merged in master

Signed-off-by: Amndeep Singh Mann <[email protected]>

.github/workflows/anchore-syft.yml

@@ -0,0 +1,38 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# This workflow checks out code, builds an image, performs a container image
+# scan with Anchore's Syft tool, and uploads the results to the GitHub Dependency
+# submission API.
+
+# For more information on the Anchore sbom-action usage
+# and parameters, see https://github.com/anchore/sbom-action. For more
+# information about the Anchore SBOM tool, Syft, see
+# https://github.com/anchore/syft
+name: Anchore Syft SBOM scan
+
+on:
+  push:
+    branches: [ "master" ]
+
+permissions:
+  contents: write
+
+jobs:
+  Anchore-Build-Scan:
+    permissions:
+      contents: write # required to upload to the Dependency submission API
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout the code
+      uses: actions/checkout@v4
+    - name: Build the Docker image
+      run: docker build . --file Dockerfile --tag localbuild/testimage:latest
+    - name: Scan the image and upload dependency results
+      uses: anchore/sbom-action@bb716408e75840bbb01e839347cd213767269d4a
+      with:
+        image: "localbuild/testimage:latest"
+        artifact-name: image.spdx.json
+        dependency-snapshot: true

.github/workflows/gh-pages.yml

@@ -28,7 +28,7 @@ jobs:
         run: 'echo "heimdall-lite.mitre.org" > ./dist/frontend/CNAME'
 
       - name: deploy
-        uses: peaceiris/actions-gh-pages@v3
+        uses: peaceiris/actions-gh-pages@v4
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           publish_dir: ./dist/frontend

.github/workflows/push-lite-to-docker.yml

@@ -8,21 +8,21 @@ jobs:
   docker:
     runs-on: ubuntu-22.04
     steps:
+      - name: Checkout the Heimdall Repository
+        uses: actions/checkout@v4
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
       - name: Login to DockerHub
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Checkout the Heimdall Repository
-        uses: actions/checkout@v4
       - name: Build and push
         id: docker_build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: Dockerfile.lite
           push: true
-          platforms: 'linux/amd64'
+          platforms: linux/amd64
           tags: mitre/heimdall-lite:latest

.github/workflows/push-server-to-docker.yml

@@ -21,9 +21,9 @@ jobs:
           fetch-depth: 0
       - name: Build and push
         id: docker_build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           push: true
-          platforms: 'linux/amd64'
+          platforms: linux/amd64
           tags: mitre/heimdall2:latest

.github/workflows/release-lite-to-docker.yml

@@ -8,8 +8,6 @@ jobs:
   docker:
     runs-on: ubuntu-22.04
     steps:
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
       - name: Run string replace # remove the v from the version number before using it in the docker tag
         uses: frabert/replace-string-action@v2
         id: format-tag
@@ -18,19 +16,21 @@ jobs:
           string: '${{ github.event.release.tag_name }}'
           replace-with: ''
           flags: 'g'
+      - name: Checkout the Heimdall Repository
+        uses: actions/checkout@v4
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
       - name: Login to DockerHub
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Checkout the Heimdall Repository
-        uses: actions/checkout@v4
       - name: Build and push
         id: docker_build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: Dockerfile.lite
           push: true
-          platforms: 'linux/amd64'
+          platforms: linux/amd64
           tags: mitre/heimdall-lite:release-latest,mitre/heimdall-lite:${{ steps.format-tag.outputs.replaced }}

.github/workflows/release-server-to-docker.yml

@@ -13,13 +13,6 @@ jobs:
   docker:
     runs-on: ubuntu-22.04
     steps:
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-      - name: Login to DockerHub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
       - name: Run string replace # remove the v from the version number before using it in the docker tag
         uses: frabert/replace-string-action@v2
         id: format-tag
@@ -30,13 +23,20 @@ jobs:
           flags: 'g'
       - name: Checkout the Heimdall Repository
         uses: actions/checkout@v4
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
       - name: Build and push
         id: docker_build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           push: true
-          platforms: 'linux/amd64'
+          platforms: linux/amd64
           tags: mitre/heimdall2:release-latest,mitre/heimdall2:${{ steps.format-tag.outputs.replaced }}
       - name: Get Docker SHA
         shell: bash