Enable py3-bandit and py3-flake8 zuul jobs
This reverts commit 4146e2a859
.
Removed the calls to tox from within tox, and setup the
top level tox.ini for bandit and flake8 for the sub folders.
Change-Id: I682869c8e839f4f59cdce48cd0b97b4a4324f4a7
Story: 2004515
Task: 40232
Signed-off-by: albailey <Al.Bailey@windriver.com>
This commit is contained in:
parent
551de77c61
commit
2302b0fe2e
|
@ -7,8 +7,8 @@
|
|||
check:
|
||||
jobs:
|
||||
- openstack-tox-linters
|
||||
# - py3-bandit
|
||||
# - py3-flake8
|
||||
- py3-bandit
|
||||
- py3-flake8
|
||||
- patch-tox-pylint
|
||||
- patch-tox-py27
|
||||
- patch-tox-py36
|
||||
|
@ -18,8 +18,8 @@
|
|||
gate:
|
||||
jobs:
|
||||
- openstack-tox-linters
|
||||
# - py3-bandit
|
||||
# - py3-flake8
|
||||
- py3-bandit
|
||||
- py3-flake8
|
||||
- patch-tox-pylint
|
||||
- patch-tox-py27
|
||||
- patch-tox-py36
|
||||
|
|
|
@ -2,6 +2,7 @@ hacking>=2.0<2.1
|
|||
|
||||
pycodestyle>=2.0.0 # MIT License
|
||||
mock>=2.0.0 # BSD
|
||||
bandit!=1.6.0,>=1.1.0,<2.0.0
|
||||
bashate >= 0.2
|
||||
PyYAML >= 3.1.0
|
||||
yamllint >= 0.5.2
|
||||
|
|
57
tox.ini
57
tox.ini
|
@ -67,6 +67,29 @@ commands =
|
|||
filename=
|
||||
*.preapply
|
||||
*.preremove
|
||||
*.py
|
||||
# ignore below errors , will fix flake8 errors in future
|
||||
# H101 Use TODO(NAME)
|
||||
# H102 Apache 2.0 license header not found
|
||||
# H105 Don't use author tags
|
||||
# H306 imports not in alphabetical order
|
||||
# H401 docstring should not start with a space
|
||||
# H404 multi line docstring should start without a leading new line
|
||||
# H405 multi line docstring summary not separated with an empty line
|
||||
# Note: W503 and W504 are mutually exclusive. Must select one of them to suppress.
|
||||
# W504 line break after binary operator
|
||||
# E501 line too long. skipped because some of the code files include templates
|
||||
# that end up quite wide
|
||||
# F401 'XXXXX' imported but unused
|
||||
show-source = True
|
||||
ignore = H101,H102,H105,H306,H401,H404,H405,
|
||||
W504,E501,F401
|
||||
exclude = .venv,.git,.tox,dist,doc,*lib/python*,*egg,build,release-tag-*
|
||||
# H106: Don't put vim configuration in source files (off by default).
|
||||
# H203: Use assertIs(Not)None to check for None (off by default).
|
||||
# enable: H904 Delay string interpolations at logging calls (off by default).
|
||||
enable-extensions = H106 H203 H904
|
||||
max-line-length = 120
|
||||
|
||||
[testenv:flake8]
|
||||
basepython = python3
|
||||
|
@ -75,8 +98,8 @@ whitelist_externals = cp
|
|||
tox
|
||||
recreate = True
|
||||
commands = {[testenv]commands}
|
||||
tox -c cgcs-patch/cgcs-patch -e flake8
|
||||
tox -c patch-alarm/patch-alarm -e flake8
|
||||
flake8 cgcs-patch/cgcs-patch/cgcs_patch
|
||||
flake8 patch-alarm/patch-alarm/patch_alarm
|
||||
flake8 {toxinidir}/patch-scripts/kube-upgrade
|
||||
|
||||
[testenv:venv]
|
||||
|
@ -108,15 +131,31 @@ commands = {[testenv]commands}
|
|||
tox -c cgcs-patch/cgcs-patch -e py36
|
||||
tox -c patch-alarm/patch-alarm -e py36
|
||||
|
||||
|
||||
[bandit]
|
||||
# B101: Test for use of assert
|
||||
# B104: Test for binding to all interfaces
|
||||
# B110: Try, Except, Pass detected.
|
||||
# B303: Use of insecure MD2, MD4, MD5, or SHA1 hash function.
|
||||
# B311: Standard pseudo-random generators are not suitable for security/cryptographic purposes
|
||||
# B314: Blacklisted calls to xml.etree.ElementTree
|
||||
# B318: Blacklisted calls to xml.dom.minidom
|
||||
# B404: Import of subprocess module
|
||||
# B405: import xml.etree
|
||||
# B408: import xml.minidom
|
||||
# B413: import pyCrypto
|
||||
# B506: Test for use of yaml load
|
||||
# B602: Test for use of popen with shell equals true
|
||||
# B603: Test for use of subprocess without shell equals true
|
||||
# B607: Test for starting a process with a partial path
|
||||
skips = B101,B104,B110,B303,B311,B314,B318,B404,B405,B408,B413,B506,B602,B603,B607
|
||||
exclude = tests
|
||||
|
||||
[testenv:bandit]
|
||||
basepython = python3
|
||||
commands = {[testenv]commands}
|
||||
tox -c cgcs-patch/cgcs-patch -e bandit
|
||||
tox -c patch-alarm/patch-alarm -e bandit
|
||||
deps = {[testenv]deps}
|
||||
recreate = True
|
||||
whitelist_externals = find
|
||||
tox
|
||||
description = Bandit code scan for *.py files source code folders
|
||||
deps = -r{toxinidir}/test-requirements.txt
|
||||
commands = bandit --ini tox.ini -r {toxinidir}/ -x '**/.tox/**,**/.eggs/**' -lll
|
||||
|
||||
[testenv:pylint]
|
||||
basepython = python2.7
|
||||
|
|
Loading…
Reference in New Issue