fix: tidy up Dockerfile and repo and add security check

[shawaj]

• Change to MIT license and update company name
• add inline comments to dockerfile
• remove unnecessary build steps
• remove wget
• brings variant definitions into source control
• make files executable and remove chmod commands from dockerfile
• delete unused file
• enable bandit security audit workflow
• fix some issues found by bandit security audit
• remove typo in configurePktFwd.py
• add newer regions and more info to readme
• fix some typos and remove commented code
• change to balenalib image
• remove older os.system and os.popen calls and update to subprocess

Relates-to: #20 Relates-to: #21 Signed-off-by: Aaron Shaw shawaj@gmail.com

[shawaj]

cc @marvinmarnold @vpetersson @robputt if you could take a look and see if this all makes sense 👍

i am sure there is more that can be improved, but hopefully this is a useful initial stab

[vpetersson]

@shawaj Don't leave commented code behind in the files. If we need to revert it later, we can pull the history from git.

[shawaj]

@vpetersson where did you find the commented code? Think I removed the last of it in the latest commit?

[vpetersson]

@vpetersson where did you find the commented code? Think I removed the last of it in the latest commit?

My bad. Either i reviewed a previous version or i misread.

[vpetersson]

@robputt / @marvinmarnold could either of you review this please?

[shawaj]

@vpetersson have squashed the commits to make it easier :-)

[shawaj]

@marvinmarnold @robputt the only thing I am not sure of now is how to fix the python security audit issues.

Have taken them down from "high" severity to "low" however still throwing up errors and out of my depth now.

I guess the answer is maybe to directly implement them in python rather than using subprocess, but not sure if that is possible?

EDIT: looks like it is not possible to pass this test due to an error in its implementation so perhaps we just need to add # nosec to these lines?

Also I think the B607 error is potentially a bug in bandit. Have filed a bug report at https://github.com/PyCQA/bandit/issues/726

[marvinmarnold]

EDIT: looks like it is not possible to pass this test due to an error in its implementation so perhaps we just need to add # nosec to these lines?

Agreed that #nosec is the best fix until this is fixed upstream.

[shawaj]

Agreed that #nosec is the best fix until this is fixed upstream.

@marvinmarnold ok added that now too.

Have re-requested review as think that is all sorted now and all checks / builds seem to be passing