[tox]
envlist = linters,pep8
minversion = 2.3
skipsdist = True
toxworkdir = /tmp/{env:USER}_ansible-playbookstox

[testenv]
install_command = pip install -U {opts} {packages}
setenv = VIRTUAL_ENV={envdir}
         OS_STDOUT_CAPTURE=1
         OS_STDERR_CAPTURE=1
         OS_TEST_TIMEOUT=60
         ANSIBLE_LOCAL_TEMP={toxworkdir}/.ansible/tmp
deps = -r{toxinidir}/requirements.txt
       -r{toxinidir}/test-requirements.txt

[testenv:linters]
basepython = python3
allowlist_externals = bash
commands =
  {[testenv:ansible-lint]commands}
  bash -c "find {toxinidir}          \
         -not \( -type d -name .?\* -prune \) \
         -type f                              \
         -not -name \*~                       \
         -not -name \*.md                     \
         -name \*.sh                          \
         -print0 | xargs -r -n 1 -0 bashate -iE006 -v"
  bash -c "find {toxinidir}        \
            -path '{toxinidir}/.tox' -a -prune     \
            -o -name '*.yaml'       \
            -o -name '*.yml' \
            -print0 | xargs -0 yamllint"

[testenv:ansible-lint]
basepython = python3
allowlist_externals = bash
# ansible-lint error checks are suppressed/skipped through the .ansible-lint file
commands =
  bash -c "ls playbookconfig/src/playbooks/*.yml | xargs --no-run-if-empty ansible-lint"

[testenv:pep8]
basepython = python3
usedevelop = False
description =
    Run style checks.


commands =
    flake8


[flake8]
# E123, E125 skipped as they are invalid PEP-8.
# E501 skipped because some of the code files include templates
#      that end up quite wide
# H405: multi line docstring summary not separated with an empty line
show-source = True
ignore = E123,E125,E501,H405,W504
exclude = .venv,.git,.tox,dist,doc,*lib/python*,*egg,build,release-tag-*


[testenv:venv]
basepython = python3
commands = {posargs}

[bandit]
# The following bandit tests are being skipped:
# B108: Test for insecure usage of tmp file/directory
# B110: Try, Except, Pass detected.
# B404: Import of subprocess module
# B603: Test for use of subprocess without shell equals true
# B607: Test for starting a process with a partial path
# B608: Possible SQL injection vector through string-based query
#
# Note: 'skips' entry cannot be split across multiple lines
#
skips = B108,B110,B404,B603,B607,B608
exclude = tests

[testenv:bandit]
basepython = python3
deps = -r{toxinidir}/test-requirements.txt
commands = bandit --ini tox.ini -n 5 -r playbookconfig/src/playbooks/roles