Merge "Incorporate bandit support in CI"
This commit is contained in:
commit
e6ef34c0aa
@ -3,6 +3,7 @@ alembic==0.8.10
|
|||||||
appdirs==1.4.3
|
appdirs==1.4.3
|
||||||
automaton==1.9.0
|
automaton==1.9.0
|
||||||
Babel==2.3.4
|
Babel==2.3.4
|
||||||
|
bandit==1.1.0
|
||||||
certifi==2018.1.18
|
certifi==2018.1.18
|
||||||
chardet==3.0.4
|
chardet==3.0.4
|
||||||
click==6.7
|
click==6.7
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
# The order of packages is significant, because pip processes them in the order
|
# The order of packages is significant, because pip processes them in the order
|
||||||
# of appearance. Changing the order has an impact on the overall integration
|
# of appearance. Changing the order has an impact on the overall integration
|
||||||
# process, which may cause wedges in the gate later.
|
# process, which may cause wedges in the gate later.
|
||||||
|
bandit!=1.6.0,>=1.1.0,<2.0.0 # Apache-2.0
|
||||||
coverage!=4.4,>=4.0 # Apache-2.0
|
coverage!=4.4,>=4.0 # Apache-2.0
|
||||||
doc8>=0.6.0 # Apache-2.0
|
doc8>=0.6.0 # Apache-2.0
|
||||||
flake8-import-order>=0.13 # LGPLv3
|
flake8-import-order>=0.13 # LGPLv3
|
||||||
|
5
tox.ini
5
tox.ini
@ -101,3 +101,8 @@ deps =
|
|||||||
-c{toxinidir}/lower-constraints.txt
|
-c{toxinidir}/lower-constraints.txt
|
||||||
-r{toxinidir}/test-requirements.txt
|
-r{toxinidir}/test-requirements.txt
|
||||||
-r{toxinidir}/requirements.txt
|
-r{toxinidir}/requirements.txt
|
||||||
|
|
||||||
|
[testenv:bandit]
|
||||||
|
basepython = python3
|
||||||
|
deps = -r{toxinidir}/test-requirements.txt
|
||||||
|
commands = bandit -r ironic_inspector -x test -n 5 -ll
|
||||||
|
@ -63,3 +63,24 @@
|
|||||||
IRONIC_INSPECTOR_RAMDISK_ELEMENT: ironic-agent
|
IRONIC_INSPECTOR_RAMDISK_ELEMENT: ironic-agent
|
||||||
IRONIC_INSPECTOR_DHCP_FILTER: dnsmasq
|
IRONIC_INSPECTOR_DHCP_FILTER: dnsmasq
|
||||||
IRONIC_INSPECTOR_INTROSPECTION_DATA_STORE: database
|
IRONIC_INSPECTOR_INTROSPECTION_DATA_STORE: database
|
||||||
|
|
||||||
|
- job:
|
||||||
|
# Security testing for known issues
|
||||||
|
name: ironic-inspector-tox-bandit
|
||||||
|
parent: openstack-tox
|
||||||
|
timeout: 2400
|
||||||
|
vars:
|
||||||
|
tox_envlist: bandit
|
||||||
|
required-projects:
|
||||||
|
- openstack/ironic-inspector
|
||||||
|
irrelevant-files:
|
||||||
|
- ^.*\.rst$
|
||||||
|
- ^api-ref/.*$
|
||||||
|
- ^doc/.*$
|
||||||
|
- ^ironic_inspector/test/(?!.*tempest).*$
|
||||||
|
- ^ironic_inspector/locale/.*$
|
||||||
|
- ^releasenotes/.*$
|
||||||
|
- ^tools/.*$
|
||||||
|
- ^test-requirements.txt$
|
||||||
|
- ^setup.cfg$
|
||||||
|
- ^tox.ini$
|
||||||
|
@ -16,6 +16,8 @@
|
|||||||
- openstack-tox-functional
|
- openstack-tox-functional
|
||||||
- openstack-tox-functional-py36
|
- openstack-tox-functional-py36
|
||||||
- bifrost-integration-tinyipa-ubuntu-xenial
|
- bifrost-integration-tinyipa-ubuntu-xenial
|
||||||
|
- ironic-inspector-tox-bandit:
|
||||||
|
voting: false
|
||||||
gate:
|
gate:
|
||||||
queue: ironic
|
queue: ironic
|
||||||
jobs:
|
jobs:
|
||||||
|
Loading…
Reference in New Issue
Block a user