766e53dfb4
This patch: 1. Updates the `tox -e safety` command to run the Safety tool [0] against both the Pegleg requirements.txt and the doc/requirements.txt file used only when `tox -e docs` is run. 2. Updates doc/requirements.txt with pinned dependencies so that Safety can check those dependencies. At the time of this patch it is expected for the non-voting Safety gate to fail, because the Promenade version used by Pegleg requires an insecure version of kubernetes, 3.0.0. This version of Kubernetes is impacted by [1] due to the urllib version being used. [0] https://pypi.org/project/safety/ [1] https://nvd.nist.gov/vuln/detail/CVE-2018-20060 Change-Id: I64fb4b1ae7c2814ad0ae11222bf8be531d4f40a5 Signed-off-by: Alexander Hughes <Alexander.Hughes@pm.me>
124 lines
2.9 KiB
INI
124 lines
2.9 KiB
INI
[tox]
|
|
envlist = py36,py37,pep8,docs,cover
|
|
minversion = 2.3.1
|
|
skipsdist = True
|
|
|
|
[testenv]
|
|
usedevelop = True
|
|
setenv =
|
|
VIRTUAL_ENV={envdir}
|
|
LANGUAGE=en_US
|
|
LC_ALL=en_US.utf-8
|
|
PIPENV_VERBOSITY=-1
|
|
PIPENV_IGNORE_PIPFILE=1
|
|
deps =
|
|
pipenv
|
|
passenv = http_proxy https_proxy HTTP_PROXY HTTPS_PROXY no_proxy NO_PROXY PBR_VERSION
|
|
whitelist_externals =
|
|
bash
|
|
find
|
|
commands =
|
|
pipenv install --dev
|
|
find . -type f -name "*.pyc" -delete
|
|
bash -c "{toxinidir}/tools/install-cfssl.sh"
|
|
{toxinidir}/tools/gate/run-unit-tests.sh '{posargs}'
|
|
|
|
[testenv:fmt]
|
|
basepython = python3
|
|
deps =
|
|
pipenv
|
|
commands =
|
|
pipenv install --dev
|
|
yapf -ir {toxinidir}/pegleg {toxinidir}/tests
|
|
|
|
[testenv:pep8]
|
|
basepython = python3
|
|
deps =
|
|
pipenv
|
|
safety
|
|
commands =
|
|
pipenv install --dev
|
|
bash -c "{toxinidir}/tools/gate/whitespace-linter.sh"
|
|
bandit -r pegleg -n 5
|
|
flake8 {toxinidir}/pegleg
|
|
yapf -dr {toxinidir}/pegleg {toxinidir}/tests
|
|
whitelist_externals =
|
|
bash
|
|
|
|
[testenv:docs]
|
|
basepython = python3
|
|
deps =
|
|
pipenv
|
|
-r{toxinidir}/doc/requirements.txt
|
|
commands =
|
|
pipenv install --dev
|
|
bash -c "{toxinidir}/tools/gate/build-docs.sh"
|
|
whitelist_externals =
|
|
bash
|
|
|
|
[testenv:bandit]
|
|
basepython = python3
|
|
commands = bandit -r pegleg -n 5
|
|
|
|
[testenv:safety]
|
|
basepython = python3
|
|
deps =
|
|
pipenv
|
|
safety
|
|
commands =
|
|
pipenv check
|
|
safety check -r {toxinidir}/requirements.txt -r {toxinidir}/doc/requirements.txt --full-report
|
|
|
|
[testenv:cover]
|
|
basepython = python3
|
|
deps =
|
|
pipenv
|
|
commands =
|
|
pipenv install --dev
|
|
{toxinidir}/tools/install-cfssl.sh
|
|
bash -c 'PATH=$PATH:~/.local/bin; pytest --cov=pegleg --cov-report \
|
|
html:cover --cov-report xml:cover/coverage.xml --cov-report term \
|
|
--cov-fail-under 87 tests/'
|
|
whitelist_externals =
|
|
bash
|
|
|
|
[testenv:update-requirements]
|
|
deps =
|
|
pipenv
|
|
commands =
|
|
pipenv lock --clear
|
|
bash -c "pipenv lock -r > {toxinidir}/requirements.txt"
|
|
whitelist_externals =
|
|
bash
|
|
|
|
[testenv:releasenotes]
|
|
basepython = python3
|
|
deps = -r{toxinidir}/doc/requirements.txt
|
|
commands =
|
|
rm -rf releasenotes/build
|
|
sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
|
|
whitelist_externals =
|
|
rm
|
|
|
|
[testenv:venv]
|
|
commands = {posargs}
|
|
|
|
[flake8]
|
|
filename = *.py
|
|
show-source = true
|
|
# [H106] Don't put vim configuration in source files.
|
|
# [H201] No 'except:' at least use 'except Exception:'
|
|
# [H904] Delay string interpolations at logging calls.
|
|
enable-extensions = H106,H201,H904
|
|
# TODO(lamt) Clean up these docstring violations if possible
|
|
# [H403] multi line docstrings should end on a new line
|
|
# [H404] multi line docstring should start without a leading new line
|
|
# [H405] multi line docstring summary not separated with an empty line
|
|
# [W503] line break before binary operator
|
|
ignore = H403,H404,H405,W503
|
|
exclude=.venv,.git,.tox,build,dist,*lib/python*,*egg,tools,*.ini,*.po,*.pot
|
|
max-complexity = 24
|
|
application-import-names = pegleg
|
|
application-package-names = deckhand,promenade,shipyard
|
|
import-order-style = pep8
|