[tox] envlist = flake8,py39,pylint,metadata,bandit minversion = 1.6 skipsdist = True # tox does not work if the path to the workdir is too long, so move it to /tmp # tox 3.1.0 adds TOX_LIMITED_SHEBANG toxworkdir = /tmp/{env:USER}_k8soidctox stxdir = {toxinidir}/../../.. distshare={toxworkdir}/.tox/distshare [testenv] basepython = python3.9 usedevelop = True # tox is silly... these need to be separated by a newline.... allowlist_externals = bash find echo install_command = pip install -v -v -v \ -c{env:UPPER_CONSTRAINTS_FILE:https://opendev.org/starlingx/root/raw/branch/master/build-tools/requirements/debian/upper-constraints.txt} \ {opts} {packages} # Note the hash seed is set to 0 until can be tested with a # random hash seed successfully. setenv = VIRTUAL_ENV={envdir} PYTHONHASHSEED=0 PIP_RESOLVER_DEBUG=1 PYTHONDONTWRITEBYTECODE=1 OS_TEST_PATH=./k8sapp_oidc/tests LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=C EVENTS_YAML=./k8sapp_oidc/tests/events_for_testing.yaml SYSINV_TEST_ENV=True TOX_WORK_DIR={toxworkdir} PYLINTHOME={toxworkdir} deps = -r{toxinidir}/requirements.txt -r{toxinidir}/test-requirements.txt -e{[tox]stxdir}/config/sysinv/sysinv/sysinv -e{[tox]stxdir}/config/tsconfig/tsconfig -e{[tox]stxdir}/fault/fm-api/source -e{[tox]stxdir}/fault/python-fmclient/fmclient -e{[tox]stxdir}/update/sw-patch/cgcs-patch -e{[tox]stxdir}/utilities/ceph/python-cephclient/python-cephclient commands = find . -type f -name "*.pyc" -delete [flake8] # H series are hacking # H101 is TODO # H102 is apache license # H104 file contains only comments (ie: license) # H105 author tags # H306 imports not in alphabetical order # H401 docstring should not start with a space # H403 multi line docstrings should end on a new line # H404 multi line docstring should start without a leading new line # H405 multi line docstring summary not separated with an empty line # H701 Empty localization string # H702 Formatting operation should be outside of localization method call # H703 Multiple positional placeholders # B series are bugbear # B006 Do not use mutable data structures for argument defaults. Needs to be FIXED. # B007 Loop control variable not used within the loop body. # B009 Do not call getattr with a constant attribute value # B010 Do not call setattr with a constant attribute value # B012 return/continue/break inside finally blocks cause exceptions to be silenced # B014 Redundant exception types # B301 Python 3 does not include `.iter*` methods on dictionaries. (this should be suppressed on a per line basis) # W series are warnings # W503 line break before binary operator # W504 line break after binary operator # W605 invalid escape sequence # E series are pep8 # E117 over-indented # E126 continuation line over-indented for hanging indent # E127 continuation line over-indented for visual indent # E128 continuation line under-indented for visual indent # E402 module level import not at top of file # E741 ambiguous variable name ignore = H101,H102,H104,H105,H306,H401,H403,H404,H405,H701,H702,H703, B006,B007,B009,B010,B012,B014,B301 W503,W504,W605, E117,E126,E127,E128,E402,E741 exclude = build,dist,tools,.eggs max-line-length=120 [testenv:flake8] deps = -r{toxinidir}/test-requirements.txt commands = flake8 {posargs} ./k8sapp_oidc [testenv:py39] commands = stestr run {posargs} stestr slowest [testenv:pep8] # testenv:flake8 clone deps = -r{toxinidir}/test-requirements.txt commands = {[testenv:flake8]commands} [testenv:venv] commands = {posargs} [bandit] # The following bandit tests are being skipped: # B101: Test for use of assert # B103: Test for setting permissive file permissions # B104: Test for binding to all interfaces # B105: Test for use of hard-coded password strings # B108: Test for insecure usage of tmp file/directory # B110: Try, Except, Pass detected. # B303: Use of insecure MD2, MD4, MD5, or SHA1 hash function. # B307: Blacklisted call to eval. # B310: Audit url open for permitted schemes # B311: Standard pseudo-random generators are not suitable for security/cryptographic purposes # B314: Blacklisted calls to xml.etree.ElementTree # B318: Blacklisted calls to xml.dom.minidom # B320: Blacklisted calls to lxml.etree # B404: Import of subprocess module # B405: import xml.etree # B408: import xml.minidom # B410: import lxml # B506: Test for use of yaml load # B602: Test for use of popen with shell equals true # B603: Test for use of subprocess without shell equals true # B604: Test for any function with shell equals true # B605: Test for starting a process with a shell # B607: Test for starting a process with a partial path # B608: Possible SQL injection vector through string-based query # # Note: 'skips' entry cannot be split across multiple lines # skips = B101,B103,B104,B105,B108,B110,B303,B307,B310,B311,B314,B318,B320,B404,B405,B408,B410,B506,B602,B603,B604,B605,B607,B608 exclude = tests [testenv:bandit] deps = -r{toxinidir}/test-requirements.txt commands = bandit --ini tox.ini -n 5 -r k8sapp_oidc [testenv:pylint] install_command = pip install -v -v -v \ -c{env:UPPER_CONSTRAINTS_FILE:https://opendev.org/starlingx/root/raw/branch/master/build-tools/requirements/debian/upper-constraints.txt} \ {opts} {packages} commands = pylint {posargs} k8sapp_oidc --rcfile=./pylint.rc [testenv:cover] # not sure is passenv is still needed passenv = CURL_CA_BUNDLE deps = {[testenv]deps} setenv = {[testenv]setenv} PYTHON=coverage run --parallel-mode commands = {[testenv]commands} coverage erase stestr run {posargs} coverage combine coverage html -d cover coverage xml -o cover/coverage.xml coverage report [testenv:pip-missing-reqs] # do not install test-requirements as that will pollute the virtualenv for # determining missing packages # this also means that pip-missing-reqs must be installed separately, outside # of the requirements.txt files deps = pip_missing_reqs -rrequirements.txt commands=pip-missing-reqs -d --ignore-file=/k8sapp_oidc/tests k8sapp_oidc [testenv:metadata] install_command = pip install -v -v -v \ -c{env:UPPER_CONSTRAINTS_FILE:https://opendev.org/starlingx/root/raw/branch/master/build-tools/requirements/debian/upper-constraints.txt} \ {opts} {packages} # Pass top level app folder to 'sysinv-app tox' command. commands = bash -c "echo $(dirname $(dirname $(pwd))) | xargs -n 1 sysinv-app tox"