Adds a Bandit testing environment to the tox.ini file and adds a job to project.yaml Zuul CI file to run the Bandit test environment. Also includes a nosec comment to ignore a hardbinding to in service.py Depends-On: I78a5b708cd970dcb60f480d8e6a201d0768645fc Depends-On: I27d1204ec7dafd3b578d1261c3fd2e371ae405fb Depends-On: I2a913f3b87e16554b1bd68543fcf254cc4226031 Depends-On: I46ad1a7ca723157488525ca7239cbd0ef421b975 Depends-On: Ib5404d9e165be5879f5351c3f0952648ae702b2d Depends-On: Id71c0ee4138b695ff19085a284ccced6b1a9dbba Depends-On: I33bbb7070ada5509ca05c90d7a38077d38f54a1f Depends-On: I3e974a2113b29af1111f27ca1afeb78091a0ec75 Depends-On: I0e686c91ce02ea42719d00d17f6ed659e97470ac Depends-On: I171c90a281c7b62c2601131293f9f00a926641e2 Change-Id: I8eb93cdcd5d47a6a5495ee7277c72d5f028cb412
178 lines
5.5 KiB
178 lines
5.5 KiB
minversion = 3.18.0
envlist = py3,pep8
# Automatic envs (pyXX) will only use the python version appropriate to that
# env and ignore basepython inherited from [testenv] if we set
# ignore_basepython_conflict.
ignore_basepython_conflict = true
basepython = {env:TOX_PYTHON:python3}
usedevelop = true
setenv =
# TODO(stephenfin): Remove once we bump our upper-constraint to SQLAlchemy 2.0
deps =
commands =
stestr run {posargs}
stestr slowest
deps =
commands =
rm -rf releasenotes/build
sphinx-build -a -E -W -d releasenotes/build/doctrees \
-b html releasenotes/source releasenotes/build/html
allowlist_externals = rm
allowlist_externals = reno
deps =
commands = reno new {posargs}
commands = oslo_debug_helper {posargs}
deps =
allowlist_externals =
commands =
pre-commit run --all-files --show-diff-on-failure
{toxinidir}/tools/check_exec.py {toxinidir}/manila
{toxinidir}/tools/check_logging.sh {toxinidir}/manila
allowlist_externals = bash
commands =
oslo-config-generator --config-file etc/oslo-config-generator/manila.conf
commands = oslopolicy-sample-generator --config-file=etc/manila/manila-policy-generator.conf
commands = {posargs}
deps = bandit
commands = bandit -r manila --ini tox.ini -n5 -ll
exclude = tests,tegile,hitachi,glusterfs,vnx,ssh_utils.py
# NOTE(elod.illes): requirements.txt is needed because otherwise
# dependencies are installed during 'develop-inst' tox phase without
# constraints which could cause failures in stable branches.
deps =
commands =
rm -rf doc/build
sphinx-build -W -b html doc/source doc/build/html
allowlist_externals = rm
deps = {[testenv:docs]deps}
allowlist_externals =
commands =
sphinx-build -W -b latex doc/source doc/build/pdf
make -C doc/build/pdf
# Do not install any requirements. We want this to be fast and work even if
# system dependencies are missing, since it's used to tell you what system
# dependencies are missing! This also means that bindep must be installed
# separately, outside of the requirements files, and develop mode disabled
# explicitly to avoid unnecessarily installing the checked-out repo too (this
# further relies on "tox.skipsdist = True" above).
deps = bindep
commands = bindep test
usedevelop = False
setenv =
PYTHON=coverage run --source manila --parallel-mode
allowlist_externals =
commands =
{toxinidir}/tools/cover.sh {posargs}
# Let's run fast8 under py3 by default because the py3 checks are stricter.
allowlist_externals =
commands =
deps = -r{toxinidir}/requirements.txt
allowlist_externals = bash
commands = bash ./tools/coding-checks.sh --pylint {posargs}
# This environment is called from CI scripts to test and publish
# the API Ref to docs.openstack.org.
deps = {[testenv:docs]deps}
allowlist_externals = rm
commands =
rm -rf api-ref/build
python {toxinidir}/tools/validate-json-files.py {toxinidir}/api-ref/source/samples/
sphinx-build -W -b html -d api-ref/build/doctrees api-ref/source api-ref/build/html
deps = -r{toxinidir}/requirements.txt
commands = alembic -c manila/db/migrations/alembic.ini revision -m ""{posargs}
# Following checks are ignored on purpose:
# Following checks should be evaluated and fixed:
# E123 closing bracket does not match indentation of opening bracket's line
# E402 module level import not at top of file
# W503 line break before binary operator
# W504 line break after binary operator
ignore = E123,E402,W503,W504
builtins = _
# [H106] Don't put vim configuration in source files.
# [H203] Use assertIs(Not)None to check for None.
# [H904] Use ',' instead of '%', String interpolation should be delayed to be handled by the logging code,
# rather than being done at the point of the logging call..
enable-extensions = H106,H203,H904
exclude = .git,.tox,.testrepository,.venv,build,cover,dist,doc,*egg,api-ref/build,*/source/conf.py
import_exceptions =
extension =
M310 = checks:CheckLoggingFormatArgs
M313 = checks:validate_assertTrue
M323 = checks:check_explicit_underscore_import
M326 = checks:CheckForTransAdd
M333 = checks:check_oslo_namespace_imports
M336 = checks:dict_constructor_with_list_copy
M337 = checks:no_xrange
M338 = checks:no_log_warn_check
M339 = checks:no_third_party_mock
M354 = checks:check_uuid4
M359 = checks:no_translate_logs
paths = ./manila/tests/hacking