Merge branch 'master' into max_bo/HSPIPER-442

2025-09-16 09:26:22 +02:00 · 2025-02-26 11:05:46 +01:00
parent 0514810aa3 8be029f023
commit 209a7c3ef8
36 changed files with 290 additions and 163 deletions
--- a/.github/workflows/integration-tests.yml
+++ b/.github/workflows/integration-tests.yml
@@ -5,6 +5,20 @@ on:
    branches:
      - master
      - it/**
+  workflow_call:
+    secrets:
+      INTEGRATION_TEST_VOTING_TOKEN:
+        required: true
+      PIPER_INTEGRATION_GITHUB_TOKEN:
+        required: true
+      PIPER_INTEGRATION_SONAR_TOKEN:
+        required: true
+      PIPER_TMSSERVICEKEY:
+        required: true
+    outputs:
+      test_status:
+        description: "Integration test status (success/failure)"
+        value: ${{ jobs.finish.outputs.status }}

 jobs:
  start:
@@ -134,8 +148,11 @@ jobs:
      - build_integration_tests
      - run_integration_tests
    runs-on: ubuntu-latest
+    outputs:
+      status: ${{ steps.set_status.outputs.status }}
    steps:
      - name: Update status
+        id: set_status
        run: |
          if [[ "${{ needs.run_integration_tests.result }}" == "success" ]]
          then
@@ -147,6 +164,7 @@ jobs:
                      "context": "Go / integration-tests",
                      "target_url": "https://github.com/SAP/jenkins-library/actions/runs/${{ github.run_id }}"}' \
              -H 'Authorization: token ${{secrets.INTEGRATION_TEST_VOTING_TOKEN}}' && \
+            echo "status=success" >> "$GITHUB_OUTPUT" && \
            exit 0
          else
            curl \
@@ -157,5 +175,6 @@ jobs:
                      "context": "Go / integration-tests",
                      "target_url": "https://github.com/SAP/jenkins-library/actions/runs/${{ github.run_id }}"}' \
              -H 'Authorization: token ${{secrets.INTEGRATION_TEST_VOTING_TOKEN}}' && \
+            echo "status=failure" >> "$GITHUB_OUTPUT" && \
            exit 1
          fi
--- a/.github/workflows/release-go.yml
+++ b/.github/workflows/release-go.yml
@@ -2,19 +2,40 @@ name: Create new Release

 on:
  workflow_dispatch:
+    inputs:
+      dry_run:
+        description: 'Test integration without publishing (dry run)'
+        type: boolean
+        required: false
+        default: false
  repository_dispatch:
    types: perform-release
  schedule:
    - cron: '0 9 * * 1'

 jobs:
-  build:
+  run_integration_tests:
+    name: Run Integration Tests
+    uses: ./.github/workflows/integration-tests.yml
+    permissions:
+      contents: read
+      actions: read
+    secrets:
+      INTEGRATION_TEST_VOTING_TOKEN: ${{ secrets.INTEGRATION_TEST_VOTING_TOKEN }}
+      PIPER_INTEGRATION_GITHUB_TOKEN: ${{ secrets.PIPER_INTEGRATION_GITHUB_TOKEN }}
+      PIPER_INTEGRATION_SONAR_TOKEN: ${{ secrets.PIPER_INTEGRATION_SONAR_TOKEN }}
+      PIPER_TMSSERVICEKEY: ${{ secrets.PIPER_TMSSERVICEKEY }}
+
+  publish:
+    needs: run_integration_tests
+    if: |
+      needs.run_integration_tests.outputs.test_status == 'success' &&
+      github.event.inputs.dry_run != 'true'
    permissions: write-all
-    name: Publish
+    name: Publish Release
    runs-on: ubuntu-latest
    steps:
      - uses: styfle/cancel-workflow-action@0.11.0
-
      - uses: actions/checkout@v4

      - name: Prepare assets and increment version
@@ -26,7 +47,9 @@ jobs:
          cp ./piper_master-darwin.x86_64 ./piper-darwin.x86_64
          cp ./piper_master-darwin.arm64 ./piper-darwin.arm64
          npm install semver --quiet
-          echo "PIPER_version=v$(node_modules/.bin/semver -i minor $(curl --silent "https://api.github.com/repos/$GITHUB_REPOSITORY/releases/latest" | jq -r .tag_name))" >> $GITHUB_ENV
+          VERSION="v$(node_modules/.bin/semver -i minor $(curl --silent "https://api.github.com/repos/$GITHUB_REPOSITORY/releases/latest" | jq -r .tag_name))"
+          echo "PIPER_version=$VERSION" >> $GITHUB_ENV
+          echo "piper_version=$VERSION" >> "$GITHUB_OUTPUT"

      - uses: SAP/project-piper-action@master
        name: Publish prerelease
@@ -67,7 +90,7 @@ jobs:

          echo "release_id=$(jq 'first(.[] | select(.tag_name == "${{ env.PIPER_version }}")).id' resp.json)" >> "$GITHUB_OUTPUT"

-      - name: Convert prereleae to Release
+      - name: Convert prerelease to Release
        run: >
          curl --fail-with-body -L -X PATCH
          -H "Accept: application/vnd.github+json"
@@ -92,10 +115,10 @@ jobs:
  post:
    name: Post Action
    runs-on: ubuntu-latest
-    needs: [build]
-    if: always()
+    needs: [publish]
+    if: always() && github.event.inputs.dry_run != 'true'
    steps:
-      # Check status of the worklfow
+      # Check status of the workflow
      - uses: martialonline/workflow-status@v4
        id: check

--- a/cmd/abapEnvironmentRunATCCheck.go
+++ b/cmd/abapEnvironmentRunATCCheck.go
@@ -22,9 +22,8 @@ import (
 	"github.com/pkg/errors"
 )

-func abapEnvironmentRunATCCheck(options abapEnvironmentRunATCCheckOptions, telemetryData *telemetry.CustomData) {
+func abapEnvironmentRunATCCheck(options abapEnvironmentRunATCCheckOptions, _ *telemetry.CustomData) {
 	// Mapping for options
-	subOptions := convertATCOptions(&options)

 	c := &command.Command{}
 	c.Stdout(log.Entry().Writer())
@@ -33,42 +32,51 @@ func abapEnvironmentRunATCCheck(options abapEnvironmentRunATCCheckOptions, telem
 	autils := abaputils.AbapUtils{
 		Exec: c,
 	}
-	var err error

 	client := piperhttp.Client{}
 	fileUtils := piperutils.Files{}
+
+	err := runAbapEnvironmentRunATCCheck(autils, client, options, fileUtils)
+	if err != nil {
+		log.Entry().WithError(err).Fatal("step execution failed")
+	}
+}
+
+func runAbapEnvironmentRunATCCheck(autils abaputils.AbapUtils, client piperhttp.Client, options abapEnvironmentRunATCCheckOptions, fileUtils piperutils.Files) error {
+
+	var details abaputils.ConnectionDetailsHTTP
 	cookieJar, _ := cookiejar.New(nil)
 	clientOptions := piperhttp.ClientOptions{
 		CookieJar: cookieJar,
 	}
 	client.SetOptions(clientOptions)

-	var details abaputils.ConnectionDetailsHTTP
-	// If Host flag is empty read ABAP endpoint from Service Key instead. Otherwise take ABAP system endpoint from config instead
-	if err == nil {
-		details, err = autils.GetAbapCommunicationArrangementInfo(subOptions, "")
+	subOptions := convertATCOptions(&options)
+	details, err := autils.GetAbapCommunicationArrangementInfo(subOptions, "")
+	if err != nil {
+		return err
 	}
-	var resp *http.Response
-	// Fetch Xcrsf-Token
-	if err == nil {
-		credentialsOptions := piperhttp.ClientOptions{
-			Username:  details.User,
-			Password:  details.Password,
-			CookieJar: cookieJar,
-		}
-		client.SetOptions(credentialsOptions)
-		details.XCsrfToken, err = fetchXcsrfToken("GET", details, nil, &client)
+
+	credentialsOptions := piperhttp.ClientOptions{
+		Username:  details.User,
+		Password:  details.Password,
+		CookieJar: cookieJar,
 	}
-	if err == nil {
-		resp, err = triggerATCRun(options, details, &client)
+	client.SetOptions(credentialsOptions)
+	details.XCsrfToken, err = fetchXcsrfToken("GET", details, nil, &client)
+	if err != nil {
+		return err
 	}
-	if err == nil {
-		if err = fetchAndPersistATCResults(resp, details, &client, &fileUtils, options.AtcResultsFileName, options.GenerateHTML, options.FailOnSeverity); err != nil {
-			log.Entry().WithError(err).Fatal("step execution failed")
-		}
+	resp, err := triggerATCRun(options, details, &client)
+	if err != nil {
+		return err
+	}
+	if err = fetchAndPersistATCResults(resp, details, &client, &fileUtils, options.AtcResultsFileName, options.GenerateHTML, options.FailOnSeverity); err != nil {
+		return err
 	}

 	log.Entry().Info("ATC run completed successfully. If there are any results from the respective run they will be listed in the logs above as well as being saved in the output .xml file")
+	return nil
 }

 func fetchAndPersistATCResults(resp *http.Response, details abaputils.ConnectionDetailsHTTP, client piperhttp.Sender, utils piperutils.FileUtils, atcResultFileName string, generateHTML bool, failOnSeverityLevel string) error {
--- a/cmd/abapEnvironmentRunATCCheck_test.go
+++ b/cmd/abapEnvironmentRunATCCheck_test.go
@@ -9,10 +9,30 @@ import (
 	"testing"

 	"github.com/SAP/jenkins-library/pkg/abaputils"
+	piperhttp "github.com/SAP/jenkins-library/pkg/http"
 	"github.com/SAP/jenkins-library/pkg/mock"
+	"github.com/SAP/jenkins-library/pkg/piperutils"
 	"github.com/stretchr/testify/assert"
 )

+func TestCLIFailure(t *testing.T) {
+	t.Run("function error leads to pipeline error", func(t *testing.T) {
+
+		execRunner := &mock.ExecMockRunner{}
+		autils := abaputils.AbapUtils{
+			Exec: execRunner,
+		}
+		options := abapEnvironmentRunATCCheckOptions{}
+		fileUtils := piperutils.Files{}
+		client := piperhttp.Client{}
+
+		err := runAbapEnvironmentRunATCCheck(autils, client, options, fileUtils)
+
+		assert.Error(t, err)
+
+	})
+}
+
 func TestHostConfig(t *testing.T) {
 	t.Run("Check Host: ABAP Endpoint", func(t *testing.T) {
 		config := abaputils.AbapEnvironmentOptions{
--- a/cmd/cloudFoundryDeploy_generated.go
+++ b/cmd/cloudFoundryDeploy_generated.go
@@ -113,7 +113,15 @@ func CloudFoundryDeployCommand() *cobra.Command {
 	var createCloudFoundryDeployCmd = &cobra.Command{
 		Use:   STEP_NAME,
 		Short: "Deploys an application to Cloud Foundry",
-		Long:  `Deploys an application to a test or production space within Cloud Foundry.`,
+		Long: `Deploys an application to a test or production space within Cloud Foundry.
+This step supports two deployment types:
+
+* in a standard way
+* in a zero-downtime manner using a [blue-green deployment approach](https://martinfowler.com/bliki/BlueGreenDeployment.html)
+
+The step achieves this via following deploy tools
+* [cf CLI](https://docs.cloudfoundry.org/cf-cli/) - used as default for Non MTA apps
+* [MTA CF CLI Plugin](https://github.com/cloudfoundry-incubator/multiapps-cli-plugin) - used as default for MTA apps`,
 		PreRunE: func(cmd *cobra.Command, _ []string) error {
 			startTime = time.Now()
 			log.SetStepName(STEP_NAME)
@@ -231,15 +239,15 @@ func addCloudFoundryDeployFlags(cmd *cobra.Command, stepConfig *cloudFoundryDepl
 	cmd.Flags().StringVar(&stepConfig.CfHome, "cfHome", os.Getenv("PIPER_cfHome"), "The cf home folder used by the cf cli. If not provided the default assumed by the cf cli is used.")
 	cmd.Flags().StringVar(&stepConfig.CfNativeDeployParameters, "cfNativeDeployParameters", os.Getenv("PIPER_cfNativeDeployParameters"), "Additional parameters passed to cf native deployment command")
 	cmd.Flags().StringVar(&stepConfig.CfPluginHome, "cfPluginHome", os.Getenv("PIPER_cfPluginHome"), "The cf plugin home folder used by the cf cli. If not provided the default assumed by the cf cli is used.")
-	cmd.Flags().StringVar(&stepConfig.DeployDockerImage, "deployDockerImage", os.Getenv("PIPER_deployDockerImage"), "Docker image deployments are supported (via manifest file in general)[https://docs.cloudfoundry.org/devguide/deploy-apps/manifest-attributes.html#docker]. If no manifest is used, this parameter defines the image to be deployed. The specified name of the image is passed to the `--docker-image` parameter of the cf CLI and must adhere it's naming pattern (e.g. REPO/IMAGE:TAG). See (cf CLI documentation)[https://docs.cloudfoundry.org/devguide/deploy-apps/push-docker.html] for details. Note: The used Docker registry must be visible for the targeted Cloud Foundry instance.")
-	cmd.Flags().StringVar(&stepConfig.DeployTool, "deployTool", os.Getenv("PIPER_deployTool"), "Defines the tool which should be used for deployment.")
+	cmd.Flags().StringVar(&stepConfig.DeployDockerImage, "deployDockerImage", os.Getenv("PIPER_deployDockerImage"), "Docker image deployments are supported [via manifest file in general](https://docs.cloudfoundry.org/devguide/deploy-apps/manifest-attributes.html#docker). If no manifest is used, this parameter defines the image to be deployed. The specified name of the image is passed to the `--docker-image` parameter of the cf CLI and must adhere it's naming pattern (e.g. REPO/IMAGE:TAG). See [cf CLI documentation](https://docs.cloudfoundry.org/devguide/deploy-apps/push-docker.html)x`x` for details. Note: The used Docker registry must be visible for the targeted Cloud Foundry instance.")
+	cmd.Flags().StringVar(&stepConfig.DeployTool, "deployTool", os.Getenv("PIPER_deployTool"), "Defines the tool which should be used for deployment. Mandatory if `buildTool` is not found in pipeline environment")
 	cmd.Flags().StringVar(&stepConfig.BuildTool, "buildTool", os.Getenv("PIPER_buildTool"), "Defines the tool which is used for building the artifact. If provided, `deployTool` is automatically derived from it. For MTA projects, `deployTool` defaults to `mtaDeployPlugin`. For other projects `cf_native` will be used.")
-	cmd.Flags().StringVar(&stepConfig.DeployType, "deployType", `standard`, "Defines the type of deployment, for example, `standard` deployment which results in a system downtime, `blue-green` deployment which results in zero downtime for mta deploy tool. - For mta build tool, possible values are `standard`, `blue-green` or `bg-deploy`. - For cf native build tools, possible value is `standard`. To eliminate system downtime, an alternative is to pass '--strategy rolling' to the parameter `cfNativeDeployParameters`.")
+	cmd.Flags().StringVar(&stepConfig.DeployType, "deployType", `standard`, "Defines the type of deployment -`standard` or `blue-green` deployment. For mta build tool, possible values are `standard`, `blue-green` or `bg-deploy`. For cf native build tools, possible value is `standard`. To eliminate system downtime, an alternative is to pass '--strategy rolling' to the parameter `cfNativeDeployParameters`.")
 	cmd.Flags().StringVar(&stepConfig.DockerPassword, "dockerPassword", os.Getenv("PIPER_dockerPassword"), "If the specified image in `deployDockerImage` is contained in a Docker registry, which requires authorization, this defines the password to be used.")
 	cmd.Flags().StringVar(&stepConfig.DockerUsername, "dockerUsername", os.Getenv("PIPER_dockerUsername"), "If the specified image in `deployDockerImage` is contained in a Docker registry, which requires authorization, this defines the username to be used.")
 	cmd.Flags().BoolVar(&stepConfig.KeepOldInstance, "keepOldInstance", false, "If this option is set to true the old instance will remain stopped in the Cloud Foundry space.\"")
 	cmd.Flags().StringVar(&stepConfig.LoginParameters, "loginParameters", os.Getenv("PIPER_loginParameters"), "Addition command line options for cf login command. No escaping/quoting is performed. Not recommended for productive environments.")
-	cmd.Flags().StringVar(&stepConfig.Manifest, "manifest", os.Getenv("PIPER_manifest"), "Defines the manifest to be used for deployment to Cloud Foundry.")
+	cmd.Flags().StringVar(&stepConfig.Manifest, "manifest", os.Getenv("PIPER_manifest"), "Defines the manifest file name to be used for deployment to Cloud Foundry. Defaults to `manifest.yml`")
 	cmd.Flags().StringSliceVar(&stepConfig.ManifestVariables, "manifestVariables", []string{}, "Defines a list of variables in the form `key=value` which are used for variable substitution within the file given by manifest.")
 	cmd.Flags().StringSliceVar(&stepConfig.ManifestVariablesFiles, "manifestVariablesFiles", []string{`manifest-variables.yml`}, "path(s) of the Yaml file(s) containing the variable values to use as a replacement in the manifest file. The order of the files is relevant in case there are conflicting variable names and values within variable files. In such a case, the values of the last file win.")
 	cmd.Flags().StringVar(&stepConfig.MtaDeployParameters, "mtaDeployParameters", `-f`, "Additional parameters passed to mta deployment command")
--- a/cmd/detectExecuteScan.go
+++ b/cmd/detectExecuteScan.go
@@ -112,6 +112,10 @@ func newDetectUtils(client *github.Client) detectUtils {
 					"FAILURE_GENERAL_ERROR - Detect encountered a known error, details of the error are provided.",
 					"FAILURE_UNKNOWN_ERROR - Detect encountered an unknown error.",
 					"FAILURE_MINIMUM_INTERVAL_NOT_MET - Detect did not wait the minimum required scan interval.",
+					"FAILURE_IAC - Detect was unable to perform IaC Scan against your source. Please check your configuration, and see logs and IaC Scanner documentation for more information.",
+					"FAILURE_ACCURACY_NOT_MET - Detect was unable to meet the required accuracy.",
+					"FAILURE_IMAGE_NOT_AVAILABLE - Image scan attempted but no return data available.",
+					"FAILURE_COMPONENT_LOCATION_ANALYSIS => Component Location Analysis failed.",
 				},
 			},
 		},
@@ -384,6 +388,16 @@ func mapErrorCategory(exitCodeKey int) {
 		log.SetErrorCategory(log.ErrorService)
 	case 12:
 		log.SetErrorCategory(log.ErrorInfrastructure)
+	case 13:
+		log.SetErrorCategory(log.ErrorService)
+	case 14:
+		log.SetErrorCategory(log.ErrorService)
+	case 15:
+		log.SetErrorCategory(log.ErrorService)
+	case 20:
+		log.SetErrorCategory(log.ErrorService)
+	case 25:
+		log.SetErrorCategory(log.ErrorService)
 	case 99:
 		log.SetErrorCategory(log.ErrorService)
 	case 100:
@@ -408,9 +422,13 @@ func exitCodeMapping(exitCodeKey int) string {
 		10:  "FAILURE_BLACKDUCK_VERSION_NOT_SUPPORTED => Detect attempted an operation that was not supported by your version of Black Duck. Ensure your Black Duck is compatible with this version of detect.",
 		11:  "FAILURE_BLACKDUCK_FEATURE_ERROR => Detect encountered an error while attempting an operation on Black Duck. Ensure your Black Duck is compatible with this version of detect.",
 		12:  "FAILURE_POLARIS_CONNECTIVITY => Detect was unable to connect to Polaris. Check your configuration and connection.",
+		13:  "FAILURE_MINIMUM_INTERVAL_NOT_MET => Detect did not wait the minimum required scan interval.",
+		14:  "FAILURE_IAC => Detect was unable to perform IaC Scan against your source. Please check your configuration, and see logs and IaC Scanner documentation for more information.",
+		15:  "FAILURE_ACCURACY_NOT_MET => Detect was unable to meet the required accuracy.",
+		20:  "FAILURE_IMAGE_NOT_AVAILABLE => Image scan attempted but no return data available.",
+		25:  "FAILURE_COMPONENT_LOCATION_ANALYSIS => Component Location Analysis failed. ",
 		99:  "FAILURE_GENERAL_ERROR => Detect encountered a known error, details of the error are provided.",
 		100: "FAILURE_UNKNOWN_ERROR => Detect encountered an unknown error.",
-		13:  "FAILURE_MINIMUM_INTERVAL_NOT_MET => Detect did not wait the minimum required scan interval.",
 	}

 	if _, isKeyExists := exitCodes[exitCodeKey]; isKeyExists {
--- a/cmd/detectExecuteScan_generated.go
+++ b/cmd/detectExecuteScan_generated.go
@@ -311,7 +311,7 @@ func addDetectExecuteScanFlags(cmd *cobra.Command, stepConfig *detectExecuteScan
 	cmd.Flags().StringSliceVar(&stepConfig.ScanPaths, "scanPaths", []string{`.`}, "List of paths which should be scanned by the Synopsis Detect (formerly BlackDuck) scan.")
 	cmd.Flags().StringVar(&stepConfig.DependencyPath, "dependencyPath", `.`, "Absolute Path of the dependency management file of the project. This path represents the folder which contains the pom file, package.json etc. If the project contains multiple pom files, provide the path to the parent pom file or the base folder of the project")
 	cmd.Flags().BoolVar(&stepConfig.Unmap, "unmap", false, "Unmap flag will unmap all previous code locations and keep only the current scan results in the specified project version. Set this parameter to true, when the project version needs to store only the latest scan results.")
-	cmd.Flags().StringSliceVar(&stepConfig.ScanProperties, "scanProperties", []string{`--blackduck.signature.scanner.memory=4096`, `--detect.timeout=6000`, `--blackduck.trust.cert=true`, `--logging.level.com.synopsys.integration=DEBUG`, `--detect.maven.excluded.scopes=test`}, "Properties passed to the Synopsis Detect (formerly BlackDuck) scan. You can find details in the [Synopsis Detect documentation](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=properties%2Fall-properties.html&_LANG=enus)")
+	cmd.Flags().StringSliceVar(&stepConfig.ScanProperties, "scanProperties", []string{`--blackduck.signature.scanner.memory=4096`, `--detect.timeout=6000`, `--blackduck.trust.cert=true`, `--logging.level.detect=DEBUG`, `--detect.maven.excluded.scopes=test`}, "Properties passed to the Synopsis Detect (formerly BlackDuck) scan. You can find details in the [Synopsis Detect documentation](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=properties%2Fall-properties.html&_LANG=enus)")
 	cmd.Flags().StringVar(&stepConfig.ServerURL, "serverUrl", os.Getenv("PIPER_serverUrl"), "Server URL to the Synopsis Detect (formerly BlackDuck) Server.")
 	cmd.Flags().StringSliceVar(&stepConfig.Groups, "groups", []string{}, "Users groups to be assigned for the Project")
 	cmd.Flags().StringSliceVar(&stepConfig.FailOn, "failOn", []string{`BLOCKER`}, "Mark the current build as fail based on the policy categories applied.")
@@ -467,7 +467,7 @@ func detectExecuteScanMetadata() config.StepData {
 						Type:        "[]string",
 						Mandatory:   false,
 						Aliases:     []config.Alias{{Name: "detect/scanProperties"}},
-						Default:     []string{`--blackduck.signature.scanner.memory=4096`, `--detect.timeout=6000`, `--blackduck.trust.cert=true`, `--logging.level.com.synopsys.integration=DEBUG`, `--detect.maven.excluded.scopes=test`},
+						Default:     []string{`--blackduck.signature.scanner.memory=4096`, `--detect.timeout=6000`, `--blackduck.trust.cert=true`, `--logging.level.detect=DEBUG`, `--detect.maven.excluded.scopes=test`},
 					},
 					{
 						Name:        "serverUrl",
--- a/cmd/kanikoExecute_generated.go
+++ b/cmd/kanikoExecute_generated.go
@@ -332,7 +332,7 @@ func addKanikoExecuteFlags(cmd *cobra.Command, stepConfig *kanikoExecuteOptions)
 	cmd.Flags().StringVar(&stepConfig.ContainerRegistryPassword, "containerRegistryPassword", os.Getenv("PIPER_containerRegistryPassword"), "Password of the Container registry where the image should be pushed to -  which will updated in a docker config json file. If a docker config json file is provided via parameter `dockerConfigJSON` , then the existing file will be enhanced")
 	cmd.Flags().StringSliceVar(&stepConfig.CustomTLSCertificateLinks, "customTlsCertificateLinks", []string{}, "List containing download links of custom TLS certificates. This is required to ensure trusted connections to registries with custom certificates.")
 	cmd.Flags().StringVar(&stepConfig.DockerConfigJSON, "dockerConfigJSON", os.Getenv("PIPER_dockerConfigJSON"), "Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/).")
-	cmd.Flags().StringVar(&stepConfig.DockerfilePath, "dockerfilePath", `Dockerfile`, "Defines the location of the Dockerfile relative to the Jenkins workspace.")
+	cmd.Flags().StringVar(&stepConfig.DockerfilePath, "dockerfilePath", `Dockerfile`, "Defines the location of the Dockerfile relative to the pipeline working directory.")
 	cmd.Flags().StringSliceVar(&stepConfig.TargetArchitectures, "targetArchitectures", []string{``}, "Defines the target architectures for which the build should run using OS and architecture separated by a comma. (EXPERIMENTAL)")
 	cmd.Flags().BoolVar(&stepConfig.ReadImageDigest, "readImageDigest", false, "")
 	cmd.Flags().BoolVar(&stepConfig.CreateBOM, "createBOM", false, "Creates the bill of materials (BOM) using Syft and stores it in a file in CycloneDX 1.4 format.")
--- a/cmd/mavenBuild.go
+++ b/cmd/mavenBuild.go
@@ -240,6 +240,8 @@ func createBuildArtifactsMetadata(config *mavenBuildOptions, commonPipelineEnvir
 	buildCoordinates := []versioning.Coordinates{}
 	options := versioning.Options{
 		ProjectSettingsFile: config.ProjectSettingsFile,
+		GlobalSettingsFile:  config.GlobalSettingsFile,
+		M2Path:              config.M2Path,
 	}
 	var utils versioning.Utils

--- a/cmd/vaultRotateSecretId.go
+++ b/cmd/vaultRotateSecretId.go
@@ -83,12 +83,17 @@ func runVaultRotateSecretID(utils vaultRotateSecretIDUtils) error {
 		return nil
 	}

-	log.Entry().Infof("Your secret ID is about to expire in %.0f", ttl.Round(time.Hour*24).Hours()/24)
+	if ttl == 0 {
+		log.Entry().Warn("Secret ID expired")
+	} else {
+		log.Entry().Infof("Your secret ID is about to expire in %.0f days", ttl.Round(time.Hour*24).Hours()/24)
+	}

 	if ttl > time.Duration(config.DaysBeforeExpiry)*24*time.Hour {
+		log.Entry().Info("Secret ID TTL valid.")
 		return nil
 	}
-	log.Entry().Info("Rotating...")
+	log.Entry().Info("Rotating secret ID...")

 	newSecretID, err := utils.GenerateNewAppRoleSecret(GeneralConfig.VaultRoleSecretID, roleName)

--- a/documentation/docs/steps/cloudFoundryDeploy.md
+++ b/documentation/docs/steps/cloudFoundryDeploy.md
@@ -4,32 +4,47 @@

 ### Additional Hints

-Deployment can be done
+#### Standard CF deployments

-* in a standard way
-* in a zero-downtime manner (using a [blue-green deployment approach](https://martinfowler.com/bliki/BlueGreenDeployment.html))
+`deployType` parameter defaults to value `standard`.<br>
+This means that CF CLI is called by piper and command `cf push` is run by piper

-!!! note "Deployment supports multiple deployment tools"
-    Currently the following are supported:
+#### Blue green deployments

-    * Standard `cf push` and [Bluemix blue-green plugin](https://github.com/bluemixgaragelondon/cf-blue-green-deploy#how-to-use)
-    * [MTA CF CLI Plugin](https://github.com/cloudfoundry-incubator/multiapps-cli-plugin)
+**With CF CLI**

-!!! note "Blue-Green Deployment with MTA CF CLI Plugin"
-    The Multiapps Plugin offers 2 different strategies:
+* Blue green deployments are deprecated, but [rolling deployment strategy](https://docs.cloudfoundry.org/devguide/deploy-apps/rolling-deploy.html) is supported.<br>
+* For rolling deployment strategy , set parameter `cfNativeDeployParameters:'--strategy rolling'`
+  
+**With [MTA CF CLI Plugin](https://github.com/cloudfoundry-incubator/multiapps-cli-plugin) for MTA applications**

-    * [Blue-Green Deployment Strategy](https://github.com/SAP-samples/cf-mta-examples/tree/main/blue-green-deploy-strategy) - where the production environments are called “live” and “idle” during deployment. This strategy is activated with `mtaDeployParameters: --strategy blue-green --skip-testing-phase` and `deployType=standard`. After deployment, appnames are not appeneded by any suffix like `-live` or `-idle`.
-    * [Legacy Blue-Green Deployment](https://github.com/SAP-samples/cf-mta-examples/tree/main/blue-green-deploy-legacy) - where the productive environments are called “blue” and “green. Activated by `deployType=blue-green`. After deployment, appnames are appeneded by suffix like `-blue` or `-green`
+The Multiapps Plugin offers 2 different strategies:<br>

-!!! note
-    Due to [an incompatible change](https://github.com/cloudfoundry/cli/issues/1445) in the Cloud Foundry CLI, multiple buildpacks are not supported by this step.
+* [Blue-Green Deployment Strategy](https://github.com/SAP-samples/cf-mta-examples/tree/main/blue-green-deploy-strategy) - where the production environments are called “live” and “idle” during deployment. This strategy is activated with `mtaDeployParameters: --strategy blue-green --skip-testing-phase` and `deployType=standard`. After deployment, appnames are not appeneded by any suffix like `-live` or `-idle`.<br>
+* [Legacy Blue-Green Deployment](https://github.com/SAP-samples/cf-mta-examples/tree/main/blue-green-deploy-legacy) - where the productive environments are called “blue” and “green. Activated by `deployType=blue-green`. After deployment, appnames are appeneded by suffix like `-blue` or `-green`
+  
+Following table summarizes the different combinations of the step parameters `deployType` and `deployTool` and their impact.
+Parameter `buildTool`  is used to differentiate between MTA and Non MTA applications. If `buildTool` is not available in the environment, user will have to provide `deployTool` explicitly.
+
+#### Deployment Strategy Comparison
+
+This table compares deployment strategies for MTA and Non-MTA applications.
+
+| deployType      | MTA Applications | Non MTA Applications |
+|---------------|-----------------|----------------------|
+| **standard**   | deployTool = mtaDeployPlugin  <br> Uses MTA plugin, <br> Command run `cf deploy` | deployTool = cf_native  <br> cf CLI used <br> Command `cf push` <br> Requires Manifest file and app name <br> appname can be provided via config or manifest file. |
+| **blue-green** | deployTool = mtaDeployPlugin, <br> Uses MTA plugin <br> Command run `cf deploy bgdeploy` | Deprecated. <br> **Alternative:** Rolling deployment strategy by setting <br> `cfNativeDeployParameters = '--strategy rolling'` |
+|               | **deployDockerImage not supported** | **deployDockerImage supported**<br>Docker credentials can only be provided as Jenkins environment variable. |
+
+ !!! note
+
+- Due to [an incompatible change](https://github.com/cloudfoundry/cli/issues/1445) in the Cloud Foundry CLI, multiple buildpacks are not supported by this step.
    If your `application` contains a list of `buildpacks` instead of a single `buildpack`, this will be automatically re-written by the step when blue-green deployment is used.
-
-!!! note
-    Cloud Foundry supports the deployment of multiple applications using a single manifest file.
+- Cloud Foundry supports the deployment of multiple applications using a single manifest file.
    This option is supported with project "Piper".
    In this case, define `appName: ''` since the app name for the individual applications has to be defined via the manifest.
    You can find details in the [Cloud Foundry Documentation](https://docs.cloudfoundry.org/devguide/deploy-apps/manifest.html#multi-apps)
+- Recommended way to do **docker image deployments** is via kubernetesDeploy Piper step.This step is not capable of deploying docker images built in the same pipeline using other piper steps[i.e., kanikoExecute].

 ## Prerequisites

--- a/documentation/docs/steps/npmExecuteTests.md
+++ b/documentation/docs/steps/npmExecuteTests.md
@@ -1,7 +1,7 @@
 # ${docGenStepName}

-> [!WARNING]
-> Please note, that the npmExecuteTests step is in beta state, and there could be breaking changes before we remove the beta notice.
+!!! note
+    Please note, that the npmExecuteTests step is in beta state, and there could be breaking changes before we remove the beta notice.

 ## ${docGenDescription}

--- a/go.mod
+++ b/go.mod
@@ -63,7 +63,7 @@ require (
 	gopkg.in/ini.v1 v1.67.0
 	gopkg.in/yaml.v2 v2.4.0
 	gopkg.in/yaml.v3 v3.0.1
-	helm.sh/helm/v3 v3.14.4
+	helm.sh/helm/v3 v3.15.0
 	mvdan.cc/xurls/v2 v2.4.0
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd
 )
@@ -263,16 +263,16 @@ require (
 	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
-	k8s.io/api v0.29.0 // indirect
-	k8s.io/apimachinery v0.29.0 // indirect
-	k8s.io/cli-runtime v0.29.0 // indirect
-	k8s.io/client-go v0.29.0 // indirect
-	k8s.io/klog/v2 v2.110.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
+	k8s.io/api v0.30.0 // indirect
+	k8s.io/apimachinery v0.30.0 // indirect
+	k8s.io/cli-runtime v0.30.0 // indirect
+	k8s.io/client-go v0.30.0 // indirect
+	k8s.io/klog/v2 v2.120.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
 	k8s.io/utils v0.0.0-20240102154912-e7106e64919e
 	oras.land/oras-go v1.2.6 // indirect
 	sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect
 	sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
-	sigs.k8s.io/yaml v1.3.0 // indirect
+	sigs.k8s.io/yaml v1.4.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -323,7 +323,6 @@ github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2
 github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
 github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
-github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
 github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
@@ -752,8 +751,8 @@ github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W
 github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
 github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
 github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
-github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4=
-github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o=
+github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY=
+github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM=
 github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
@@ -1381,8 +1380,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU=
 gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU=
-helm.sh/helm/v3 v3.14.4 h1:6FSpEfqyDalHq3kUr4gOMThhgY55kXUEjdQoyODYnrM=
-helm.sh/helm/v3 v3.14.4/go.mod h1:Tje7LL4gprZpuBNTbG34d1Xn5NmRT3OWfBRwpOSer9I=
+helm.sh/helm/v3 v3.15.0 h1:gcLxHeFp0Hfo7lYi6KIZ84ZyvlAnfFRSJ8lTL3zvG5U=
+helm.sh/helm/v3 v3.15.0/go.mod h1:fvfoRcB8UKRUV5jrIfOTaN/pG1TPhuqSb56fjYdTKXg=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
@@ -1390,18 +1389,18 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/api v0.29.0 h1:NiCdQMY1QOp1H8lfRyeEf8eOwV6+0xA6XEE44ohDX2A=
-k8s.io/api v0.29.0/go.mod h1:sdVmXoz2Bo/cb77Pxi71IPTSErEW32xa4aXwKH7gfBA=
-k8s.io/apimachinery v0.29.0 h1:+ACVktwyicPz0oc6MTMLwa2Pw3ouLAfAon1wPLtG48o=
-k8s.io/apimachinery v0.29.0/go.mod h1:eVBxQ/cwiJxH58eK/jd/vAk4mrxmVlnpBH5J2GbMeis=
-k8s.io/cli-runtime v0.29.0 h1:q2kC3cex4rOBLfPOnMSzV2BIrrQlx97gxHJs21KxKS4=
-k8s.io/cli-runtime v0.29.0/go.mod h1:VKudXp3X7wR45L+nER85YUzOQIru28HQpXr0mTdeCrk=
-k8s.io/client-go v0.29.0 h1:KmlDtFcrdUzOYrBhXHgKw5ycWzc3ryPX5mQe0SkG3y8=
-k8s.io/client-go v0.29.0/go.mod h1:yLkXH4HKMAywcrD82KMSmfYg2DlE8mepPR4JGSo5n38=
-k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0=
-k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo=
-k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780=
-k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA=
+k8s.io/api v0.30.0 h1:siWhRq7cNjy2iHssOB9SCGNCl2spiF1dO3dABqZ8niA=
+k8s.io/api v0.30.0/go.mod h1:OPlaYhoHs8EQ1ql0R/TsUgaRPhpKNxIMrKQfWUp8QSE=
+k8s.io/apimachinery v0.30.0 h1:qxVPsyDM5XS96NIh9Oj6LavoVFYff/Pon9cZeDIkHHA=
+k8s.io/apimachinery v0.30.0/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc=
+k8s.io/cli-runtime v0.30.0 h1:0vn6/XhOvn1RJ2KJOC6IRR2CGqrpT6QQF4+8pYpWQ48=
+k8s.io/cli-runtime v0.30.0/go.mod h1:vATpDMATVTMA79sZ0YUCzlMelf6rUjoBzlp+RnoM+cg=
+k8s.io/client-go v0.30.0 h1:sB1AGGlhY/o7KCyCEQ0bPWzYDL0pwOZO4vAtTSh/gJQ=
+k8s.io/client-go v0.30.0/go.mod h1:g7li5O5256qe6TYdAMyX/otJqMhIiGgTapdLchhmOaY=
+k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
+k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
+k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag=
+k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98=
 k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ=
 k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 mvdan.cc/xurls/v2 v2.4.0 h1:tzxjVAj+wSBmDcF6zBB7/myTy3gX9xvi8Tyr28AuQgc=
@@ -1419,5 +1418,5 @@ sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 h1:W6cLQc5pnqM
 sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3/go.mod h1:JWP1Fj0VWGHyw3YUPjXSQnRnrwezrZSrApfX5S0nIag=
 sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4=
 sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08=
-sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
-sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8=
+sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E=
+sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=
--- a/integration/integration_cnb_test.go
+++ b/integration/integration_cnb_test.go
@@ -36,7 +36,7 @@ func setupDockerRegistry(t *testing.T, ctx context.Context) testcontainers.Conta
 }

 func TestCNBIntegrationNPMProject(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	registryContainer := setupDockerRegistry(t, ctx)
 	defer registryContainer.Terminate(ctx)
@@ -86,7 +86,7 @@ func TestCNBIntegrationNPMProject(t *testing.T) {
 }

 func TestCNBIntegrationProjectDescriptor(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	registryContainer := setupDockerRegistry(t, ctx)
 	defer registryContainer.Terminate(ctx)
@@ -116,7 +116,7 @@ func TestCNBIntegrationProjectDescriptor(t *testing.T) {
 	container.terminate(t)
 }
 func TestCNBIntegrationBuildSummary(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	registryContainer := setupDockerRegistry(t, ctx)
 	defer registryContainer.Terminate(ctx)
@@ -141,7 +141,7 @@ func TestCNBIntegrationBuildSummary(t *testing.T) {
 }

 func TestCNBIntegrationZipPath(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	registryContainer := setupDockerRegistry(t, ctx)
 	defer registryContainer.Terminate(ctx)
@@ -170,7 +170,7 @@ func TestCNBIntegrationZipPath(t *testing.T) {
 }

 func TestCNBIntegrationNonZipPath(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	registryContainer := setupDockerRegistry(t, ctx)
 	defer registryContainer.Terminate(ctx)
@@ -190,7 +190,7 @@ func TestCNBIntegrationNonZipPath(t *testing.T) {
 }

 func TestCNBIntegrationNPMCustomBuildpacksFullProject(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	registryContainer := setupDockerRegistry(t, ctx)
 	defer registryContainer.Terminate(ctx)
@@ -218,7 +218,7 @@ func TestCNBIntegrationNPMCustomBuildpacksFullProject(t *testing.T) {
 }

 func TestCNBIntegrationNPMCustomBuildpacksBuildpacklessProject(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	registryContainer := setupDockerRegistry(t, ctx)
 	defer registryContainer.Terminate(ctx)
@@ -245,7 +245,7 @@ func TestCNBIntegrationNPMCustomBuildpacksBuildpacklessProject(t *testing.T) {
 }

 func TestCNBIntegrationWrongBuilderProject(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:   "nginx:latest",
 		TestDir: []string{"testdata", "TestMtaIntegration", "npm"},
@@ -259,7 +259,7 @@ func TestCNBIntegrationWrongBuilderProject(t *testing.T) {
 }

 func TestCNBIntegrationBindings(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	registryContainer := setupDockerRegistry(t, ctx)
 	defer registryContainer.Terminate(ctx)
@@ -287,7 +287,7 @@ func TestCNBIntegrationBindings(t *testing.T) {
 }

 func TestCNBIntegrationMultiImage(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	registryContainer := setupDockerRegistry(t, ctx)
 	defer registryContainer.Terminate(ctx)
@@ -321,7 +321,7 @@ func TestCNBIntegrationMultiImage(t *testing.T) {
 }

 func TestCNBIntegrationPreserveFiles(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	registryContainer := setupDockerRegistry(t, ctx)
 	defer registryContainer.Terminate(ctx)
@@ -341,7 +341,7 @@ func TestCNBIntegrationPreserveFiles(t *testing.T) {
 }

 func TestCNBIntegrationPreserveFilesIgnored(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	registryContainer := setupDockerRegistry(t, ctx)
 	defer registryContainer.Terminate(ctx)
@@ -360,7 +360,7 @@ func TestCNBIntegrationPreserveFilesIgnored(t *testing.T) {
 }

 func TestCNBIntegrationPrePostBuildpacks(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	registryContainer := setupDockerRegistry(t, ctx)
 	defer registryContainer.Terminate(ctx)
--- a/integration/integration_gauge_test.go
+++ b/integration/integration_gauge_test.go
@@ -88,11 +88,11 @@ cd /test
 }

 func TestGaugeIntegrationJava(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	runTest(t, "java")
 }

 func TestGaugeIntegrationJS(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	runTest(t, "js")
 }
--- a/integration/integration_gcs_test.go
+++ b/integration/integration_gcs_test.go
@@ -26,7 +26,7 @@ import (
 )

 func TestGCSIntegrationClient(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	testdataPath, err := filepath.Abs("testdata/TestGCSIntegration")
 	assert.NoError(t, err)
--- a/integration/integration_github_test.go
+++ b/integration/integration_github_test.go
@@ -20,7 +20,7 @@ import (
 )

 func TestGitHubIntegrationPiperPublishRelease(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	token := os.Getenv("PIPER_INTEGRATION_GITHUB_TOKEN")
 	if len(token) == 0 {
 		t.Fatal("No GitHub token maintained")
@@ -95,7 +95,7 @@ func TestGitHubIntegrationPiperPublishRelease(t *testing.T) {
 }

 func TestGitHubIntegrationFetchCommitStatistics(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	// prepare
 	token := os.Getenv("PIPER_INTEGRATION_GITHUB_TOKEN")
 	if len(token) == 0 {
--- a/integration/integration_golang_test.go
+++ b/integration/integration_golang_test.go
@@ -15,7 +15,7 @@ import (
 // In this test the piper command golangBuild performs testing, BOM file creation and building a project with entry point in the cmd/server/server.go
 // The configuration for golangBuild can be found in testdata/TestGolangIntegration/golang-project1/.pipeline/config.yml
 func TestGolangIntegrationBuildProject1(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()

 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:       "golang:1",
@@ -51,7 +51,7 @@ func TestGolangIntegrationBuildProject1(t *testing.T) {

 // This test extends TestGolangIntegrationBuildProject1 with multi-package build
 func TestGolangIntegrationBuildProject1MultiPackage(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()

 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:       "golang:1",
@@ -88,7 +88,7 @@ func TestGolangIntegrationBuildProject1MultiPackage(t *testing.T) {
 // In this test, the piper golangBuild command only builds the project with the entry point at the project root.
 // The configuration for golangBuild can be found in testdata/TestGolangIntegration/golang-project2/.pipeline/config.yml
 func TestGolangIntegrationBuildProject2(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()

 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:       "golang:1",
--- a/integration/integration_gradle_test.go
+++ b/integration/integration_gradle_test.go
@@ -19,7 +19,7 @@ import (
 )

 func TestGradleIntegrationExecuteBuildJavaProjectBOMCreationUsingWrapper(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()

 	pwd, err := os.Getwd()
@@ -121,7 +121,7 @@ ls -l ./build/reports/ >files-list.txt 2>&1
 }

 func TestGradleIntegrationExecuteBuildJavaProjectWithBomPlugin(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()

 	pwd, err := os.Getwd()
--- a/integration/integration_influx_test.go
+++ b/integration/integration_influx_test.go
@@ -22,7 +22,7 @@ import (
 )

 func TestInfluxIntegrationWriteMetrics(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	const authToken = "influx-token"
 	const username = "username"
--- a/integration/integration_karma_test.go
+++ b/integration/integration_karma_test.go
@@ -20,7 +20,7 @@ import (
 func TestKarmaIntegration(t *testing.T) {
 	t.Skip("Skip failing test for now")

-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()

 	pwd, err := os.Getwd()
--- a/integration/integration_maven_test.go
+++ b/integration/integration_maven_test.go
@@ -11,7 +11,7 @@ import (
 )

 func TestMavenIntegrationBuildCloudSdkSpringProject(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:   "maven:3-openjdk-8-slim",
 		User:    "1000",
@@ -46,7 +46,7 @@ func TestMavenIntegrationBuildCloudSdkSpringProject(t *testing.T) {
 }

 func TestMavenIntegrationBuildCloudSdkTomeeProject(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:   "maven:3-openjdk-8-slim",
 		User:    "1000",
--- a/integration/integration_mta_test.go
+++ b/integration/integration_mta_test.go
@@ -11,7 +11,7 @@ import (
 )

 func TestMTAIntegrationMavenProject(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:   "devxci/mbtci-java11-node14",
 		User:    "root",
@@ -33,7 +33,7 @@ func TestMTAIntegrationMavenProject(t *testing.T) {
 }

 func TestMTAIntegrationMavenSpringProject(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:   "devxci/mbtci-java11-node14",
 		User:    "root",
@@ -54,7 +54,7 @@ func TestMTAIntegrationMavenSpringProject(t *testing.T) {
 }

 func TestMTAIntegrationNPMProject(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:   "devxci/mbtci-java11-node14",
 		User:    "root",
@@ -71,7 +71,7 @@ func TestMTAIntegrationNPMProject(t *testing.T) {
 }

 func TestMTAIntegrationNPMProjectInstallsDevDependencies(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:   "devxci/mbtci-java11-node14",
 		User:    "root",
--- a/integration/integration_nexus_test.go
+++ b/integration/integration_nexus_test.go
@@ -30,7 +30,7 @@ func assertFileCanBeDownloaded(t *testing.T, container IntegrationTestDockerExec
 }

 func TestNexusIntegrationV3UploadMta(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:       "sonatype/nexus3:3.25.1",
 		User:        "nexus",
@@ -57,7 +57,7 @@ func TestNexusIntegrationV3UploadMta(t *testing.T) {
 }

 func TestNexusIntegrationV3UploadMaven(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:       "sonatype/nexus3:3.25.1",
 		User:        "nexus",
@@ -84,7 +84,7 @@ func TestNexusIntegrationV3UploadMaven(t *testing.T) {
 }

 func TestNexusIntegrationV3UploadNpm(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	container := givenThisContainer(t, IntegrationTestDockerExecRunnerBundle{
 		Image:       "sonatype/nexus3:3.25.1",
 		User:        "nexus",
--- a/integration/integration_npm_test.go
+++ b/integration/integration_npm_test.go
@@ -18,7 +18,7 @@ import (
 )

 func TestNPMIntegrationRunScriptsWithOptions(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()

 	pwd, err := os.Getwd()
@@ -70,7 +70,7 @@ cd /test
 }

 func TestNPMIntegrationRegistrySetInFlags(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()

 	pwd, err := os.Getwd()
@@ -121,7 +121,7 @@ cd /test
 }

 func TestNPMIntegrationRegistrySetInNpmrc(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()

 	pwd, err := os.Getwd()
@@ -172,7 +172,7 @@ cd /test
 }

 func TestNPMIntegrationRegistryWithTwoModules(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()

 	pwd, err := os.Getwd()
--- a/integration/integration_piper_test.go
+++ b/integration/integration_piper_test.go
@@ -22,7 +22,7 @@ import (
 )

 func TestPiperIntegrationHelp(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	piperHelpCmd := command.Command{}

 	var commandOutput bytes.Buffer
--- a/integration/integration_python_test.go
+++ b/integration/integration_python_test.go
@@ -19,7 +19,7 @@ import (
 )

 func TestPythonIntegrationBuildProject(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	pwd, err := os.Getwd()
 	assert.NoError(t, err, "Getting current working directory failed.")
--- a/integration/integration_sonar_test.go
+++ b/integration/integration_sonar_test.go
@@ -18,7 +18,7 @@ import (
 )

 func TestSonarIntegrationIssueSearch(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	// init
 	token := os.Getenv("PIPER_INTEGRATION_SONAR_TOKEN")
 	require.NotEmpty(t, token, "SonarQube API Token is missing")
@@ -52,7 +52,7 @@ func TestSonarIntegrationIssueSearch(t *testing.T) {
 }

 func TestSonarIntegrationMeasuresComponentSearch(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	// init
 	token := os.Getenv("PIPER_INTEGRATION_SONAR_TOKEN")
 	require.NotEmpty(t, token, "SonarQube API Token is missing")
@@ -77,7 +77,7 @@ func TestSonarIntegrationMeasuresComponentSearch(t *testing.T) {
 }

 func TestSonarIntegrationGetLinesOfCode(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	// init
 	token := os.Getenv("PIPER_INTEGRATION_SONAR_TOKEN")
 	require.NotEmpty(t, token, "SonarQube API Token is missing")
--- a/integration/integration_vault_test.go
+++ b/integration/integration_vault_test.go
@@ -24,7 +24,7 @@ import (
 type SecretData = map[string]interface{}

 func TestVaultIntegrationGetSecret(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	const testToken = "vault-token"

@@ -70,7 +70,7 @@ func TestVaultIntegrationGetSecret(t *testing.T) {
 }

 func TestVaultIntegrationWriteSecret(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	const testToken = "vault-token"

@@ -134,7 +134,7 @@ func TestVaultIntegrationWriteSecret(t *testing.T) {
 }

 func TestVaultIntegrationAppRole(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	const testToken = "vault-token"
 	const appRolePath = "auth/approle/role/test"
@@ -214,7 +214,7 @@ func TestVaultIntegrationAppRole(t *testing.T) {
 }

 func TestVaultIntegrationTokenRevocation(t *testing.T) {
-	t.Parallel()
+	// t.Parallel()
 	ctx := context.Background()
 	const testToken = "vault-token"
 	const appRolePath = "auth/approle/role/test"
--- a/pkg/kubernetes/helm.go
+++ b/pkg/kubernetes/helm.go
@@ -269,9 +269,9 @@ func (h *HelmExecute) RunHelmInstall() error {

 	if h.verbose {
 		helmParamsDryRun := helmParams
-		helmParamsDryRun = append(helmParamsDryRun, "--dry-run")
+		helmParamsDryRun = append(helmParamsDryRun, "--dry-run", "--hide-secret")
 		if err := h.runHelmCommand(helmParamsDryRun); err != nil {
-			log.Entry().WithError(err).Error("Helm install --dry-run call failed")
+			log.Entry().WithError(err).Error("Helm install --dry-run --hide-secret call failed")
 		}
 	}

@@ -309,9 +309,9 @@ func (h *HelmExecute) RunHelmUninstall() error {

 	if h.verbose {
 		helmParamsDryRun := helmParams
-		helmParamsDryRun = append(helmParamsDryRun, "--dry-run")
+		helmParamsDryRun = append(helmParamsDryRun, "--dry-run", "--hide-secret")
 		if err := h.runHelmCommand(helmParamsDryRun); err != nil {
-			log.Entry().WithError(err).Error("Helm uninstall --dry-run call failed")
+			log.Entry().WithError(err).Error("Helm uninstall --dry-run --hide-secret call failed")
 		}
 	}

--- a/pkg/kubernetes/helm_test.go
+++ b/pkg/kubernetes/helm_test.go
@@ -307,7 +307,7 @@ func TestRunHelmInstall(t *testing.T) {
 			},
 			generalVerbose: true,
 			expectedExecCalls: []mock.ExecCall{
-				{Exec: "helm", Params: []string{"install", "testPackage", ".", "--namespace", "test-namespace", "--create-namespace", "--atomic", "--wait", "--timeout", "525s", "--set-file", "my_script=dothings.sh", "--debug", "--dry-run"}},
+				{Exec: "helm", Params: []string{"install", "testPackage", ".", "--namespace", "test-namespace", "--create-namespace", "--atomic", "--wait", "--timeout", "525s", "--set-file", "my_script=dothings.sh", "--debug", "--dry-run", "--hide-secret"}},
 				{Exec: "helm", Params: []string{"install", "testPackage", ".", "--namespace", "test-namespace", "--create-namespace", "--atomic", "--wait", "--timeout", "525s", "--set-file", "my_script=dothings.sh", "--debug"}},
 			},
 		},
@@ -324,7 +324,7 @@ func TestRunHelmInstall(t *testing.T) {
 			},
 			generalVerbose: true,
 			expectedExecCalls: []mock.ExecCall{
-				{Exec: "helm", Params: []string{"install", "testPackage", ".", "--namespace", "test-namespace", "--create-namespace", "--atomic", "--wait", "--timeout", "525s", "--set-file", "my_script=dothings.sh", "--debug", "--dry-run"}},
+				{Exec: "helm", Params: []string{"install", "testPackage", ".", "--namespace", "test-namespace", "--create-namespace", "--atomic", "--wait", "--timeout", "525s", "--set-file", "my_script=dothings.sh", "--debug", "--dry-run", "--hide-secret"}},
 				{Exec: "helm", Params: []string{"install", "testPackage", ".", "--namespace", "test-namespace", "--create-namespace", "--atomic", "--wait", "--timeout", "525s", "--set-file", "my_script=dothings.sh", "--debug"}},
 			},
 		},
@@ -341,7 +341,7 @@ func TestRunHelmInstall(t *testing.T) {
 			},
 			generalVerbose: true,
 			expectedExecCalls: []mock.ExecCall{
-				{Exec: "helm", Params: []string{"install", "testPackage", ".", "--namespace", "test-namespace", "--create-namespace", "--atomic", "--wait", "--timeout", "525s", "--set", "auth=Basic user:password", "--debug", "--dry-run"}},
+				{Exec: "helm", Params: []string{"install", "testPackage", ".", "--namespace", "test-namespace", "--create-namespace", "--atomic", "--wait", "--timeout", "525s", "--set", "auth=Basic user:password", "--debug", "--dry-run", "--hide-secret"}},
 				{Exec: "helm", Params: []string{"install", "testPackage", ".", "--namespace", "test-namespace", "--create-namespace", "--atomic", "--wait", "--timeout", "525s", "--set", "auth=Basic user:password", "--debug"}},
 			},
 		},
@@ -393,7 +393,7 @@ func TestRunHelmUninstall(t *testing.T) {
 			},
 			generalVerbose: true,
 			expectedExecCalls: []mock.ExecCall{
-				{Exec: "helm", Params: []string{"uninstall", "testPackage", "--namespace", "test-namespace", "--wait", "--timeout", "524s", "--debug", "--dry-run"}},
+				{Exec: "helm", Params: []string{"uninstall", "testPackage", "--namespace", "test-namespace", "--wait", "--timeout", "524s", "--debug", "--dry-run", "--hide-secret"}},
 				{Exec: "helm", Params: []string{"uninstall", "testPackage", "--namespace", "test-namespace", "--wait", "--timeout", "524s", "--debug"}},
 			},
 		},
--- a/resources/metadata/cloudFoundryDeploy.yaml
+++ b/resources/metadata/cloudFoundryDeploy.yaml
@@ -3,6 +3,14 @@ metadata:
  description: "Deploys an application to Cloud Foundry"
  longDescription: |
    Deploys an application to a test or production space within Cloud Foundry.
+    This step supports two deployment types:
+
+    * in a standard way
+    * in a zero-downtime manner using a [blue-green deployment approach](https://martinfowler.com/bliki/BlueGreenDeployment.html)
+
+    The step achieves this via following deploy tools
+    * [cf CLI](https://docs.cloudfoundry.org/cf-cli/) - used as default for Non MTA apps
+    * [MTA CF CLI Plugin](https://github.com/cloudfoundry-incubator/multiapps-cli-plugin) - used as default for MTA apps
 spec:
  inputs:
    secrets:
@@ -98,11 +106,11 @@ spec:
      - name: deployDockerImage
        type: string
        description: "Docker image deployments are supported
-          (via manifest file in general)[https://docs.cloudfoundry.org/devguide/deploy-apps/manifest-attributes.html#docker].
+          [via manifest file in general](https://docs.cloudfoundry.org/devguide/deploy-apps/manifest-attributes.html#docker).
          If no manifest is used, this parameter defines the image to be deployed.
          The specified name of the image is passed to the `--docker-image` parameter of the cf CLI and must
          adhere it's naming pattern (e.g. REPO/IMAGE:TAG).
-          See (cf CLI documentation)[https://docs.cloudfoundry.org/devguide/deploy-apps/push-docker.html]
+          See [cf CLI documentation](https://docs.cloudfoundry.org/devguide/deploy-apps/push-docker.html)x`x`
          for details.
          Note: The used Docker registry must be visible for the targeted Cloud Foundry instance."
        scope:
@@ -113,7 +121,7 @@ spec:
        mandatory: false
      - name: deployTool
        type: string
-        description: "Defines the tool which should be used for deployment."
+        description: "Defines the tool which should be used for deployment. Mandatory if `buildTool` is not found in pipeline environment"
        scope:
          - PARAMETERS
          - STAGES
@@ -136,10 +144,9 @@ spec:
      - name: deployType
        type: string
        description:
-          "Defines the type of deployment, for example, `standard` deployment which results in a system
-          downtime, `blue-green` deployment which results in zero downtime for mta deploy tool.
-           - For mta build tool, possible values are `standard`, `blue-green` or `bg-deploy`.
-           - For cf native build tools, possible value is `standard`. To eliminate system downtime, an alternative is to pass '--strategy rolling' to the parameter `cfNativeDeployParameters`."
+          "Defines the type of deployment -`standard` or `blue-green` deployment.
+          For mta build tool, possible values are `standard`, `blue-green` or `bg-deploy`.
+          For cf native build tools, possible value is `standard`. To eliminate system downtime, an alternative is to pass '--strategy rolling' to the parameter `cfNativeDeployParameters`."
        scope:
          - PARAMETERS
          - STAGES
@@ -199,7 +206,7 @@ spec:
        mandatory: false
      - name: manifest
        type: string
-        description: "Defines the manifest to be used for deployment to Cloud Foundry."
+        description: "Defines the manifest file name to be used for deployment to Cloud Foundry. Defaults to `manifest.yml`"
        scope:
          - PARAMETERS
          - STAGES
--- a/resources/metadata/detectExecuteScan.yaml
+++ b/resources/metadata/detectExecuteScan.yaml
@@ -117,7 +117,7 @@ spec:
          - --blackduck.signature.scanner.memory=4096
          - --detect.timeout=6000
          - --blackduck.trust.cert=true
-          - --logging.level.com.synopsys.integration=DEBUG
+          - --logging.level.detect=DEBUG
          - --detect.maven.excluded.scopes=test
        scope:
          - PARAMETERS
--- a/resources/metadata/kanikoExecute.yaml
+++ b/resources/metadata/kanikoExecute.yaml
@@ -269,7 +269,7 @@ spec:
        aliases:
          - name: dockerfile
        type: string
-        description: Defines the location of the Dockerfile relative to the Jenkins workspace.
+        description: Defines the location of the Dockerfile relative to the pipeline working directory.
        scope:
          - PARAMETERS
          - STAGES
--- a/vars/writePipelineEnv.groovy
+++ b/vars/writePipelineEnv.groovy
@@ -6,20 +6,23 @@ import groovy.transform.Field
 void call(Map parameters = [:]) {
    final script = checkScript(this, parameters) ?: this
    String piperGoPath = parameters?.piperGoPath ?: './piper'
-    Map cpe = script?.commonPipelineEnvironment?.getCPEMap(script)
-    if (cpe == null) {
-        return
+    String command = "${piperGoPath} writePipelineEnv"
+
+    if (parameters.value) {
+        command += " --value '${parameters.value}'"
    }
+    Map cpe = script?.commonPipelineEnvironment?.getCPEMap(script)
+    if (cpe == null) return

    def jsonMap = groovy.json.JsonOutput.toJson(cpe)
-    if (piperGoPath && jsonMap) {
-        withEnv(["PIPER_pipelineEnv=${jsonMap}"]) {
-            def output = script.sh(returnStdout: true, script: "${piperGoPath} writePipelineEnv")
-            if (parameters?.verbose) {
-                script.echo("wrote commonPipelineEnvironment: ${output}")
-            }
+    if (!jsonMap) {
+        script.echo("can't write pipelineEnvironment: empty environment")
+        return
+    }
+    withEnv(["PIPER_pipelineEnv=${jsonMap}"]) {
+        def output = script.sh(returnStdout: true, script: command)
+        if (parameters?.verbose) {
+            script.echo("wrote commonPipelineEnvironment: ${output}")
        }
-    } else {
-        script.echo("can't write pipelineEnvironment: piperGoPath: ${piperGoPath} piperEnvironment ${jsonMap}")
    }
 }