The install_command for docs, newnote and api-ref
needed to be overridden to not use upper constraints.
The bandit requirement needed to be made python3 only.
The bandit scan was failing, so it is now updated to
allow individual bandit failures to be suppressed in tox.ini
Need to include a py file change in order for bandit to be
triggered by zuul.
Signed-off-by: albailey <Al.Bailey@windriver.com>