Setting up the bandit tool for the scanning of HIGH severity issues
in the python codes under Starlingx/metal folder.
Expecting this merge will enable zuul job for CI/CD of bandit scan.
Configuration files:
1. tox.ini for adding bandit environment and command.
2. test-requirements.txt for adding bandit version.
3. .zuul.yaml file for adding bandit job and configuring under
check job to run code scan every time before code commit.
Test:
Run tox -e bandit command inside the fault folder to validate the
bandit scan and result.
Please note:
Changes will be implemented in batches and this is Batch4 change.
Story: 2007541
Task: 39622
Depends-On: https://review.opendev.org/#/c/721294/
Change-Id: I7b91a51e0e411b46670f84c2b2a6c7749f9d0521
Signed-off-by: Sharath Kumar K <sharath.kumar@intel.com>
Add job to publish metal repo to GitHub
Change-Id: Ic122ad2490ae5d13dfd7a0b937d854ca46d861b3
Story: 2007252
Task: 38685
Signed-off-by: Bin Qian <bin.qian@windriver.com>
Created a pylint.rc file for running pylint
Added a pylint task to zuul
Targets the following python files:
- redfish docker code
- hwmond_notify
Other python components in metal are not being included
because they are being removed in later commits.
Story: 2004515
Task: 37956
Change-Id: I782672c366e56d1f1597d40f5754444b2fa76b9e
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
devstack is failing, most likely because StarlingX
uses postgres, and postgres was dropped in devstack by:
cf1c847191
I am not removing the devstack job declaration, or the devstack files
because in the future StarlingX could convert from postgres to
another DB backend, at which point we might want to revisit
using devstack.
Change-Id: I02e92cd2d17207b5e09a082647d4da0f5e7ed426
Partial-Bug: 1848557
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
The utilities repo is referenced by metal.
The inventory tox.ini is not being triggered by zuul,
but would have failed if run locally.
Change-Id: I4cd044d8ad03fefa19189e790e4b87222bebc459
Story: 2006166
Task: 36532
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
Use templates instead of individual jobs so that these
can be changed in one place.
Depends-On: https://review.opendev.org/677606
Change-Id: I3b20425c0083e3cae3c2150fecc4e603c70b1eb6
The glance devstack plugin is not working for us,
and is not needed for our devstack to work, so updating
the zuul job to use the 'min' devstack version that is used
by other repos such as 'fault' and avoid setting up the
glance devstack plugin altogether.
Change-Id: Ibad252c69c19d425fe3c9f9b85e773286b3e3c43
Partial-Bug: 1840292
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
Rename stx-devstack-metal to flock-devstack-metal
and inherit from flock-devstack-base
Change-Id: I7bb8a5fe4865def69e80a3c5347ee31b06073e22
Signed-off-by: Dean Troyer <dtroyer@gmail.com>
* Enforce presence of Barbican in DevStack configuration
* Add Barbican and python-barbicanclient to stx-devstack-metal job
Change-Id: I3df338785b2352ec9e9f7c1387f2fbb47bb7baca
Signed-off-by: Dean Troyer <dtroyer@gmail.com>
The preceeding 4 reviews all needed to be in place in order for
the devstack run to complete. Enable it now.
Change-Id: I139c862b8edbe7214ad11b9820e400b7e613bd61
Signed-off-by: Dean Troyer <dtroyer@gmail.com>
* Install build artifacts to a fixed dir rather than attempting
to infer a location based on the Python binary location. That
was intended to work seamlessly in venvs, we'll burn that bridge
when we come to it, for now just put it all in
$DEST/usr/{include|lib}. This also removed the need for
root access for these files to allow the build steps to be performed
on laptops that may not otherwise run DevStack.
* Install systemd unit files directly to /etc/systemd/system
and skip the requirement to copy them a second time
* Add the declarations to settings for the devstack playbook to
handle plugin precedence order properly.
Change-Id: I5d68465384e000c05eb650a8358b70f7a7a6c293
Signed-off-by: Dean Troyer <dtroyer@gmail.com>
Add the base DevStack job and make sure bashate runs on
the devstack plugin files.
Begin to re-structure the plugin to match the common structure.
Add devstack/build.sh and split out the build steps into
separate functions in devstack/lib/stx-metal
This is complete, further work to be done in follow-up changes.
Change-Id: I05f6df758e18f182fb0a05731eddc6cb7f599e51
Signed-off-by: Dean Troyer <dtroyer@gmail.com>
* Add pointers in the main doc to api-ref and releasenotes pages
* Add publish-stx-api-ref and publish-stx-releasenotes jobs
* Add search at bottom of api-ref and relnotes pages to trigger the jobs
Change-Id: Ib41f10ce72eb283d4edbeb1ecc0543403295d7bf
Signed-off-by: Abraham Arce <abraham.arce.moreno@intel.com>
Also set the theme to alabaster until starlingxdocs is ready
Change-Id: I6a113b9fddb64792b5454b3ef0ef866ef9f74fc6
Signed-off-by: Dean Troyer <dtroyer@gmail.com>
* Use build-openstack-docs-pti job template for docs
* Use build-openstack-releasenotes job for release notes
(We can't use the OpenStack releasenotes template as it includes
publish jobs, stx needs its own)
* Add newnote tox environment as convenience for creating new release
notes, re-using the releasenotes venv.
* Create a release summary note.
Change-Id: I5a610cfe271707fd704248ede0db75be6d031121
Signed-off-by: Dean Troyer <dtroyer@gmail.com>
use flake8 as pep8 tools
enable check and gate for pep8(voting)
Fix below flake8 issues:
E127 continuation line over-indented for visual indent
E211 whitespace before '('
E222 multiple spaces after operator
E302 expected 2 blank lines, found 1
E501 line too long (101 > 79 characters)
E502 the backslash is redundant between brackets
F401 'platform' imported but unused
W391 blank line at end of file
Change-Id: Idfb953e52c8ee35c2adefdf0e4143a381c7f49e2
Story: 2003426
Task: 24596
Signed-off-by: Sun Austin <austin.sun@intel.com>
Fix below linters issues
E001 Trailing Whitespace
E003 Indent not multiple of 4
E006 Line too long
E011 Then keyword is not on same line as if or elif keyword
E020 Function declaration not in format ^function name {$
E040 Syntax error: syntax error near unexpected token `;'
ignore cases are added in tox setup
E006 Line too long
E010: do not on the same line as for
Story: 2003368
Task: 24427
Change-Id: I6acf64271a4e608be8bc8fa965cac4fa31e0c05b
Signed-off-by: Sun Austin <austin.sun@intel.com>