starlingx/metal
Code Issues Proposed changes
5942a56ec6
metal/test-requirements.txt
Sharath Kumar K ec62232936 Tox and Zuul job for the bandit code scan in starlingx/metal 
Setting up the bandit tool for the scanning of HIGH severity issues
in the python codes under Starlingx/metal folder.
Expecting this merge will enable zuul job for CI/CD of bandit scan.

Configuration files:
1. tox.ini for adding bandit environment and command.
2. test-requirements.txt for adding bandit version.
3. .zuul.yaml file for adding bandit job and configuring under
   check job to run code scan every time before code commit.

Test:
Run tox -e bandit command inside the fault folder to validate the
bandit scan and result.

Please note:
Changes will be implemented in batches and  this is Batch4 change.

Story: 2007541
Task: 39622
Depends-On: https://review.opendev.org/#/c/721294/

Change-Id: I7b91a51e0e411b46670f84c2b2a6c7749f9d0521
Signed-off-by: Sharath Kumar K <sharath.kumar@intel.com>
2020-06-29 08:24:46 +00:00

6 lines
85 B
Plaintext
Raw Blame History

bashate >= 0.2
PyYAML >= 3.1.0
yamllint >= 0.5.2
flake8
bandit!=1.6.0,>=1.1.0,<2.0.0
View Git Blame Copy Permalink