chore: Adding step for install (#37276)

## Description
Adding installation step.

Fixes #`37036`  

## Automation

/ok-to-test tags=""

### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results  -->
> [!CAUTION]  
> If you modify the content in this section, you are likely to disrupt
the CI result for your PR.

<!-- end of auto-generated comment: Cypress test results  -->


## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [x] No


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- **New Features**
- Enhanced vulnerability scanning with new checks for Docker Scout and
Trivy vulnerabilities.
- Added automatic logging and failure alerts for detected
vulnerabilities.

- **Bug Fixes**
- Improved error handling and control flow during Trivy installation and
scanning processes.

- **Chores**
- Updated scripts for better installation logic and output formatting
related to vulnerability data.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

.github/workflows/test-vulnerabilities-data.yml

@@ -61,7 +61,7 @@ jobs:
             "${{ github.event.pull_request.number }}" \
             "${{ github.event.pull_request.html_url }}" \
             "${{ github.run_id }}"
-
+      
       - name: Check for new vulnerabilities in Scout and Trivy files
         if: always()
         run: |
@@ -71,7 +71,7 @@ jobs:
             cat scout_new_vulnerabilities.csv
             exit 1  # Fail the job if data exists
           fi
-              
+          
           # Check if Trivy vulnerabilities file is not empty
           if [ -s "trivy_new_vulnerabilities.csv" ]; then
             echo "Trivy vulnerabilities detected."

scripts/scout_vulnerabilities_data.sh

@@ -21,6 +21,69 @@ GITHUB_PR_LINK="$3"
 GITHUB_RUN_ID="$4"
 OLD_VULN_FILE="${5:-vulnerability_base_data.csv}"
 
+# Function to install Docker Scout
+install_docker_scout() {
+    echo "Installing Docker Scout..."
+    local attempts=0
+    while [ $attempts -lt 5 ]; do
+        echo "Attempt $((attempts + 1))..."
+        curl -fsSL https://raw.githubusercontent.com/docker/scout-cli/main/install.sh -o install-scout.sh
+        sh install-scout.sh &> install_scout_log.txt
+        if [ $? -eq 0 ]; then
+            echo "Docker Scout installed successfully."
+            return 0
+        fi
+        echo "Attempt $((attempts + 1)) failed. Check install_scout_log.txt for details."
+        ((attempts++))
+        sleep 2
+    done
+    echo "Error: Docker Scout installation failed after $attempts attempts."
+    exit 1
+}
+
+# Check if Docker is installed
+if ! command -v docker &> /dev/null; then
+    echo "Error: Docker is not installed. Please install Docker and try again."
+    exit 1
+fi
+
+# Ensure Docker is running
+if ! systemctl is-active --quiet docker; then
+    echo "Starting Docker..."
+    sudo systemctl start docker
+fi
+
+# Check if Docker Scout is installed
+if ! command -v scout &> /dev/null; then
+    install_docker_scout
+fi
+
+# Prepare the output CSV file
+CSV_OUTPUT_FILE="scout_vulnerabilities.csv"
+rm -f "$CSV_OUTPUT_FILE"
+
+# Extract the product name from the image name
+case "$IMAGE" in
+    *appsmith/appsmith-ce:*) product_name="CE" ;;
+    *appsmith/appsmith-ee:*) product_name="EE" ;;
+    *appsmith/cloud-services:*) product_name="CLOUD" ;;
+    *) product_name="UNKNOWN" ;;
+esac
+
+# Fetch vulnerabilities and format the output correctly
+docker scout cves "$IMAGE" | grep -E "✗ |CVE-" | awk -v product_name="$product_name" -F' ' '
+{
+    # Check for valid vulnerability data and format it correctly
+    if ($2 != "" && $3 ~ /^CVE-/) {
+        # Extract severity level, CVE ID, and format output correctly
+        print $3","product_name",""SCOUT"","$2
+    }
+}' | sort -u > "$CSV_OUTPUT_FILE"
+
+# Check if the CSV output file is empty
+[ -s "$CSV_OUTPUT_FILE" ] || echo "No vulnerabilities found for image: $IMAGE" > "$CSV_OUTPUT_FILE"
+
+
 # Compare each vulnerability with the database and store new ones in a CSV file
 compare_and_store_vulns() {
   local new_vulns_file="scout_new_vulnerabilities.csv"
@@ -68,4 +131,4 @@ if [ -s "$CSV_OUTPUT_FILE" ]; then
   compare_and_store_vulns
 else
   echo "No vulnerabilities to process."
-fi
+fi

scripts/trivy_vulnerabilities_data.sh

@@ -88,7 +88,6 @@ else
     echo "No vulnerabilities found." > "$NEW_VULN_FILE"
 fi
 
-
 # Compare each vulnerability with the database and store new ones in a CSV file
 compare_and_store_vulns() {
     local new_vulns_file="trivy_new_vulnerabilities.csv"
@@ -154,4 +153,4 @@ else
 fi
 
 # Cleanup
-rm -f "trivy_vulnerabilities.json"
+rm -f "trivy_vulnerabilities.json"