Add tox job for the bandit python security linter
Bandit is a job that parses and analyzes python code to detect common insecure programming practices. TrivialFix Change-Id: Iea23a9bd23b25827043f02aa1a62fb0724f1d0ee
This commit is contained in:
Dave McCowan
Steven Dake
parent
1015993808
commit
39b8150f66
@ -1,6 +1,7 @@
|
|||||||
# The order of packages is significant, because pip processes them in the order
|
# The order of packages is significant, because pip processes them in the order
|
||||||
# of appearance. Changing the order has an impact on the overall integration
|
# of appearance. Changing the order has an impact on the overall integration
|
||||||
# process, which may cause wedges in the gate later.
|
# process, which may cause wedges in the gate later.
|
||||||
|
bandit>=0.17.3 # Apache-2.0
|
||||||
bashate>=0.2 # Apache-2.0
|
bashate>=0.2 # Apache-2.0
|
||||||
hacking>=0.10.0
|
hacking>=0.10.0
|
||||||
oslo.log>=1.14.0 # Apache-2.0
|
oslo.log>=1.14.0 # Apache-2.0
|
||||||
|
|||||||
3
tox.ini
3
tox.ini
@ -24,6 +24,9 @@ commands =
|
|||||||
{toxinidir}/tools/validate-all-yaml.sh
|
{toxinidir}/tools/validate-all-yaml.sh
|
||||||
{toxinidir}/tools/validate-all-maintainer.sh
|
{toxinidir}/tools/validate-all-maintainer.sh
|
||||||
|
|
||||||
|
[testenv:bandit]
|
||||||
|
commands = bandit -r ansible/library dev docker kolla tests tools
|
||||||
|
|
||||||
[testenv:venv]
|
[testenv:venv]
|
||||||
commands = {posargs}
|
commands = {posargs}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user