pegleg/tox.ini
Ian H. Pittwood 122e746df5 Adds Safety dependency vulnerability checks
This change adds dependency vulnerability checks into tox. These checks
are performed by the Safety package which checks requirements files
against a vulnerability database for any issues. If any vulnerabilities
are found, tox will fail its pep8 env.

Safety: https://pyup.io/safety/

Safety Repo: https://github.com/pyupio/safety

Safety Default Vulnerability DB: https://github.com/pyupio/safety-db

Change-Id: I70a10ecb01836373888bd87aa27953515accd4c4
2019-06-03 12:40:49 -05:00

103 lines
2.6 KiB
INI

[tox]
envlist = py36,py37,pep8,docs,cover
minversion = 2.3.1
skipsdist = True
[testenv]
usedevelop = True
setenv =
VIRTUAL_ENV={envdir}
LANGUAGE=en_US
LC_ALL=en_US.utf-8
deps =
-r{toxinidir}/requirements.txt
-r{toxinidir}/test-requirements.txt
passenv = http_proxy https_proxy HTTP_PROXY HTTPS_PROXY no_proxy NO_PROXY PBR_VERSION
whitelist_externals =
bash
find
commands =
find . -type f -name "*.pyc" -delete
bash -c "{toxinidir}/tools/install-cfssl.sh"
{toxinidir}/tools/gate/run-unit-tests.sh '{posargs}'
[testenv:fmt]
basepython = python3
deps =
-r{toxinidir}/test-requirements.txt
commands =
yapf -ir {toxinidir}/pegleg {toxinidir}/tests
[testenv:pep8]
basepython = python3
deps =
-r{toxinidir}/test-requirements.txt
commands =
bash -c "{toxinidir}/tools/gate/whitespace-linter.sh"
bandit -r pegleg -n 5
safety check -r requirements.txt --bare
flake8 {toxinidir}/pegleg
whitelist_externals =
bash
[testenv:docs]
basepython = python3
deps =
-r{toxinidir}/requirements.txt
-r{toxinidir}/doc/requirements.txt
commands =
bash -c "{toxinidir}/tools/gate/build-docs.sh"
whitelist_externals =
bash
[testenv:bandit]
basepython = python3
commands = bandit -r pegleg -n 5
[testenv:safety]
deps =
safety
commands =
safety check -r {toxinidir}/requirements.txt --full-report
safety check -r {toxinidir}/test-requirements.txt --full-report
[testenv:cover]
basepython = python3
deps =
-r{toxinidir}/requirements.txt
-r{toxinidir}/test-requirements.txt
commands =
{toxinidir}/tools/install-cfssl.sh
bash -c 'PATH=$PATH:~/.local/bin; pytest --cov=pegleg --cov-report \
html:cover --cov-report xml:cover/coverage.xml --cov-report term \
--cov-fail-under 87 tests/'
whitelist_externals =
bash
[testenv:releasenotes]
basepython = python3
deps = -r{toxinidir}/doc/requirements.txt
commands =
rm -rf releasenotes/build
sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
whitelist_externals =
rm
[testenv:venv]
commands = {posargs}
[flake8]
filename = *.py
show-source = true
# [H106] Don't put vim configuration in source files.
# [H201] No 'except:' at least use 'except Exception:'
# [H904] Delay string interpolations at logging calls.
enable-extensions = H106,H201,H904
# TODO(lamt) Clean up these docstring violations if possible
# [H403] multi line docstrings should end on a new line
# [H404] multi line docstring should start without a leading new line
# [H405] multi line docstring summary not separated with an empty line
ignore = H403,H404,H405
exclude=.venv,.git,.tox,build,dist,*lib/python*,*egg,tools,*.ini,*.po,*.pot
max-complexity = 24