x
/
ooi
Code Issues Proposed changes

add bandit security linter 

skip B104:hardcoded_bind_all_interfaces since we are an API, so we need
to bind to all interfaces, skip this test for now.

Change-Id: I2ce3eccb28872b81c04f79e2434833f8c038af3f
This commit is contained in:
Alvaro Lopez Garcia 2016-11-21 14:42:59 +01:00
parent 6ff6a3147a
commit 9f5a7ad26b
3 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ooi/wsgi/__init__.py
View File

@ -39,7 +39,7 @@ LOG = logging.getLogger(__name__)
occi_opts = [ occi_opts = [
config.cfg.StrOpt('ooi_listen', config.cfg.StrOpt('ooi_listen',
default="0.0.0.0", default="0.0.0.0", # nosec
help='The IP address on which the OCCI (ooi) API ' help='The IP address on which the OCCI (ooi) API '
'will listen.'), 'will listen.'),
config.cfg.IntOpt('ooi_listen_port', config.cfg.IntOpt('ooi_listen_port',

3
test-requirements.txt
View File

@ -1,4 +1,5 @@
hacking>=0.9.2,<0.10 hacking>=0.9.2,<0.10a
bandit>=1.1.0 # Apache-2.0
coverage>=3.6 coverage>=3.6
fixtures>=0.3.14 fixtures>=0.3.14
python-subunit>=0.0.18 python-subunit>=0.0.18

12
tox.ini
View File

@ -29,7 +29,17 @@ commands =
[testenv:pep8] [testenv:pep8]
commands = flake8 commands =
flake8
# Run security linter
# B110: except: pass
# B410: importing etree
bandit -r ooi -x tests -s B110,B410
[testenv:bandit]
# NOTE(browne): This is required for the integration test job of the bandit
# project. Please do not remove.
commands = bandit -r ooi -x tests -s B110,B410
[testenv:venv] [testenv:venv]
commands = {posargs} commands = {posargs}