From 2fc650c350d803ccab9039d67128219fde1194e6 Mon Sep 17 00:00:00 2001
From: mmdbalkhi <ahmdparsh129@gmail.com>
Date: Fri, 18 Feb 2022 14:25:00 +0330
Subject: [PATCH] add build action

---
 .github/CODEOWNERS                 |  3 +++
 .github/workflows/bandit.yaml      | 12 ++++++++++
 .github/workflows/iso-build.yaml   | 38 ++++++++++++++++++++++++++++++
 iso/airootfs/var/lib/iwd/.gitempty |  0
 4 files changed, 53 insertions(+)
 create mode 100644 .github/CODEOWNERS
 create mode 100644 .github/workflows/bandit.yaml
 create mode 100644 .github/workflows/iso-build.yaml
 create mode 100644 iso/airootfs/var/lib/iwd/.gitempty

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..91951ee
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,3 @@
+# As per https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners#example-of-a-codeowners-file
+
+* @mmdbalkhi
diff --git a/.github/workflows/bandit.yaml b/.github/workflows/bandit.yaml
new file mode 100644
index 0000000..2123ba9
--- /dev/null
+++ b/.github/workflows/bandit.yaml
@@ -0,0 +1,12 @@
+on: [ push, pull_request ]
+name: Bandit security checkup
+jobs:
+    flake8:
+        runs-on: ubuntu-latest
+        container:
+            image: archlinux:latest
+        steps:
+            - uses: actions/checkout@v2
+            - run: pacman --noconfirm -Syu bandit
+            - name: Security checkup with Bandit
+              run: bandit -r archinstall || exit 0
\ No newline at end of file
diff --git a/.github/workflows/iso-build.yaml b/.github/workflows/iso-build.yaml
new file mode 100644
index 0000000..4113d9f
--- /dev/null
+++ b/.github/workflows/iso-build.yaml
@@ -0,0 +1,38 @@
+# This workflow will build an Arch Linux ISO file with the commit on it
+
+name: Build Arch ISO with ArchInstall Commit
+on:
+  push:
+    branches:
+      - master
+      - main # In case we adopt this convention in the future
+  pull_request:
+    paths-ignore:
+      - "**.editorconfig"
+      - "**.gitignore"
+      - "**.md"
+      - "LICENSE"
+  release:
+    types:
+      - created
+    schedule:
+      - cron: "0 0 0 1 1/3 ? *"
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    container:
+      image: archlinux:latest
+      options: --privileged
+    steps:
+      - uses: crazy-max/ghaction-import-gpg@v4
+        with:
+          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.PASSPHRASE }}
+      - uses: actions/checkout@v2
+      - run: pacman -Sy; pacman --noconfirm -S git archiso
+      - run: cd iso; mkarchiso -v -w work/ -o out/ ./ -g ${{ secrets.GPGID }}
+      - uses: actions/upload-artifact@v2
+        with:
+          name: Parch Live ISO
+          path: out/*.iso
diff --git a/iso/airootfs/var/lib/iwd/.gitempty b/iso/airootfs/var/lib/iwd/.gitempty
new file mode 100644
index 0000000..e69de29