SAP
diff --git a/‎.github/CODEOWNERS‎
Lines changed: 5 additions & 1 deletion b/‎.github/CODEOWNERS‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎.github/workflows/lint.yml‎
Lines changed: 25 additions & 14 deletions b/‎.github/workflows/lint.yml‎
Lines changed: 25 additions & 14 deletions
diff --git a/‎.github/workflows/pipeline.yml‎
Lines changed: 113 additions & 40 deletions b/‎.github/workflows/pipeline.yml‎
Lines changed: 113 additions & 40 deletions
diff --git a/‎.github/workflows/sonar.yml‎
Lines changed: 55 additions & 0 deletions b/‎.github/workflows/sonar.yml‎
Lines changed: 55 additions & 0 deletions
@@ -24,8 +24,12 @@
 # Module: fiori-elements-writer
 /packages/fiori-elements-writer/ @SAP/ux-tools-elements-writer
 
+# Module: fiori-mcp-server (and related)
+/packages/fiori-mcp-server/ @SAP/ux-tools-fiori-mcp-server
+/packages/fiori-docs-embeddings/ @SAP/ux-tools-fiori-mcp-server
+
 # Module: eslint-plugin-fiori-tools
-/packages/eslint-plugin-fiori-tools/ @SAP/ux-tools-fiori-freestyle-writer @SAP/ux-tools-elements-writer
+/packages/eslint-plugin-fiori-tools/ @SAP/ux-tools-eslint-plugin-fiori-tools
 
 # Module: logger
 /packages/logger/ @SAP/ux-tools-logger
 
@@ -13,15 +13,16 @@ jobs:
   run-linters:
     strategy:
       matrix:
-          os: [ubuntu-latest]
-          node-version: [20.x]
+        os: [ubuntu-latest]
+        node-version: [20.x]
     runs-on: ${{ matrix.os }}
 
     steps:
       - name: Checkout code repository
         uses: actions/checkout@v4
         with:
-            ref: ${{ github.event.pull_request.head.ref }}            
+          repository: ${{ github.event.pull_request.head.repo.full_name }}
+          ref: ${{ github.event.pull_request.head.ref }}
       - name: Setup pnpm
         uses: pnpm/action-setup@v4
         with:
@@ -30,16 +31,16 @@ jobs:
       - name: Cache pnpm modules
         uses: actions/cache@v4
         env:
-            cache-name: cache-pnpm-modules
+          cache-name: cache-pnpm-modules
         with:
-            path: ~/.pnpm-store
-            key: ${{ matrix.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-${{ hashFiles('**/pnpm-lock.yaml') }}
-            restore-keys: |
-                ${{ matrix.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-
+          path: ~/.pnpm-store
+          key: ${{ matrix.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-${{ hashFiles('**/pnpm-lock.yaml') }}
+          restore-keys: |
+            ${{ matrix.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-
       - name: Use Node.js ${{ matrix.node-version }}
         uses: actions/setup-node@v4
         with:
-            node-version: ${{ matrix.node-version }}
+          node-version: ${{ matrix.node-version }}
       - name: Install pnpm modules
         run: pnpm install --frozen-lockfile
       - name: Run build
@@ -52,8 +53,18 @@ jobs:
           NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
       - name: Commit lint fixes if any
         run: |
-                git config --global user.name github-actions[bot]
-                git config --global user.email github-actions[bot]@users.noreply.github.com
-                git add pnpm-lock.yaml
-                git commit -m "Linting auto fix commit" -a --no-verify || true
-                git push  || true
+          git config --global user.name github-actions[bot]
+          git config --global user.email github-actions[bot]@users.noreply.github.com
+          git add pnpm-lock.yaml
+          if git commit -m "Linting auto fix commit" -a --no-verify; then
+            CHANGED_FILES=$(git diff-tree --no-commit-id --name-only -r HEAD)
+            if ! git push; then
+              echo "::error::Failed to push lint fixes to remote repository. The commit was created locally but could not be pushed."
+              echo "::error::Files that could not be committed: $CHANGED_FILES"
+              echo "Fix the eslint issues locally and push the changes."
+              exit 1
+            fi
+            echo "Lint fixes committed and pushed successfully"
+          else
+            echo "No lint fixes needed"
+          fi
@@ -26,7 +26,7 @@ jobs:
               uses: pnpm/[email protected]
               with:
                   run_install: |
-                    - args: [--frozen-lockfile]
+                      - args: [--frozen-lockfile]
             - name: Cache pnpm modules
               uses: actions/cache@v4
               env:
@@ -45,55 +45,69 @@ jobs:
             - name: Run build
               run: pnpm run build
               env:
-                NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
+                  NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
             - name: Run unit tests
               run: pnpm run test --tuiAutoExit
               env:
-                NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
+                  NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
             - name: Check for changeset files
               id: check_changeset_files
               uses: andstor/file-existence-action@v3
               with:
-                files: '.changeset/[!README]*.md'
-                fail: false
+                  files: '.changeset/[!README]*.md'
+                  fail: false
             - name: Validate changeset files if found
               if: steps.check_changeset_files.outputs.files_exists == 'true'
               run: pnpm changeset status
             - name: Cache playwright browsers
               id: cache-playwright-browsers
               uses: actions/cache@v4
               with:
-                path: |
-                  ${{ runner.os == 'Windows' }}:
-                    C:\Users\runneradmin\AppData\Local\ms-playwright
-                  ${{ runner.os != 'Windows' }}:
-                    ~/.cache/ms-playwright
-                key: playwright-browsers-os-${{ matrix.os }}-node-version-${{ matrix.node-version }}
+                  path: |
+                      ${{ runner.os == 'Windows' }}:
+                        C:\Users\runneradmin\AppData\Local\ms-playwright
+                      ${{ runner.os != 'Windows' }}:
+                        ~/.cache/ms-playwright
+                  key: playwright-browsers-os-${{ matrix.os }}-node-version-${{ matrix.node-version }}
             - name: Install playwright chrome browsers
               if: steps.cache-playwright-browsers.outputs.cache-hit != 'true'
               run: npx playwright install chrome
             - name: Run integration tests
               run: pnpm run test:integration
               env:
-                NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
+                  NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
             - name: Upload playwright reports
               if: failure()
               uses: actions/upload-artifact@v4
               with:
-                name: playwright-reports-os-${{ matrix.os }}-node-version-${{ matrix.node-version }}
-                path: |
-                  packages/*/playwright-report
-                  !packages/*/node_modules
-                retention-days: 15
-            - name: Delete node_modules before sonar scan (better performance)
-              if: matrix.os == 'ubuntu-latest' && matrix.node-version == '20.x'
-              run: find . -name 'node_modules' -type d -prune -exec rm -rf '{}' + && git restore .
+                  name: playwright-reports-os-${{ matrix.os }}-node-version-${{ matrix.node-version }}
+                  path: |
+                      packages/*/playwright-report
+                      !packages/*/node_modules
+                  retention-days: 15
             - name: Run SonarCloud scan
               if: matrix.os == 'ubuntu-latest' && matrix.node-version == '20.x'
-              uses: sonarsource/sonarqube-scan-action@v5
-              env:
-                  GITHUB_TOKEN: ${{ secrets.ACCESS_PAT }}
-                  SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+              shell: bash
+              run: |
+                  echo ${{ github.event.pull_request.number }} >> pr-event.txt
+                  echo ${{ github.event.pull_request.head.ref }} >> pr-event.txt
+                  echo ${{ github.event.pull_request.base.ref }} >> pr-event.txt
+
+            - name: 'Prepare output artifact'
+              if: matrix.os == 'ubuntu-latest' && matrix.node-version == '20.x'
+              shell: bash
+              run: touch output.tar && tar --exclude='./node_modules' --exclude='./dist' --exclude='./**/node_modules/**' --exclude='./**/dist/**' --exclude='./.git' --exclude 'output.tar' -czf output.tar .
+
+            - name: 'Upload sonar artifact'
+              if: matrix.os == 'ubuntu-latest' && matrix.node-version == '20.x'
+              uses: actions/upload-artifact@v4
+              with:
+                  name: sonar-artifact
+                  path: |
+                      pr-event.txt
+                      output.tar
+                  if-no-files-found: error
+                  retention-days: 1
     version:
         # Run version job only on pushes to the main branch. The job depends on completion of the build job.
         if: github.repository == 'SAP/open-ux-tools' && github.event_name == 'push' && github.ref == 'refs/heads/main'
@@ -110,8 +124,8 @@ jobs:
             - name: Setup pnpm
               uses: pnpm/[email protected]
               with:
-                run_install: |
-                  - args: [--frozen-lockfile]
+                  run_install: |
+                      - args: [--frozen-lockfile]
             - name: Cache pnpm modules
               uses: actions/cache@v4
               env:
@@ -156,8 +170,8 @@ jobs:
             - name: Setup pnpm
               uses: pnpm/[email protected]
               with:
-                run_install: |
-                  - args: [--frozen-lockfile]
+                  run_install: |
+                      - args: [--frozen-lockfile]
             - name: Cache pnpm modules
               uses: actions/cache@v4
               env:
@@ -173,13 +187,20 @@ jobs:
                   node-version: 20.x
             - name: Install pnpm modules
               run: pnpm install --frozen-lockfile
-            - name: Replace placeholder with instrumentation key
+            - name: Set instrumentation key in fiori-mcp-server
               uses: jacobtomlinson/gha-find-replace@v3
               with:
                   include: packages/fiori-mcp-server/src/telemetry/index.ts
                   find: 'ApplicationInsightsInstrumentationKeyPLACEH0LDER'
                   replace: ${{ secrets.INSTRUMENTATION_KEY }}
                   regex: false
+            - name: Set instrumentation key in sap-systems-ext
+              uses: jacobtomlinson/gha-find-replace@v3
+              with:
+                  include: packages/sap-systems-ext/src/utils/telemetryHelper.ts
+                  find: 'ApplicationInsightsInstrumentationKeyPLACEH0LDER'
+                  replace: ${{ secrets.INSTRUMENTATION_KEY }}
+                  regex: false
             - name: Run build
               run: pnpm run build
             - name: Setup npmrc with npmjs.com token
@@ -191,20 +212,72 @@ jobs:
                   publish: pnpm ci:publish
               env:
                   GITHUB_TOKEN: ${{ secrets.ACCESS_PAT }}
-            - name: Prepare Slack notification message
+            - name: Detect extension publication
+              if: steps.changesetPublish.outputs.published == 'true'
+              run: |
+                  PUBLISHED=$(echo '${{ steps.changesetPublish.outputs.publishedPackages }}' | jq -r '.[].name')
+                  # Extract the first package name matching sap-ux-*-ext
+                  EXT_PKG=$(echo "$PUBLISHED" | grep -E '^sap-ux-.*-ext$' | head -n 1 || true)
+
+                  if [ -n "$EXT_PKG" ]; then
+                    echo "EXTENSION_UPDATED=true" >> $GITHUB_ENV
+                    echo "EXT_PKG=$EXT_PKG" >> $GITHUB_ENV
+
+                    # Strip 'sap-ux-' prefix to derive directory name
+                    EXT_DIR_NAME=$(echo "$EXT_PKG" | sed 's/^sap-ux-//')
+                    echo "EXT_DIR=packages/${EXT_DIR_NAME}" >> $GITHUB_ENV
+                  else
+                    echo "EXTENSION_UPDATED=false" >> $GITHUB_ENV
+                  fi
+            - name: Read extension version
+              if: env.EXTENSION_UPDATED == 'true'
+              run: |
+                  EXT_VERSION=$(jq -r '.version' "${{ env.EXT_DIR }}/package.json")
+                  echo "EXT_VERSION=$EXT_VERSION" >> $GITHUB_ENV
+            - name: Package VSCode extension
+              if: env.EXTENSION_UPDATED == 'true'
+              run: pnpm --filter ${{ env.EXT_PKG }} ide-ext:package
+            - name: Create GitHub Release (extension)
+              if: env.EXTENSION_UPDATED == 'true'
+              uses: softprops/action-gh-release@v1
+              with:
+                  tag_name: ${{ env.EXT_PKG }}@${{ env.EXT_VERSION }}
+                  name: ${{ env.EXT_PKG }} v${{ env.EXT_VERSION }}
+                  body: 'Extension release: ${{ env.EXT_PKG }} v${{ env.EXT_VERSION }}'
+                  draft: true
+                  prerelease: false
+                  generate_release_notes: true
+                  files: ${{ env.EXT_DIR }}/*.vsix
+                  fail_on_unmatched_files: true
+              env:
+                  GITHUB_TOKEN: ${{ secrets.ACCESS_PAT }}
+            - name: Prepare Slack notification message (published packages)
               if: steps.changesetPublish.outputs.published == 'true'
               run: |
-                # Random delimiter required to support multi-line environment variable value
-                EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
-                echo "PUBLISHED_PACKAGES_MESSAGE<<$EOF" >> $GITHUB_ENV
-                # publishedPackages JSON format: '[{"name": "@sap-ux/axios-extension", "version": "1.0.2"}, {"name": "@sap-ux/fiori-freestyle-writer", "version": "0.15.12"}]'
-                echo "$(echo '${{ steps.changesetPublish.outputs.publishedPackages }}' | jq --raw-output 'map("*" + .name + "*" + " - " + "<https://www.npmjs.com/package/" + .name + "|" + .version + ">") | join("\\n")')" >> $GITHUB_ENV
-                echo "$EOF" >> $GITHUB_ENV
-            - name: Send Slack notification
+                  # Random delimiter required to support multi-line environment variable value
+                  EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
+                  echo "PUBLISHED_PACKAGES_MESSAGE<<$EOF" >> $GITHUB_ENV
+                  # publishedPackages JSON format: '[{"name": "@sap-ux/axios-extension", "version": "1.0.2"}, {"name": "@sap-ux/fiori-freestyle-writer", "version": "0.15.12"}]'
+                  echo "$(echo '${{ steps.changesetPublish.outputs.publishedPackages }}' | jq --raw-output 'map("*" + .name + "*" + " - " + "<https://www.npmjs.com/package/" + .name + "|" + .version + ">") | join("\\n")')" >> $GITHUB_ENV
+                  echo "$EOF" >> $GITHUB_ENV
+            - name: Prepare Slack notification message (extension release only)
+              if: env.EXTENSION_UPDATED == 'true'
+              run: |
+                  RELEASE_URL="https://github.com/${{ github.repository }}/releases/tag/${{ env.EXT_PKG }}@${{ env.EXT_VERSION }}"
+                  echo "EXT_RELEASE_MESSAGE=:package: Extension *${{ env.EXT_PKG }}* v${{ env.EXT_VERSION }} released - <${RELEASE_URL}|View on GitHub>" >> $GITHUB_ENV
+            - name: Send Slack notification (published packages)
               if: steps.changesetPublish.outputs.published == 'true'
               uses: slackapi/[email protected]
               with:
-                payload: |
-                  {"text": ":rocket: The following packages were published to npmjs.com:\n${{ env.PUBLISHED_PACKAGES_MESSAGE }}" }
+                  payload: |
+                      {"text": ":rocket: The following packages were published to npmjs.com:\n${{ env.PUBLISHED_PACKAGES_MESSAGE }}" }
+              env:
+                  SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+            - name: Send Slack notification (extension release)
+              if: env.EXTENSION_UPDATED == 'true'
+              uses: slackapi/[email protected]
+              with:
+                  payload: |
+                      {"text": "${{ env.EXT_RELEASE_MESSAGE }}" }
               env:
-                SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+                  SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
@@ -0,0 +1,55 @@
+name: 'Sonar'
+on:
+  workflow_run:
+    workflows: [ 'CI/CD Pipeline' ]
+    types:
+      - completed
+jobs:
+  sonar:
+    name: 'Sonar analysis'
+    runs-on: ubuntu-latest
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    permissions:
+      actions: read # Required to download artifacts
+    steps:
+      - name: 'Checkout project'
+        uses: actions/checkout@v5
+        with:
+          repository: ${{ github.event.workflow_run.head_repository.full_name }}
+          ref: ${{ github.event.workflow_run.head_branch }}
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of Sonar analysis
+
+      - name: 'Download cached artifact'
+        if: github.event_name == 'workflow_run'
+        uses: actions/download-artifact@v5
+        with:
+          name: sonar-artifact
+          run-id: ${{ github.event.workflow_run.id }}
+          github-token: ${{ secrets.ACCESS_PAT }}
+          merge-multiple: true
+
+      - name: 'Extract output artifact'
+        if: github.event_name == 'workflow_run'
+        shell: bash
+        run: tar -xf output.tar
+
+      - name: 'Read pull request event'
+        if: github.event_name == 'workflow_run'
+        shell: bash
+        run: |
+          echo "pr_number=$(sed '1q;d' pr-event.txt)" >> "$GITHUB_ENV"
+          echo "pr_head_ref=$(sed '2q;d' pr-event.txt)" >> "$GITHUB_ENV"
+          echo "pr_base_ref=$(sed '3q;d' pr-event.txt)" >> "$GITHUB_ENV"
+
+      - name: 'Run SonarCloud scan'
+        if: github.event_name == 'workflow_run'
+        uses: SonarSource/[email protected]
+        with:
+          args: >
+            ${{ github.event.workflow_run.event == 'pull_request' && format('{0}{1}', '-Dsonar.scm.revision=', github.event.workflow_run.head_sha) || '' }}
+            ${{ github.event.workflow_run.event == 'pull_request' && format('{0}{1}', '-Dsonar.pullrequest.key=', env.pr_number) || '' }}
+            ${{ github.event.workflow_run.event == 'pull_request' && format('{0}{1}', '-Dsonar.pullrequest.branch=', env.pr_head_ref) || '' }}
+            ${{ github.event.workflow_run.event == 'pull_request' && format('{0}{1}', '-Dsonar.pullrequest.base=', env.pr_base_ref) || '' }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.ACCESS_PAT }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}