Merge branch 'master' into nayeem-kamal/boomi-fix

Author: jordan-wong

.github/CODEOWNERS

@@ -110,3 +110,9 @@
 /internal-api/src/main/java/datadog/trace/api/EndpointCheckpointer.java                     @DataDog/profiling-java
 /internal-api/src/main/java/datadog/trace/api/EndpointTracker.java                          @DataDog/profiling-java
 /dd-smoke-tests/profiling-integration-tests/                                                @DataDog/profiling-java
+
+# @DataDog/ml-observability
+dd-trace-api/src/main/java/datadog/trace/api/llmobs/ @DataDog/ml-observability
+dd-java-agent/agent-llmobs/                          @DataDog/ml-observability
+dd-trace-core/src/main/java/datadog/trace/llmobs/    @DataDog/ml-observability
+dd-trace-core/src/test/groovy/datadog/trace/llmobs/  @DataDog/ml-observability

.github/workflows/README.md

@@ -85,13 +85,6 @@ _Action:_
 
 _Recovery:_ Check at the milestone for the related issues and update them manually.
 
-### prune-github-container-registry [🔗](prune-github-container-registry.yaml)
-
-_Trigger:_ Every day or manually.
-
-_Action:_ Clean up old lib-injection OCI images from GitHub Container Registry.
-
-_Recovery:_ Manually trigger the action again.
 
 ### prune-old-pull-requests [🔗](prune-old-pull-requests.yaml)
 
@@ -115,16 +108,6 @@ _Action:_
 
 _Notes:_ Results are sent on both production and staging environments.
 
-### check-ci-pipelines [🔗](check-ci-pipelines.yaml)
-
-_Trigger:_ When opening or updating a PR.
-
-_Action:_ This action will check all other continuous integration jobs (Github action, Gitlab, CircleCi), and will fail if any of them fails.
-The purpose of this job is to be required for PR merges, achieving Green CI Policy.
-It got an `ignored` parameters to exclude some jobs if they are temprorary failing.
-
-_Recovery:_ Manually trigger the action on the desired branch.
-
 ### comment-on-submodule-update [🔗](comment-on-submodule-update.yaml)
 
 _Trigger:_ When creating a PR commits to `master` or a `release/*` branch with a Git Submodule update.

.github/workflows/analyze-changes.yaml

@@ -40,7 +40,7 @@ jobs:
             ${{ runner.os }}-gradle-
         
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+        uses: github/codeql-action/init@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
         with:
           languages: 'java'
           build-mode: 'manual'
@@ -57,7 +57,7 @@ jobs:
             --build-cache --parallel --stacktrace --no-daemon --max-workers=4
 
       - name: Perform CodeQL Analysis and upload results to GitHub Security tab
-        uses: github/codeql-action/analyze@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+        uses: github/codeql-action/analyze@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
 
   trivy:
     name: Analyze changes with Trivy
@@ -109,7 +109,7 @@ jobs:
           ls -laR "./workspace/.trivy"
 
       - name: Run Trivy security scanner
-        uses: aquasecurity/trivy-action@6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5 # v0.30.0
+        uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4 # v0.32.0
         with:
           scan-type: rootfs
           scan-ref: './workspace/.trivy/'
@@ -122,7 +122,7 @@ jobs:
           TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+        uses: github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
         if: always()
         with:
           sarif_file: 'trivy-results.sarif'

.github/workflows/check-ci-pipelines.yml

@@ -62,3 +62,12 @@ jobs:
       scenarios_groups: tracer-release
       excluded_scenarios: CROSSED_TRACING_LIBRARIES,INTEGRATIONS_AWS,APM_TRACING_E2E_OTEL,APM_TRACING_E2E_SINGLE_SPAN,PROFILING  # require AWS and datadog credentials 
       skip_empty_scenarios: true
+
+  # Ensure the main job is run to completion
+  check:
+    name: Check system tests success
+    runs-on: ubuntu-latest
+    needs:
+    - main
+    steps:
+    - run: exit 0

.github/workflows/prune-github-container-registry.yaml

@@ -52,7 +52,7 @@ jobs:
           echo "::notice::Using Docker build image tag: ${TAG}"
       - name: Update the Docker build image in GitLab CI config
         run: |
-          sed -i 's|JAVA_BUILD_IMAGE_VERSION:.*|JAVA_BUILD_IMAGE_VERSION:"${{ steps.define-tag.outputs.tag }}"|' .gitlab-ci.yml
+          sed -i '' -E 's|(BUILDER_IMAGE_VERSION_PREFIX:)[^#]*([#].*)|\1 "${{ steps.define-tag.outputs.tag }}-" \2|' .gitlab-ci.yml
       - name: Commit and push changes
         env:
           GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

.github/workflows/run-system-tests.yaml

@@ -64,13 +64,15 @@ replay_pid*
 # Magic for local JMC built
 /vendor/jmc-libs
 
-# CircleCI #
-############
-_circle_ci_cache_*
-upstream.env
-/.circleci/config.continue.yml
-
 # Benchmarks #
 benchmark/reports
 benchmark/tracer
 benchmark/dacapo/scratch
+
+# JDK provisioning tools #
+# mise
+mise*.local.toml
+.mise*.local.toml
+.config/mise*.toml
+# asdf
+.tool-versions