update main #4

	name: CI

	on: [push]

	jobs:
	sast_scan:
	name: Run Bandit Scan
	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v2

	- name: Set up Python
	uses: actions/setup-python@v2
	with:
	python-version: 3.8

	- name: Install Bandit
	run: pip install bandit

	- name: Run Bandit Scan
	run: bandit -ll -ii -r . -f json -o bandit-report.json

	- name: Upload Artifact
	uses: actions/upload-artifact@v3
	if: always()
	with:
	name: bandit-findings
	path: bandit-report.json

	image_scan:
	name: Build Image and Run Imagen Scan
	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v2

	- name: Sep up Docker
	uses: docker-practice/actions-setup-docker@master
	with:
	docker_version: '20.10.7'

	- name: Build Docker Image
	run: docker build -f Dockerfile -t myapp:latest .

	- name: Docker Scout Scan
	uses: docker/[email protected]
	with:
	dockerhub-user: ${{ secrets.DOCKERHUB_USERNAME }}
	dockerhub-password: ${{ secrets.DOCKERHUB_TOKEN }}
	command: quickview,cves

Provide feedback