add bandit to pep8 job

Add the bandit security scanner to the pep8 job. Change-Id: I4fa14f3c42f064b6ec58e1f3a3cde22ad031ac7a Signed-off-by: Doug Hellmann <doug@doughellmann.com>
2017-11-10 18:00:22 -05:00 · 2017-11-10 18:00:22 -05:00 · 6aae80ec18
parent 3ffdb1f0ba
commit 6aae80ec18
2 changed files with 9 additions and 2 deletions
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -7,3 +7,5 @@ coverage!=4.4,>=4.0 # Apache-2.0
 testrepository>=0.0.18 # Apache-2.0/BSD
 # sphinx is needed for testing the sphinxext module
 sphinx>=1.6.2 # BSD
+# Bandit security code scanner
+bandit>=1.1.0 # Apache-2.0
--- a/tox.ini
+++ b/tox.ini
@ -20,9 +20,14 @@ deps =
 commands = {posargs}

 [testenv:pep8]
-deps = flake8
+deps =
+  -r{toxinidir}/test-requirements.txt
+  flake8
 ignore = E251
-commands = flake8 stevedore setup.py
+commands =
+  flake8 stevedore setup.py
+  # Run security linter
+  bandit -r stevedore -x tests -n5

 [testenv:docs]
 deps = -r{toxinidir}/doc/requirements.txt