From e59294938c068fcdc5b7cf0743249a4b31f0be29 Mon Sep 17 00:00:00 2001
From: Emmanuel <44951130+eoyewobi@users.noreply.github.com>
Date: Fri, 4 Oct 2024 09:56:04 -0700
Subject: [PATCH] Update and rename pylint.yml to CI.yml

---
 .github/workflows/CI.yml     | 67 ++++++++++++++++++++++++++++++++++++
 .github/workflows/pylint.yml | 24 -------------
 2 files changed, 67 insertions(+), 24 deletions(-)
 create mode 100644 .github/workflows/CI.yml
 delete mode 100644 .github/workflows/pylint.yml

diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
new file mode 100644
index 0000000..e855f5c
--- /dev/null
+++ b/.github/workflows/CI.yml
@@ -0,0 +1,67 @@
+name: CI
+
+on: [push]
+
+jobs:
+  sast_scan:
+    name: Run Bandit Scan
+    runs-on: ubuntu-latest
+
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v2
+
+    - name: Set up Python
+      uses: actions/setup-python@v2
+      with:
+       python-version: 3.8
+
+    - name: Install Bandit
+      run: pip install bandit
+
+    - name: Run Bandit Scan
+      run: bandit -ll -ii -r . -f json -o bandit-report.json
+
+    - name: Upload Artifact
+      uses: actions/upload-artifact@v3
+      if: always()
+      with: 
+        name: bandit-findings
+        path: bandit-report.json
+      
+  image_scan:
+    name: Build Image and Run Image Scan
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v2
+
+    - name: Set Up Docker
+      uses: docker-practice/actions-setup-docker@v1
+      with:
+        docker_version: '20.10.7'
+
+    - name: Build Docker Image
+      run: docker build -f Dockerfile -t myapp:latest .
+
+    - name: Login to Docker Hub
+      uses: docker/login-action@v3
+      with:
+        username: ${{ secrets.REPO_USR  }}
+        password: ${{ secrets.DOCKER_TOKEN }}
+
+    - name: Docker Scout Scan
+      uses: docker/scout-action@v1.8.0
+      with:
+        command: quickview,cves
+        only-severities: critical,high
+        sarif-file: scout-report.sarif
+
+    - name: Upload Artifact
+      uses: actions/upload-artifact@v3
+      if: always()
+      with: 
+        name: docker-scout-findings
+        path: scout-report.sarif
diff --git a/.github/workflows/pylint.yml b/.github/workflows/pylint.yml
deleted file mode 100644
index 663cab5..0000000
--- a/.github/workflows/pylint.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-name: Pylint
-
-on: [push]
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        python-version: ["3.8", "3.9", "3.10"]
-    steps:
-    - uses: actions/checkout@v3
-    - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v3
-      with:
-        python-version: ${{ matrix.python-version }}
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install -r requirements.txt
-        pip install pylint
-    - name: Analysing the code with pylint
-      run: |
-        pylint $(git ls-files '*.py')