Add bandit baseline to tox
Bandit baseline will check the last commit to see if it introduced any new security problems. Details of how bandit can be configured for the gate are documented here: https://wiki.openstack.org/wiki/Security/Projects/Bandit#Gate_Testing_with_Bandit Change-Id: I791d897c4efe00bc4c0fd3b9d249e561eeb82acb Partial-Bug: #1552002
This commit is contained in:
parent
4a1acafa12
commit
61a9894527
|
@ -14,3 +14,4 @@ testresources>=0.2.4 # Apache-2.0/BSD
|
|||
WebTest>=2.0 # MIT
|
||||
doc8 # Apache-2.0
|
||||
reno>=0.1.1 # Apache2
|
||||
bandit>=0.17.3 # Apache-2.0
|
||||
|
|
4
tox.ini
4
tox.ini
|
@ -54,6 +54,10 @@ commands =
|
|||
find . -type f -name "*.pyc" -delete
|
||||
python -m unittest specs-tests.test_titles
|
||||
|
||||
|
||||
[testenv:bandit]
|
||||
commands = bandit-baseline -r octavia -ll -ii
|
||||
|
||||
[flake8]
|
||||
# Ignoring O321 because it's unnecessarily restricting use of json package.
|
||||
# jsonutils version doesn't add additional value
|
||||
|
|
Loading…
Reference in New Issue