R003: 👮 Convert all remaining Python projects to Pipenv and Trivy

[tamsinforbes]

User Need

As an Operations Engineer
I want all our Python projects to follow the same dependency security standards
so that our codebase is robust

Value
Pipenv allows pinning of transitory dependencies as well as primary dependencies.
Trivy provides comprehensive coverage of vulnerability scanning.
Converting all python projects to this standard improves overall security posture.

Functional Requirements (What):
For each Operations Engineering repository running Python

• Set up Pipenv
• Set up Trivy

Non-Functional Requirements (How):

• Convert requirements.txt to Pipfile
• Update any GitHub workflows / Docker config etc to run commands within the pipenv environment
• Test repo still functions as required
• Set up Trivy and test it works as expected

Acceptance Criteria:

The above completed for each of these repositories or decision that it is not required.

• operations-engineering
• dns-form
• dns
• github-actions
• operations-engineering-reports
• operations-engineering-kpi-dashboard
• operations-engineering-example
• operations-engineering-certificate-renewal
• operations-engineering-support-metadata
• operations-engineering-metadata-poc
• operations-engineering-acronyms-app-poc

Notes:

[connormaglynn]

done