diff options
| author |   Cédric Ollivier <cedric.ollivier@orange.com> | 2019-05-25 11:10:55 +0200 |
|---|---|---|
| committer | Cédric Ollivier <cedric.ollivier@orange.com> | 2019-05-25 11:27:13 +0200 |
| commit | a58d60b1a0ecab56c140ab5a1b074d5d18ad8051 (patch) | |
| tree | f4b5564adee31bcc7b426a9f299b24c52d9b9ba0 | |
| parent | 94b00b4a8fe8f338d2ad60a7c9836013154bb704 (diff) | |
Run bandit when verifying changes
It reports only MEDIUM issues or higher like nova [1].
It selects bandit 1.1.0 as defined in nova and neutron lower
constraints [2].
[1] https://github.com/openstack/nova/blob/master/tox.ini#L221
[2] https://github.com/openstack/nova/blob/master/lower-constraints.txt#L8
Change-Id: I6fc505f684701792d3e03659eb0feea8321452c0
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
(cherry picked from commit 0440ffcac18991395799e5aafc9243e028917ab6)
| -rw-r--r-- | test-requirements.txt | 1 | ||||
| -rw-r--r-- | tox.ini | 7 | ||||
| -rw-r--r-- | upper-constraints.txt | 1 |
3 files changed, 8 insertions, 1 deletions
diff --git a/test-requirements.txt b/test-requirements.txt index eedefcd43..db30c7f85 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -14,3 +14,4 @@ doc8 # Apache-2.0 bashate # Apache-2.0 lfdocs-conf sphinx-opnfv-theme +bandit @@ -1,5 +1,5 @@ [tox] -envlist = docs,pep8,pylint,yamllint,ansiblelint,bashate,py27,perm,cover +envlist = docs,pep8,pylint,yamllint,ansiblelint,bashate,bandit,py27,perm,cover [testenv] usedevelop = True @@ -75,6 +75,11 @@ files = build.sh commands = bashate {[testenv:bashate]files} + +[testenv:bandit] +basepython = python2.7 +commands = bandit -r functest -x tests -n 5 -ll -s B601,B602 + [testenv:cover] basepython = python2.7 dirs = diff --git a/upper-constraints.txt b/upper-constraints.txt index a9a45d70c..4c7041bc3 100644 --- a/upper-constraints.txt +++ b/upper-constraints.txt @@ -20,3 +20,4 @@ networking-bgpvpn===9.0.0 networking-sfc===7.0.0 neutron===13.0.2 os-faults===0.1.18 +bandit===1.1.0 |