Turn on bandit check as part of pep8
Add bandit job as part of pep8 in tox.ini Had to fix one issue and mark two instances of try except pass as OK so that bandit will pass Change-Id: Ia1c96e27d1bae360c6ae0d4131665e2b712f573f
This commit is contained in:
parent
70f75304ff
commit
7082ded836
@ -1,4 +1,4 @@
|
|||||||
# (C) Copyright 2014-2016 Hewlett Packard Enterprise Development Company LP
|
# (C) Copyright 2014-2017 Hewlett Packard Enterprise Development LP
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
@ -100,7 +100,9 @@ def clean_exit(signum, frame=None):
|
|||||||
if process.is_alive():
|
if process.is_alive():
|
||||||
process.terminate() # Sends sigterm which any processes after a notification is sent attempt to handle
|
process.terminate() # Sends sigterm which any processes after a notification is sent attempt to handle
|
||||||
wait_for_exit = True
|
wait_for_exit = True
|
||||||
except Exception:
|
except Exception: # nosec
|
||||||
|
# There is really nothing to do if the kill fails, so just go on.
|
||||||
|
# The # nosec keeps bandit from reporting this as a security issue
|
||||||
pass
|
pass
|
||||||
|
|
||||||
# wait for a couple seconds to give the subprocesses a chance to shut down correctly.
|
# wait for a couple seconds to give the subprocesses a chance to shut down correctly.
|
||||||
@ -112,7 +114,9 @@ def clean_exit(signum, frame=None):
|
|||||||
LOG.debug('Killing pid %s' % child.pid)
|
LOG.debug('Killing pid %s' % child.pid)
|
||||||
try:
|
try:
|
||||||
os.kill(child.pid, signal.SIGKILL)
|
os.kill(child.pid, signal.SIGKILL)
|
||||||
except Exception:
|
except Exception: # nosec
|
||||||
|
# There is really nothing to do if the kill fails, so just go on.
|
||||||
|
# The # nosec keeps bandit from reporting this as a security issue
|
||||||
pass
|
pass
|
||||||
|
|
||||||
if signum == signal.SIGTERM:
|
if signum == signal.SIGTERM:
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
# (C) Copyright 2016 Hewlett Packard Enterprise Development Company LP
|
# (C) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
@ -18,7 +18,7 @@ influxdb_opts = [cfg.StrOpt('database_name'),
|
|||||||
cfg.StrOpt('ip_address'),
|
cfg.StrOpt('ip_address'),
|
||||||
cfg.StrOpt('port'),
|
cfg.StrOpt('port'),
|
||||||
cfg.StrOpt('user'),
|
cfg.StrOpt('user'),
|
||||||
cfg.StrOpt('password')]
|
cfg.StrOpt('password', secret=True)]
|
||||||
|
|
||||||
influxdb_group = cfg.OptGroup(name='influxdb', title='influxdb')
|
influxdb_group = cfg.OptGroup(name='influxdb', title='influxdb')
|
||||||
cfg.CONF.register_group(influxdb_group)
|
cfg.CONF.register_group(influxdb_group)
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
# The order of packages is significant, because pip processes them in the order
|
# The order of packages is significant, because pip processes them in the order
|
||||||
# of appearance. Changing the order has an impact on the overall integration
|
# of appearance. Changing the order has an impact on the overall integration
|
||||||
# process, which may cause wedges in the gate later.
|
# process, which may cause wedges in the gate later.
|
||||||
|
bandit>=1.1.0 # Apache-2.0
|
||||||
flake8<2.6.0,>=2.5.4 # MIT
|
flake8<2.6.0,>=2.5.4 # MIT
|
||||||
hacking!=0.13.0,<0.14,>=0.12.0 # Apache-2.0
|
hacking!=0.13.0,<0.14,>=0.12.0 # Apache-2.0
|
||||||
coverage>=4.0 # Apache-2.0
|
coverage>=4.0 # Apache-2.0
|
||||||
|
14
tox.ini
14
tox.ini
@ -50,11 +50,19 @@ commands =
|
|||||||
oslo_debug_helper -t monasca_persister/tests {posargs}
|
oslo_debug_helper -t monasca_persister/tests {posargs}
|
||||||
|
|
||||||
[testenv:pep8]
|
[testenv:pep8]
|
||||||
commands = flake8
|
deps =
|
||||||
|
{[testenv]deps}
|
||||||
|
commands =
|
||||||
|
{[testenv:flake8]commands}
|
||||||
|
{[bandit]commands}
|
||||||
|
|
||||||
[testenv:venv]
|
[testenv:venv]
|
||||||
commands = {posargs}
|
commands = {posargs}
|
||||||
|
|
||||||
|
[testenv:flake8]
|
||||||
|
commands =
|
||||||
|
flake8 monasca_persister
|
||||||
|
|
||||||
[flake8]
|
[flake8]
|
||||||
max-line-length = 120
|
max-line-length = 120
|
||||||
# TODO: ignored checks should be enabled in the future
|
# TODO: ignored checks should be enabled in the future
|
||||||
@ -62,3 +70,7 @@ max-line-length = 120
|
|||||||
# H904 Wrap long lines in parentheses instead of a backslash
|
# H904 Wrap long lines in parentheses instead of a backslash
|
||||||
ignore = F821,H405,H904,E126,E125,H306,E302,E122
|
ignore = F821,H405,H904,E126,E125,H306,E302,E122
|
||||||
exclude=.venv,.git,.tox,dist,*egg,build
|
exclude=.venv,.git,.tox,dist,*egg,build
|
||||||
|
|
||||||
|
[bandit]
|
||||||
|
commands =
|
||||||
|
bandit -r monasca_persister -n5 -x monasca_persister/tests
|
||||||
|
Loading…
Reference in New Issue
Block a user