starlingx/fault
Code Issues Proposed changes
4e263101b6
fault/tox.ini
Sharath Kumar K 2f364daa08 Tox and Zuul job for the python code scan in starlingx/fault 
Setting up the bandit tool for the scanning of HIGH severity issues
in the python codes under Starlingx/fault folder.
Expecting this merge will enable zuul job for CI/CD of bandit scan.

Configuration files:
1. tox.ini for adding bandit environment and command.
2. test-requirements.txt for adding bandit version.
3. .zuul.yaml file for adding bandit job and configuring under
   check job to run code scan every time before code commit.

Test:
Run tox -e bandit command inside the fault folder to validate the
bandit scan and result.

Please note:
Changes will be implemented in batches and  this is Batch2 change.

Story: 2007541
Task: 39490
Depends-On: https://review.opendev.org/#/c/721294/

Change-Id: I84449691281d9769e9219e6f9f1338c20f518f40
Signed-off-by: Sharath Kumar K <sharath.kumar@intel.com>
2020-04-27 11:14:36 +02:00

154 lines
4.7 KiB
INI
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[tox]
envlist = linters,pep8,pylint,rpm-packaging-lint
minversion = 2.3
skipsdist = True
stxdir = {toxinidir}/../
[testenv]
install_command = pip install \
-chttps://opendev.org/openstack/requirements/raw/branch/stable/stein/upper-constraints.txt \
{opts} {packages}
setenv = VIRTUAL_ENV={envdir}
OS_STDOUT_CAPTURE=1
OS_STDERR_CAPTURE=1
OS_TEST_TIMEOUT=60
deps = -r{toxinidir}/test-requirements.txt
[testenv:rpm-packaging-lint]
basepython = python3
setenv =
VIRTUAL_ENV={envdir}
LC_ALL=en_US.utf-8
deps = -r{toxinidir}/test-requirements.txt
whitelist_externals = bash
commands =
bash -c 'if [ -d {toxinidir}/../zuul-jobs ]; then \
find . \
-not \( -type d -name .?\* -prune \) \
-not \( -type d -name centos -prune \) \
-type f -name \*.spec \
-print0 | xargs -0 {toxinidir}/../zuul-jobs/scripts/speclint.sh; \
fi'
[testenv:linters]
basepython = python3
whitelist_externals = bash
commands =
bash -c "find {toxinidir} \
-not \( -type d -name .?\* -prune \) \
-type f \
-not -name \*~ \
-not -name \*.md \
\( \
-name \*.sh \
-or -not -wholename \*/devstack/files/\* \
-wholename \*/devstack/\* \
\) \
-print0 | xargs -0 bashate -v -iE006"
bash -c "find {toxinidir} \
\( -name .tox -prune \) \
-o -type f -name '*.yaml' \
-print0 | xargs -0 yamllint -d '\{extends: relaxed, rules: \{line-length: \{max: 260\}\}\}'"
[testenv:pylint]
basepython = python2.7
sitepackages = False
deps = {[testenv]deps}
-e{toxinidir}/../config/tsconfig/tsconfig
-e{toxinidir}/../config/sysinv/cgts-client/cgts-client
-r{toxinidir}/requirements.txt
pylint
commands = pylint {posargs} --rcfile=./pylint.rc \
fm-api/fm_api \
fm-common/sources/fm_db_sync_event_suppression.py \
fm-rest-api/fm/fm \
python-fmclient/fmclient/fmclient
####
# Add flake8 as pep8 codestyle check.
[testenv:pep8]
basepython = python3
description =
Run style checks.
commands =
flake8
[flake8]
# H102 Apache 2.0 license header not found
# H104 File contains nothing but comments
# H105 Don't use author tags
# H301 one import per line
# H306 imports not in alphabetical order
# H401 docstring should not start with a space
# H403 multi line docstrings should end on a new line
# H404 multi line docstring should start without a leading new line
# H405 multi line docstring summary not separated with an empty line
# H702 Argument to ... must be a string
# H903 Windows style line endings not allowed in code
# E123, E125 skipped as they are invalid PEP-8.
# E501 skipped because some of the code files include templates
# that end up quite wide
show-source = True
ignore = H102,H104,H105,H301,H306,H401,H403,H404,H405,H702,H903,E123,E125,E501
exclude = .venv,.git,.tox,dist,doc,*lib/python*,*egg,build,release-tag-*
# TODO: H106 Dont put vim configuration in source files (off by default).
# H203 Use assertIs(Not)None to check for None (off by default).
# TODO: H904 Delay string interpolations at logging calls (off by default).
enable-extensions = H203
[testenv:venv]
basepython = python3
commands = {posargs}
[testenv:docs]
basepython = python3
deps = -r{toxinidir}/doc/requirements.txt
commands =
rm -rf doc/build
sphinx-build -a -E -W -d doc/build/doctrees -b html doc/source doc/build/html
whitelist_externals = rm
[testenv:releasenotes]
basepython = python3
deps = -r{toxinidir}/doc/requirements.txt
commands =
rm -rf releasenotes/build
sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
whitelist_externals =
rm
reno
[testenv:newnote]
basepython = python3
# Re-use the releasenotes venv
envdir = {toxworkdir}/releasenotes
deps = -r{toxinidir}/doc/requirements.txt
commands = reno new {posargs}
[testenv:api-ref]
basepython = python3
deps =
-r{toxinidir}/doc/requirements.txt
commands =
rm -rf api-ref/build
sphinx-build -W -b html -d api-ref/build/doctrees api-ref/source api-ref/build/html
whitelist_externals = rm
[testenv:build]
deps =
commands = {toxinidir}/devstack/build.sh
[testenv:functional]
basepython = python3
whitelist_externals = cat
commands = cat /etc/fm/fm.conf
[testenv:bandit]
basepython = python3
description = Bandit code scan for *.py files under config folder
deps = -r{toxinidir}/test-requirements.txt
commands = bandit -r {toxinidir}/ -x '**/.tox/**',**/.eggs/** -lll
View Git Blame Copy Permalink