Add bandit baseline to tox

Bandit baseline will check the last commit to see if it introduced any new security problems. Details of how bandit can be configured for the gate are documented here: https://wiki.openstack.org/wiki/Security/Projects/Bandit#Gate_Testing_with_Bandit Change-Id: I791d897c4efe00bc4c0fd3b9d249e561eeb82acb Partial-Bug: #1552002
2016-03-01 15:23:51 -08:00 · 2016-03-01 15:23:51 -08:00 · 61a9894527
parent 4a1acafa12
commit 61a9894527
2 changed files with 5 additions and 0 deletions
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -14,3 +14,4 @@ testresources>=0.2.4 # Apache-2.0/BSD
 WebTest>=2.0 # MIT
 doc8 # Apache-2.0
 reno>=0.1.1 # Apache2
+bandit>=0.17.3 # Apache-2.0
--- a/tox.ini
+++ b/tox.ini
@ -54,6 +54,10 @@ commands =
    find . -type f -name "*.pyc" -delete
    python -m unittest specs-tests.test_titles

+
+[testenv:bandit]
+commands = bandit-baseline -r octavia -ll -ii
+
 [flake8]
 # Ignoring O321 because it's unnecessarily restricting use of json package.
 # jsonutils version doesn't add additional value