Fixed code-scan workflow for the bandit (#925)

<!-- Contributing guide:
https://github.com/openvinotoolkit/datumaro/blob/develop/CONTRIBUTING.md
-->

### Summary
Fixed code-scan workflow for the bandit
<!--
Resolves #111 and #222.
Depends on #1000 (for series of dependent commits).

This PR introduces this capability to make the project better in this
and that.

- Added this feature
- Removed that feature
- Fixed the problem #1234
-->

### How to test
<!-- Describe the testing procedure for reviewers, if changes are
not fully covered by unit tests or manual testing can be complicated.
-->

### Checklist
<!-- Put an 'x' in all the boxes that apply -->
- [ ] I have added unit tests to cover my changes.​
- [ ] I have added integration tests to cover my changes.​
- [ ] I have added the description of my changes into
[CHANGELOG](https://github.com/openvinotoolkit/datumaro/blob/develop/CHANGELOG.md).​
- [ ] I have updated the
[documentation](https://github.com/openvinotoolkit/datumaro/tree/develop/docs)
accordingly

### License

- [ ] I submit _my code changes_ under the same [MIT
License](https://github.com/openvinotoolkit/datumaro/blob/develop/LICENSE)
that covers the project.
  Feel free to contact the maintainers if that's a concern.
- [ ] I have updated the license header for each file (see an example
below).

```python
# Copyright (C) 2023 Intel Corporation
#
# SPDX-License-Identifier: MIT
```

.github/workflows/code_scan.yml

@@ -16,11 +16,10 @@ jobs:
         uses: actions/setup-python@v4
         with:
           python-version: 3.8
-      - name: Run checks
-        run: |
-          pip install --user -r tests/requirements-linters.txt
-          echo "Bandit version: "`bandit --version | head -1`
-          bandit -r -c ipas_default.config ./ -f txt -o bandit-report.txt
+      - name: Install dependencies
+        run: python -m pip install tox
+      - name: Bandit Scanning
+        run: tox -e bandit-scan
       - name: Upload Bandit artifact
         uses: actions/upload-artifact@v3
         with:

ipas_default.config

@@ -90,6 +90,13 @@ tests:
 skips:
   [ 'B101', 'B102', 'B103', 'B104', 'B105', 'B106', 'B107', 'B108', 'B110', 'B112', 'B201', 'B501', 'B502', 'B503', 'B504', 'B505', 'B506', 'B507', 'B601', 'B602', 'B603', 'B604', 'B605', 'B606', 'B607', 'B608', 'B609', 'B610', 'B611', 'B701', 'B702', 'B703']
 
+# Added to exclude some path which are not actual source code for this project
+exclude_dirs: [
+  '.tox/',
+  '.vscode/',
+  '.git/',
+]
+
 ### (optional) plugin settings - some test plugins require configuration data
 ### that may be given here, per-plugin. All bandit test plugins have a built in
 ### set of sensible defaults and these will be used if no configuration is

tox.ini

@@ -1,11 +1,17 @@
 [tox]
 isolated_build = true
 skip_missing_interpreters = true
-envlist =
-    pre-commit
+
 
 [testenv:pre-commit]
 basepython = python3
 deps =
     pre-commit
 commands = pre-commit run --show-diff-on-failure --color=always --all-files
+
+
+[testenv:bandit-scan]
+deps =
+    bandit
+commands =
+    - bandit -r -c {toxinidir}/ipas_default.config {toxinidir}/ -f txt -o {toxworkdir}/bandit-report.txt