add bandit security linter
skip B104:hardcoded_bind_all_interfaces since we are an API, so we need to bind to all interfaces, skip this test for now. Change-Id: I2ce3eccb28872b81c04f79e2434833f8c038af3f
This commit is contained in:
parent
6ff6a3147a
commit
9f5a7ad26b
|
@ -39,7 +39,7 @@ LOG = logging.getLogger(__name__)
|
|||
|
||||
occi_opts = [
|
||||
config.cfg.StrOpt('ooi_listen',
|
||||
default="0.0.0.0",
|
||||
default="0.0.0.0", # nosec
|
||||
help='The IP address on which the OCCI (ooi) API '
|
||||
'will listen.'),
|
||||
config.cfg.IntOpt('ooi_listen_port',
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
hacking>=0.9.2,<0.10
|
||||
hacking>=0.9.2,<0.10a
|
||||
bandit>=1.1.0 # Apache-2.0
|
||||
coverage>=3.6
|
||||
fixtures>=0.3.14
|
||||
python-subunit>=0.0.18
|
||||
|
|
12
tox.ini
12
tox.ini
|
@ -29,7 +29,17 @@ commands =
|
|||
|
||||
|
||||
[testenv:pep8]
|
||||
commands = flake8
|
||||
commands =
|
||||
flake8
|
||||
# Run security linter
|
||||
# B110: except: pass
|
||||
# B410: importing etree
|
||||
bandit -r ooi -x tests -s B110,B410
|
||||
|
||||
[testenv:bandit]
|
||||
# NOTE(browne): This is required for the integration test job of the bandit
|
||||
# project. Please do not remove.
|
||||
commands = bandit -r ooi -x tests -s B110,B410
|
||||
|
||||
[testenv:venv]
|
||||
commands = {posargs}
|
||||
|
|
Loading…
Reference in New Issue