Move linters dependencies to tox.ini

Another item noted with the new pip resolver [1], linters dependencies
in test-requirements.txt may cause resolver issues (trying to pull in
enum34), conflicting requirements and cause them to be installed for all
test jobs. Move them to tox.ini as was done for some projects already
(this may be backported/squashed with pip resolver fix in stable
branches depending on how fixing these will go).

[1] http://lists.openstack.org/pipermail/openstack-discuss/2020-December/019362.html

Change-Id: I0111c41bea6a6caf5ffba1f5c34489854d9c9747

lower-constraints.txt

@@ -3,7 +3,6 @@ alembic==0.9.6
 amqp==2.5.0
 appdirs==1.4.3
 Babel==2.3.4
-bashate==0.5.1
 beautifulsoup4==4.6.0
 cachetools==2.0.0
 cryptography<3.3

test-requirements.txt

@@ -1,11 +1,8 @@
 # The order of packages is significant, because pip processes them in the order
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.
-hacking>=3.0.1,<3.1.0 # Apache-2.0
-bandit!=1.6.0,>=1.1.0 # Apache-2.0
 coverage!=4.4,>=4.0 # Apache-2.0
 fixtures>=3.0.0 # Apache-2.0/BSD
-flake8-import-order==0.18.1 # LGPLv3
 python-subunit>=1.0.0 # Apache-2.0/BSD
 testtools>=2.2.0 # MIT
 testresources>=2.0.0 # Apache-2.0/BSD
@@ -16,8 +13,6 @@ stestr>=1.0.0 # Apache-2.0
 reno>=3.1.0 # Apache-2.0
 ddt>=1.0.1 # MIT
 astroid==2.4.0 # LGPLv2.1
-pylint==2.5.3 # GPLv2
 isort==4.3.21 # MIT
 # Needed to run DB commands in virtualenvs
 PyMySQL>=0.7.6 # MIT License
-bashate>=0.5.1 # Apache-2.0

tox.ini

@@ -17,6 +17,7 @@ deps =
   -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
   -r{toxinidir}/requirements.txt
   -r{toxinidir}/test-requirements.txt
+  hacking>=3.0.1,<3.1.0 # Apache-2.0
 whitelist_externals = sh
 commands =
   {toxinidir}/tools/pip_install_src_modules.sh "{toxinidir}"
@@ -96,6 +97,10 @@ commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasen
 envdir = {toxworkdir}/shared
 deps =
   {[testenv]deps}
+  {[testenv:bashate]deps}
+  {[testenv:bandit]deps}
+  flake8-import-order==0.18.1 # LGPLv3
+  pylint==2.5.3 # GPLv2
 commands=
   # If it is easier to add a check via a shell script, consider adding it in this file
   sh ./tools/misc-sanity-checks.sh
@@ -203,11 +208,15 @@ envdir = {toxworkdir}/shared
 # B303: prohibit list calls: md5, sha1
 # B311: Standard pseudo-random generators are not suitable for security/cryptographic purpose
 # B604: any_other_function_with_shell_equals_true
-deps = -r{toxinidir}/test-requirements.txt
+deps =
+  bandit!=1.6.0,>=1.1.0 # Apache-2.0
+  -r{toxinidir}/test-requirements.txt
 commands = bandit -r neutron -x tests -n5 -s B104,B303,B311,B604
 
 [testenv:bashate]
 envdir = {toxworkdir}/shared
+deps =
+  bashate>=0.5.1 # Apache-2.0
 commands = bash -c "find {toxinidir}             \
          -not \( -type d -name .tox\* -prune \)  \
          -not \( -type d -name .venv\* -prune \) \
@@ -243,6 +252,7 @@ deps =
   -c{toxinidir}/lower-constraints.txt
   -r{toxinidir}/test-requirements.txt
   -r{toxinidir}/requirements.txt
+  hacking>=3.0.1,<3.1.0 # Apache-2.0
 
 [testenv:requirements]
 deps =