db1fe14c0b
This change adds dependency vulnerability checks into tox. These checks are performed by the Safety package which checks requirements files against a vulnerability database for any issues. If any vulnerabilities are found, tox will fail its pep8 env. Change-Id: I6e356d1f55ced7df9490d34e06451acd9cbb6d70
66 lines
1.5 KiB
INI
66 lines
1.5 KiB
INI
[tox]
|
|
envlist = pep8, docs
|
|
minversion = 2.3.1
|
|
skipsdist = True
|
|
|
|
[testenv]
|
|
usedevelop = True
|
|
setenv =
|
|
VIRTUAL_ENV={envdir}
|
|
LANGUAGE=en_US
|
|
LC_ALL=en_US.utf-8
|
|
deps =
|
|
-r{toxinidir}/requirements.txt
|
|
-r{toxinidir}/test-requirements.txt
|
|
passenv = http_proxy https_proxy HTTP_PROXY HTTPS_PROXY no_proxy NO_PROXY PBR_VERSION
|
|
whitelist_externals =
|
|
find
|
|
commands =
|
|
find . -type f -name "*.pyc" -delete
|
|
{toxinidir}/tools/gate/run-unit-tests.sh '{posargs}'
|
|
|
|
[testenv:fmt]
|
|
basepython = python3
|
|
deps =
|
|
-r{toxinidir}/test-requirements.txt
|
|
commands =
|
|
yapf -ir {toxinidir}/spyglass-plugin-xls {toxinidir}/setup.py
|
|
|
|
[testenv:pep8]
|
|
basepython = python3
|
|
deps =
|
|
-r{toxinidir}/test-requirements.txt
|
|
commands =
|
|
bash -c "{toxinidir}/tools/gate/whitespace-linter.sh"
|
|
yapf -dr {toxinidir}/spyglass-plugin-xls {toxinidir}/setup.py
|
|
flake8 {toxinidir}/spyglass-plugin-xls
|
|
bandit -r spyglass-plugin-xls -n 5
|
|
safety check -r requirements.txt --bare
|
|
whitelist_externals =
|
|
bash
|
|
|
|
[testenv:safety]
|
|
deps =
|
|
safety
|
|
commands =
|
|
safety check -r {toxinidir}/requirements.txt --full-report
|
|
safety check -r {toxinidir}/test-requirements.txt --full-report
|
|
|
|
[testenv:bandit]
|
|
deps =
|
|
bandit
|
|
commands = bandit -r spyglass-plugin-xls -n 5
|
|
|
|
[flake8]
|
|
ignore = E125,E251,W503
|
|
|
|
[testenv:docs]
|
|
basepython = python3
|
|
deps =
|
|
-r{toxinidir}/requirements.txt
|
|
-r{toxinidir}/doc/requirements.txt
|
|
commands =
|
|
rm -rf doc/build
|
|
sphinx-build -b html doc/source doc/build -n -W -v
|
|
whitelist_externals = rm
|