openstack-helm-infra/playbooks/osh-infra-bandit.yaml
Gage Hugo 690258b221 Add clear-firewall role to bandit playbook
This change adds the clear-firewall role to the osh-infra-bandit
playbook to resolve an issue with coredns not coming up when
this job is ran on an ubuntu focal node.

Change-Id: I189ceff30271f3a478aff697b84709b19d0b09fc
2022-05-03 14:55:46 -05:00

34 lines
884 B
YAML

---
- hosts: all
name: openstack-helm-infra-bandit
tasks:
- name: Clear firewall
include_role:
name: clear-firewall
- name: Install Required Packages and Setup Host
shell: |
set -xe;
./tools/deployment/common/000-install-packages.sh
./tools/deployment/common/005-deploy-k8s.sh
sudo -H pip3 install yq bandit==1.7.1 setuptools
environment:
zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Template out python files
shell: |
set -xe;
make all
mkdir -p python-files
./tools/gate/template-python.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Run bandit against python files
shell: bandit -r ./python-files
args:
chdir: "{{ zuul.project.src_dir }}"
...