add build action

.github/CODEOWNERS

@@ -0,0 +1,3 @@
+# As per https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners#example-of-a-codeowners-file
+
+* @mmdbalkhi

.github/workflows/bandit.yaml

@@ -0,0 +1,12 @@
+on: [ push, pull_request ]
+name: Bandit security checkup
+jobs:
+    flake8:
+        runs-on: ubuntu-latest
+        container:
+            image: archlinux:latest
+        steps:
+            - uses: actions/checkout@v2
+            - run: pacman --noconfirm -Syu bandit
+            - name: Security checkup with Bandit
+              run: bandit -r archinstall || exit 0

.github/workflows/iso-build.yaml

@@ -0,0 +1,38 @@
+# This workflow will build an Arch Linux ISO file with the commit on it
+
+name: Build Arch ISO with ArchInstall Commit
+on:
+  push:
+    branches:
+      - master
+      - main # In case we adopt this convention in the future
+  pull_request:
+    paths-ignore:
+      - "**.editorconfig"
+      - "**.gitignore"
+      - "**.md"
+      - "LICENSE"
+  release:
+    types:
+      - created
+    schedule:
+      - cron: "0 0 0 1 1/3 ? *"
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    container:
+      image: archlinux:latest
+      options: --privileged
+    steps:
+      - uses: crazy-max/ghaction-import-gpg@v4
+        with:
+          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.PASSPHRASE }}
+      - uses: actions/checkout@v2
+      - run: pacman -Sy; pacman --noconfirm -S git archiso
+      - run: cd iso; mkarchiso -v -w work/ -o out/ ./ -g ${{ secrets.GPGID }}
+      - uses: actions/upload-artifact@v2
+        with:
+          name: Parch Live ISO
+          path: out/*.iso