From 1dceeb36bd8d94af34a32c0d3f1dc10562592b3d Mon Sep 17 00:00:00 2001
From: "annwesha.das" <annwesha.das@ndsu.edu>
Date: Wed, 14 Feb 2024 00:33:15 +0000
Subject: [PATCH] adds bandit testing and Zuul CI job.

adds a job to project.yaml Zuul CI file to run the Bandit
test environment

Change-Id: I76bafa2a444e277e895e510bc53603da0295d88b
---
 manilaclient/base.py                 | 4 ++--
 tox.ini                              | 4 ++++
 zuul.d/project.yaml                  | 1 +
 zuul.d/python-manilaclient-jobs.yaml | 7 +++++++
 4 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/manilaclient/base.py b/manilaclient/base.py
index be138f6ba..a636a96e8 100644
--- a/manilaclient/base.py
+++ b/manilaclient/base.py
@@ -129,8 +129,8 @@ class Manager(utils.HookableMixin):
         # pair
         username = cliutils.env('OS_USERNAME', 'MANILA_USERNAME')
         url = cliutils.env('OS_URL', 'MANILA_URL')
-        uniqifier = hashlib.sha1(username.encode('utf-8') +
-                                 url.encode('utf-8')).hexdigest()
+        uniqifier = hashlib.sha256(username.encode('utf-8') +
+                                   url.encode('utf-8')).hexdigest()
 
         cache_dir = os.path.expanduser(os.path.join(base_dir, uniqifier))
 
diff --git a/tox.ini b/tox.ini
index 23f157fd9..41df1cd2d 100644
--- a/tox.ini
+++ b/tox.ini
@@ -84,6 +84,10 @@ commands =
   coverage xml -o cover/coverage.xml
   coverage report
 
+[testenv:bandit]
+deps = bandit
+commands = bandit -r manilaclient -x  manilaclient/tests/* -n5 -ll
+
 [flake8]
 # F821: undefined name
 # W503 line break before binary operator
diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml
index dfe29ceab..621094ef2 100644
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@@ -8,6 +8,7 @@
     check:
       jobs:
         - python-manilaclient-functional
+        - python-manilaclient-tox-bandit
         - manila-rally-ss:
             voting: false
         - python-manilaclient-functional-fips:
diff --git a/zuul.d/python-manilaclient-jobs.yaml b/zuul.d/python-manilaclient-jobs.yaml
index 622df2438..a76712821 100644
--- a/zuul.d/python-manilaclient-jobs.yaml
+++ b/zuul.d/python-manilaclient-jobs.yaml
@@ -92,3 +92,10 @@
     vars:
       configure_swap_size: 4096
       nslookup_target: 'opendev.org'
+
+- job:
+    name: python-manilaclient-tox-bandit
+    parent: openstack-tox
+    timeout: 2400
+    vars:
+      tox_envlist: bandit