Add github workflow for scanning requirements of cve-bin-tool

.github/workflows/pythonapp.yml

@@ -237,3 +237,33 @@ jobs:
           pytest -v
           test/test_cvedb.py
           test/test_cli.py
+
+  cve_scan:
+    name: CVE Scan of requirements.csv
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Python
+        uses: actions/setup-python@v1
+        with:
+          python-version: 3.7
+      - name: get cached python packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.cache/pip
+          key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
+          restore-keys: |
+            ${{ runner.os }}-pip-
+      - name: get cached database
+        uses: actions/cache@v2
+        with:
+          path: ~/.cache/cve-bin-tool
+          key: ${{ runner.os }}-cve-bin-tool-${{ steps.get-date.outputs.date }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+      - name: Run CVE Binary tool against requirements.csv
+        run: |
+          python -m cve_bin_tool.cli requirements.csv