Suppress Bandit B509 in snmp.py

Bandit's B509 (SNMPv3 no authentication/privacy) check is triggered by our line wrapping, as the check looks at the number of arguments, and triggers if it only parses 3 arguments. In Ironic's case, we pass five arguments. Presumably, this is due to the line wrapping. Ultimately this bandit check is very new having only been added with in the last few months. Change-Id: Idaee72a53a1f33bcab940c6ebe1e7c113a1cb1ce (cherry picked from commit e02ab89410)
2022-03-07 11:53:57 -08:00 · 2022-03-07 11:53:57 -08:00 · 7aa40c5fa1
parent 249cbf2aba
commit 7aa40c5fa1
1 changed files with 4 additions and 1 deletions
--- a/ironic/drivers/modules/snmp.py
+++ b/ironic/drivers/modules/snmp.py
@ -230,7 +230,10 @@ class SNMPClient(object):
            object depending on SNMP version being used.
        """
        if self.version == SNMP_V3:
-            return snmp.UsmUserData(
+            # NOTE(TheJulia): Ignore Bandit error B509 argument parsing as
+            # the check is for a count of <3 arguments, however our line
+            # wrapping causes the check to trigger.
+            return snmp.UsmUserData(  # nosec B509
                self.user,
                authKey=self.auth_key,
                authProtocol=self.auth_proto,