Bandit password tests
These tests were broken, a previous patch failed to fix them (referenced old docs). This patch actually fixes them and adds nosec comments as needed. Note that 'hardcoded_password_default' is disabled until some issues are resolved. Change-Id: I0c6977b48fd824cfdb13e86086476a4acd945585
This commit is contained in:
parent
72b5a58abc
commit
021d441d6f
@ -30,7 +30,9 @@ exclude_dirs:
|
||||
profiles:
|
||||
sahara_default:
|
||||
include:
|
||||
- hardcoded_password
|
||||
- hardcoded_password_string
|
||||
- hardcoded_password_funcarg
|
||||
# - hardcoded_password_default
|
||||
- blacklist_calls
|
||||
- blacklist_imports
|
||||
- subprocess_popen_with_shell_equals_true
|
||||
|
@ -1255,7 +1255,8 @@ class HueService(Service):
|
||||
username = config.get('useradmin/default_username', '')
|
||||
password = config.get('useradmin/default_user_password', '')
|
||||
|
||||
create_user = username != '' and password != ''
|
||||
# NOTE(tkelsey): test prevents creation of user with defaults
|
||||
create_user = username != '' and password != '' # nosec(tkelsey)
|
||||
|
||||
# Install Hue on the appropriate node(s)...
|
||||
hue_ngs = cluster_spec.get_node_groups_containing_component("HUE")
|
||||
|
4
tox.ini
4
tox.ini
@ -34,7 +34,7 @@ commands =
|
||||
bash -c "find sahara -iname '*.sh' -print0 | xargs -0 bashate -v"
|
||||
bash -c "find devstack -not -name README.rst -and -not -name \*.json -type f -print0 | xargs -0 bashate -v"
|
||||
# Run security linter
|
||||
bandit -c bandit.yaml -r sahara -n5 -p sahara_default
|
||||
bandit -c bandit.yaml -r sahara -n5 -p sahara_default -x tests
|
||||
|
||||
[testenv:venv]
|
||||
commands = {posargs}
|
||||
@ -78,7 +78,7 @@ commands = oslo_debug_helper {posargs}
|
||||
|
||||
[testenv:bandit]
|
||||
deps = -r{toxinidir}/test-requirements-bandit.txt
|
||||
commands = bandit -c bandit.yaml -r sahara -n5 -p sahara_default
|
||||
commands = bandit -c bandit.yaml -r sahara -n5 -p sahara_default -x tests
|
||||
|
||||
[flake8]
|
||||
show-source = true
|
||||
|
Loading…
Reference in New Issue
Block a user