From 839b34080b000f57c503020accdb17404707374c Mon Sep 17 00:00:00 2001
From: "ChangBo Guo(gcb)" <eric.guo@easystack.cn>
Date: Thu, 30 Nov 2017 11:30:17 +0800
Subject: [PATCH] add bandit to pep8 job

Add the bandit security scanner to the pep8 job.

Change-Id: I3cf1630c8d69515700e98a9274f42aa3f3b05303
---
 test-requirements.txt | 3 +++
 tox.ini               | 7 ++++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/test-requirements.txt b/test-requirements.txt
index 1c51d1a3..95c8c71e 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -13,3 +13,6 @@ openstackdocstheme>=1.17.0 # Apache-2.0
 sphinx>=1.6.2 # BSD
 
 reno>=2.5.0 # Apache-2.0
+
+# Bandit security code scanner
+bandit>=1.1.0 # Apache-2.0
diff --git a/tox.ini b/tox.ini
index 42d3fb4a..5ebd980c 100644
--- a/tox.ini
+++ b/tox.ini
@@ -12,7 +12,12 @@ deps = -r{toxinidir}/test-requirements.txt
 commands = python setup.py testr --slowest --testr-args='{posargs}'
 
 [testenv:pep8]
-commands = flake8
+deps =
+  -r{toxinidir}/test-requirements.txt
+commands =
+  flake8
+  # Run security linter
+  bandit -r oslo_policy tests -n5
 
 [testenv:venv]
 commands = {posargs}