From 65905cdb998aa9a74d364b2b46da4304c19beb07 Mon Sep 17 00:00:00 2001
From: Brian Haley <bhaley@redhat.com>
Date: Thu, 10 Oct 2019 14:01:40 -0400
Subject: [PATCH] Use bandit block in tox.ini

Use the bandit testenv block in tox.ini instead of inlining
it. Also changed the call back to '-x tests' since that is
correct syntax, it was just broken in version 1.6.0, which
is now in the blacklist.

Change-Id: Id0bf1c6b1633ffb4143c7628b722434faf433d7d
---
 test-requirements.txt | 2 +-
 tox.ini               | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/test-requirements.txt b/test-requirements.txt
index e687bf2f4b..7eccfd852c 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -16,7 +16,7 @@ testtools>=2.2.0 # MIT
 testresources>=2.0.0 # Apache-2.0/BSD
 testscenarios>=0.4 # Apache-2.0/BSD
 doc8>=0.6.0 # Apache-2.0
-bandit>=1.1.0 # Apache-2.0
+bandit!=1.6.0,>=1.1.0 # Apache-2.0
 tempest>=17.1.0 # Apache-2.0
 # Required for pep8 - doc8 tests
 sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7'  # BSD
diff --git a/tox.ini b/tox.ini
index 1d96fa562c..fdef603164 100644
--- a/tox.ini
+++ b/tox.ini
@@ -80,7 +80,7 @@ commands = flake8
            doc/source octavia  CONSTITUTION.rst HACKING.rst README.rst \
            TESTING.rst
            # Run security linter
-           bandit -r octavia -ll -ii -x 'octavia/tests/*'
+           {[testenv:bandit]commands}
            # Make sure specs follow our template
            find . -type f -name "*.pyc" -delete
            python -m unittest specs-tests.test_titles
@@ -151,7 +151,7 @@ commands =
 
 [testenv:bandit]
 basepython = python3
-commands = bandit -r octavia -ll -ii -x octavia/tests {posargs}
+commands = bandit -r octavia -ll -ii -x tests
 
 [flake8]
 # [H104]: Empty file with only comments