d87462c851
yaml.load is considered unsafe. yaml.safe_load is the recommended method to use. The yaml.load is only being called from scenario tests, and from a forensic tool that is unused. Therefore this code change has no runtime impact. This allow unsuppressing the following pylint error E1120 no-value-for-parameter This allow unsuppressing the following bandit error B506: Test for use of yaml load Adding a new bandit zuul job, and removing the pinning of the version of bandit for this repo. Test Plan: PASS: tox -e pylint PASS: tox -e bandit PASS: build-pkgs -p nfv Story: 2010531 Task: 47174 Signed-off-by: Al Bailey <al.bailey@windriver.com> Change-Id: Ie60dcf98425c95e103d22e7be4212de1954550bf
78 lines
2.2 KiB
INI
78 lines
2.2 KiB
INI
[tox]
|
|
envlist = linters
|
|
minversion = 2.9
|
|
skipsdist = True
|
|
|
|
[testenv]
|
|
allowlist_externals = find
|
|
basepython = python3
|
|
commands = find {toxinidir} -type f -not -path '{toxinidir}/.tox/*' -not -path '*/__pycache__/*' -name '*.py[c|o]' -delete
|
|
deps = -r{toxinidir}/test-requirements.txt
|
|
install_command = pip install -U \
|
|
-c{env:TOX_CONSTRAINTS_FILE:https://opendev.org/starlingx/root/raw/branch/master/build-tools/requirements/debian/upper-constraints.txt} \
|
|
{opts} {packages}
|
|
setenv = VIRTUAL_ENV={envdir}
|
|
OS_STDOUT_CAPTURE=1
|
|
OS_STDERR_CAPTURE=1
|
|
OS_TEST_TIMEOUT=60
|
|
PYTHONDONTWRITEBYTECODE=True
|
|
|
|
[testenv:venv]
|
|
commands = {posargs}
|
|
|
|
[testenv:bandit]
|
|
description = Dummy environment to allow bandit to be run in subdir tox
|
|
|
|
[testenv:flake8]
|
|
description = Dummy environment to allow flake8 to be run in subdir tox
|
|
|
|
[testenv:pep8]
|
|
description = Dummy environment to allow pep8 to be run in subdir tox
|
|
|
|
[testenv:pylint]
|
|
description = Dummy environment to allow pylint to be run in subdir tox
|
|
|
|
[testenv:yamllint]
|
|
allowlist_externals = bash
|
|
commands =
|
|
bash -c "find {toxinidir} \
|
|
-name .tox -prune \
|
|
-o -type f -name '*.yaml' \
|
|
-print0 | xargs -0 yamllint -f parsable \
|
|
-c {toxinidir}/.yamllint"
|
|
|
|
[testenv:linters]
|
|
allowlist_externals = bash
|
|
commands =
|
|
{[testenv:yamllint]commands}
|
|
|
|
[testenv:docs]
|
|
deps = -r{toxinidir}/doc/requirements.txt
|
|
commands =
|
|
rm -rf doc/build
|
|
sphinx-build -a -E -W -d doc/build/doctrees -b html doc/source doc/build/html
|
|
allowlist_externals = rm
|
|
|
|
[testenv:releasenotes]
|
|
deps = -r{toxinidir}/doc/requirements.txt
|
|
commands =
|
|
rm -rf releasenotes/build
|
|
sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
|
|
allowlist_externals =
|
|
rm
|
|
reno
|
|
|
|
[testenv:newnote]
|
|
# Re-use the releasenotes venv
|
|
envdir = {toxworkdir}/releasenotes
|
|
deps = -r{toxinidir}/doc/requirements.txt
|
|
commands = reno new {posargs}
|
|
|
|
[testenv:api-ref]
|
|
deps =
|
|
-r{toxinidir}/doc/requirements.txt
|
|
commands =
|
|
rm -rf api-ref/build
|
|
sphinx-build -W -b html -d api-ref/build/doctrees api-ref/source api-ref/build/html
|
|
allowlist_externals = rm
|