ansible-hardening/tox.ini
Major Hayden 875f635ab4 [Docs] Overhaul STIG by tag docs
This patch gets rid of the old "special notes" section that was a
dead-end in the documentation and replaces it with a brief header
followed by a dynamically-generated list of tag-specific
documentation. All of this sits underneath the "Hardening Domains"
section.

It also splits the "Deviations" documentation into its own section
because it's quite important for a deployer to review.

The patch also includes a link to video/slides from the Boston
Summit, which provided the latest updates for the project and some
background on how everything fits together.

Change-Id: I1a5e78733c301335fe1bcfcee36cc146d690b841
2017-06-13 06:33:16 +00:00

132 lines
3.1 KiB
INI

[tox]
minversion = 2.0
skipsdist = True
envlist = docs,linters,functional
[testenv]
usedevelop = True
install_command =
pip install -c{env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt} {opts} {packages}
deps =
-r{toxinidir}/test-requirements.txt
commands =
/usr/bin/find . -type f -name "*.pyc" -delete
passenv =
HOME
http_proxy
HTTP_PROXY
https_proxy
HTTPS_PROXY
no_proxy
NO_PROXY
whitelist_externals =
bash
setenv =
PYTHONUNBUFFERED=1
ROLE_NAME=ansible-hardening
TEST_CHECK_MODE=true
TEST_IDEMPOTENCE=true
VIRTUAL_ENV={envdir}
WORKING_DIR={toxinidir}
[testenv:docs]
commands=
bash -c "rm -rf doc/build"
# NOTE(mhayden): doc8 really dislikes the automated docs. This should be
# enabled again later.
#doc8 doc
python setup.py build_sphinx
[doc8]
# Settings for doc8:
extensions = .rst
allow-long-titles=1
[testenv:releasenotes]
commands =
sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
# environment used by the -infra templated docs job
[testenv:venv]
commands =
{posargs}
[testenv:pep8]
commands =
bash -c "{toxinidir}/tests/tests-repo-clone.sh"
bash -c "{toxinidir}/tests/common/test-pep8.sh"
[flake8]
# Ignores the following rules due to how ansible modules work in general
# F403 'from ansible.module_utils.basic import *' used;
# unable to detect undefined names
ignore=F403
[testenv:bashate]
commands =
bash -c "{toxinidir}/tests/tests-repo-clone.sh"
bash -c "{toxinidir}/tests/common/test-bashate.sh"
[testenv:ansible]
deps =
{[testenv]deps}
-rhttps://git.openstack.org/cgit/openstack/openstack-ansible-tests/plain/test-ansible-deps.txt
[testenv:ansible-syntax]
deps =
{[testenv:ansible]deps}
commands =
bash -c "{toxinidir}/tests/tests-repo-clone.sh"
bash -c "{toxinidir}/tests/common/test-ansible-syntax.sh"
[testenv:ansible-lint]
deps =
{[testenv:ansible]deps}
commands =
bash -c "{toxinidir}/tests/tests-repo-clone.sh"
bash -c "{toxinidir}/tests/common/test-ansible-lint.sh"
[testenv:functional]
deps =
{[testenv:ansible]deps}
setenv =
{[testenv]setenv}
# NOTE(mhayden): Disabling chrony since it causes conflicts in CI.
ANSIBLE_PARAMETERS=-e security_rhel7_enable_chrony=no
commands =
bash -c "{toxinidir}/tests/tests-repo-clone.sh"
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"
[testenv:func_rhel6]
deps =
{[testenv:ansible]deps}
setenv =
{[testenv]setenv}
# NOTE(mhayden): Disabling chrony since it causes conflicts in CI.
ANSIBLE_PARAMETERS=-e stig_version=rhel6 --skip-tags V-38462,V-38660 -e security_enable_chrony=no
commands =
bash -c "{toxinidir}/tests/tests-repo-clone.sh"
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"
[testenv:linters]
deps =
{[testenv:ansible]deps}
commands =
{[testenv:pep8]commands}
{[testenv:bashate]commands}
{[testenv:ansible-lint]commands}
{[testenv:ansible-syntax]commands}
{[testenv:docs]commands}