Merge "adds bandit testing and Zuul CI job."

2024-05-11 03:14:50 +00:00 · 2024-05-11 03:14:50 +00:00 · 56ba694486
commit 56ba694486
parent 9e81815674 1dceeb36bd
4 changed files with 14 additions and 2 deletions
--- a/manilaclient/base.py
+++ b/manilaclient/base.py
@ -129,8 +129,8 @@ class Manager(utils.HookableMixin):
        # pair
        username = cliutils.env('OS_USERNAME', 'MANILA_USERNAME')
        url = cliutils.env('OS_URL', 'MANILA_URL')
-        uniqifier = hashlib.sha1(username.encode('utf-8') +
-                                 url.encode('utf-8')).hexdigest()
+        uniqifier = hashlib.sha256(username.encode('utf-8') +
+                                   url.encode('utf-8')).hexdigest()

        cache_dir = os.path.expanduser(os.path.join(base_dir, uniqifier))

--- a/tox.ini
+++ b/tox.ini
@ -90,6 +90,10 @@ commands =
  coverage xml -o cover/coverage.xml
  coverage report

+[testenv:bandit]
+deps = bandit
+commands = bandit -r manilaclient -x  manilaclient/tests/* -n5 -ll
+
 [flake8]
 # F821: undefined name
 # W503 line break before binary operator
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@ -8,6 +8,7 @@
    check:
      jobs:
        - python-manilaclient-functional
+        - python-manilaclient-tox-bandit
        - manila-rally-ss:
            voting: false
        - python-manilaclient-functional-fips:
--- a/zuul.d/python-manilaclient-jobs.yaml
+++ b/zuul.d/python-manilaclient-jobs.yaml
@ -92,3 +92,10 @@
    vars:
      configure_swap_size: 4096
      nslookup_target: 'opendev.org'
+
+- job:
+    name: python-manilaclient-tox-bandit
+    parent: openstack-tox
+    timeout: 2400
+    vars:
+      tox_envlist: bandit