From 39b8150f66471f035720d4d87970637c991ea677 Mon Sep 17 00:00:00 2001 From: Dave McCowan Date: Tue, 8 Mar 2016 11:50:37 -0500 Subject: [PATCH] Add tox job for the bandit python security linter Bandit is a job that parses and analyzes python code to detect common insecure programming practices. TrivialFix Change-Id: Iea23a9bd23b25827043f02aa1a62fb0724f1d0ee --- test-requirements.txt | 1 + tox.ini | 3 +++ 2 files changed, 4 insertions(+) diff --git a/test-requirements.txt b/test-requirements.txt index cbd7550581..19037e43e9 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -1,6 +1,7 @@ # The order of packages is significant, because pip processes them in the order # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. +bandit>=0.17.3 # Apache-2.0 bashate>=0.2 # Apache-2.0 hacking>=0.10.0 oslo.log>=1.14.0 # Apache-2.0 diff --git a/tox.ini b/tox.ini index 3816cde612..753b6f359b 100644 --- a/tox.ini +++ b/tox.ini @@ -24,6 +24,9 @@ commands = {toxinidir}/tools/validate-all-yaml.sh {toxinidir}/tools/validate-all-maintainer.sh +[testenv:bandit] +commands = bandit -r ansible/library dev docker kolla tests tools + [testenv:venv] commands = {posargs}