      pds-version: ${{ inputs.pds-version }}

.github/workflows/documentation-build.yml

@@ -37,18 +37,18 @@ jobs:
           fetch-depth: 0
 
       - name: Set up JDK 17
-        uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0
+        uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93
         with:
           java-version: 17
           distribution: temurin
 
       - name: Set up Gradle
-        uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a
+        uses: gradle/gradle-build-action@982da8e78c05368c70dac0351bb82647a9e9a5d2
         with:
           cache-read-only: false
 
       - name: Set up Go
-        uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
+        uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
         with:
           go-version: 1.20.4
 
@@ -74,14 +74,14 @@ jobs:
       # Upload documentation
       # -----------------------------------------
       - name: Archive documentation HTML
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-docs-html
           path: sechub-doc/build/docs/final-html/
           retention-days: 14
 
       - name: Archive documentation PDF
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-docs-pdf
           path: sechub-doc/build/docs/asciidoc/*.pdf

.github/workflows/gradle.yml

@@ -22,18 +22,18 @@ jobs:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
 
       - name: Set up JDK 17
-        uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0
+        uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93
         with:
           java-version: 17
           distribution: temurin
 
       - name: Set up Gradle
-        uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a
+        uses: gradle/gradle-build-action@982da8e78c05368c70dac0351bb82647a9e9a5d2
         with:
           cache-read-only: false
 
       - name: Set up Go
-        uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
+        uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
         with:
           go-version: 1.20.4
 
@@ -72,60 +72,60 @@ jobs:
       # -----------------------------------------
       - name: Archive combined test report
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: combined-sechub-testreport
           path: build/reports/combined-report
           retention-days: 14
 
       - name: Archive sechub server artifacts
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-server
           path: sechub-server/build/libs
           retention-days: 14
 
       - name: Archive pds server artifacts
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-pds
           path: sechub-pds/build/libs
 
       - name: Archive pds tools artifacts
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-pds-tools
           path: sechub-pds-tools/build/libs
 
       - name: Archive developer tools artifacts
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-developertools
           path: sechub-developertools/build/libs
           retention-days: 14
 
       - name: Archive sechub client artifacts
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-client
           path: sechub-cli/build/go
           retention-days: 14
 
       - name: Archive sechub integration test report artifacts
         if: always()
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-integrationtest-test-reports
           path: sechub-integrationtest/build/sechub-test-reports
           retention-days: 14
-          
+
       - name: Archive openAPI3 JSON files
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-api-spec
           path: sechub-doc/build/api-spec/

.github/workflows/publish-libraries.yml

@@ -28,13 +28,13 @@ jobs:
 
       # Build
       - name: Set up JDK 17
-        uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0
+        uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93
         with:
           java-version: 17
           distribution: temurin
 
       - name: Set up Gradle
-        uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a
+        uses: gradle/gradle-build-action@982da8e78c05368c70dac0351bb82647a9e9a5d2
         with:
           cache-read-only: false
 
@@ -55,14 +55,14 @@ jobs:
       # -----------------------------------------
       - name: Archive combined test report
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: combined-sechub-testreport
           path: build/reports/combined-report
           retention-days: 14
       - name: Archive GIT status
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: git-status.txt
           path: build/reports/git-status.txt

.github/workflows/release-client-server-pds.yml

@@ -88,18 +88,18 @@ jobs:
       # Setup + Caching
       # ----------------------
       - name: Set up JDK 17
-        uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0
+        uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93
         with:
           java-version: 17
           distribution: temurin
 
       - name: Set up Gradle
-        uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a
+        uses: gradle/gradle-build-action@982da8e78c05368c70dac0351bb82647a9e9a5d2
         with:
           cache-read-only: false
 
       - name: Set up Go
-        uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
+        uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
         with:
           go-version: 1.20.4
 
@@ -200,46 +200,46 @@ jobs:
       # -----------------------------------------
       - name: Archive combined test report
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: combined-sechub-testreport
           path: build/reports/combined-report
           retention-days: 14
 
       - name: Archive GIT status
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: git-status.txt
           path: build/reports/git-status.txt
           retention-days: 14
 
       - name: Archive sechub server artifacts
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-server
           path: sechub-server/build/libs
           retention-days: 14
 
       - name: Archive pds server artifacts
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-pds
           path: sechub-pds/build/libs
 
       - name: Archive developer tools artifacts
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-developertools
           path: sechub-developertools/build/libs
           retention-days: 14
 
       - name: Archive sechub client artifacts
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-client
           path: sechub-cli/build/go
@@ -258,21 +258,21 @@ jobs:
       # Upload documentation
       # -----------------------------------------
       - name: Archive documentation HTML
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-docs-html
           path: sechub-doc/build/docs/final-html/
           retention-days: 14
 
       - name: Archive documentation PDF
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-docs-pdf
           path: sechub-doc/build/docs/asciidoc/*.pdf
           retention-days: 14
 
       - name: Archive openAPI3 JSON files
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-api-spec
           path: sechub-doc/build/api-spec/

.github/workflows/release-pds-tools.yml

@@ -46,13 +46,13 @@ jobs:
       # Setup + Caching
       # ----------------------
       - name: Set up JDK 17
-        uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0
+        uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93
         with:
           java-version: 17
           distribution: temurin
 
       - name: Set up Gradle
-        uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a
+        uses: gradle/gradle-build-action@982da8e78c05368c70dac0351bb82647a9e9a5d2
         with:
           cache-read-only: false
 
@@ -111,15 +111,15 @@ jobs:
 
       - name: Archive GIT status
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: git-status.txt
           path: build/reports/git-status.txt
           retention-days: 14
 
       - name: Archive PDS-Tools cli artifact
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-pds-tools
           path: sechub-pds-tools/build/libs

.github/workflows/release-wrapper-checkmarx.yml

@@ -36,13 +36,13 @@ jobs:
       # Setup + Caching
       # ----------------------
       - name: Set up JDK 17
-        uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0
+        uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93
         with:
           java-version: 17
           distribution: temurin
 
       - name: Set up Gradle
-        uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a
+        uses: gradle/gradle-build-action@982da8e78c05368c70dac0351bb82647a9e9a5d2
         with:
           cache-read-only: false
 
@@ -99,15 +99,15 @@ jobs:
 
       - name: Archive GIT status
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: git-status.txt
           path: build/reports/git-status.txt
           retention-days: 14
 
       - name: Archive Checkmarx Wrapper libs directory
         if: always()
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
         with:
           name: sechub-wrapper-checkmarx
           path: sechub-wrapper-checkmarx/build/libs