From 89e2fad8ef856f0e3651e4ea5784d28bc9aeb229 Mon Sep 17 00:00:00 2001 From: Bernard Cafarelli Date: Tue, 15 Dec 2020 13:24:36 +0100 Subject: [PATCH] Move linters dependencies to tox.ini Another item noted with the new pip resolver [1], linters dependencies in test-requirements.txt may cause resolver issues (trying to pull in enum34), conflicting requirements and cause them to be installed for all test jobs. Move them to tox.ini as was done for some projects already (this may be backported/squashed with pip resolver fix in stable branches depending on how fixing these will go). [1] http://lists.openstack.org/pipermail/openstack-discuss/2020-December/019362.html Change-Id: I0111c41bea6a6caf5ffba1f5c34489854d9c9747 --- lower-constraints.txt | 1 - test-requirements.txt | 5 ----- tox.ini | 12 +++++++++++- 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/lower-constraints.txt b/lower-constraints.txt index a0dada5f670..cee619c3351 100644 --- a/lower-constraints.txt +++ b/lower-constraints.txt @@ -3,7 +3,6 @@ alembic==0.9.6 amqp==2.5.0 appdirs==1.4.3 Babel==2.3.4 -bashate==0.5.1 beautifulsoup4==4.6.0 cachetools==2.0.0 cryptography<3.3 diff --git a/test-requirements.txt b/test-requirements.txt index 1a0b5ddb898..09017a1991d 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -1,11 +1,8 @@ # The order of packages is significant, because pip processes them in the order # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. -hacking>=3.0.1,<3.1.0 # Apache-2.0 -bandit!=1.6.0,>=1.1.0 # Apache-2.0 coverage!=4.4,>=4.0 # Apache-2.0 fixtures>=3.0.0 # Apache-2.0/BSD -flake8-import-order==0.18.1 # LGPLv3 python-subunit>=1.0.0 # Apache-2.0/BSD testtools>=2.2.0 # MIT testresources>=2.0.0 # Apache-2.0/BSD @@ -16,8 +13,6 @@ stestr>=1.0.0 # Apache-2.0 reno>=3.1.0 # Apache-2.0 ddt>=1.0.1 # MIT astroid==2.4.0 # LGPLv2.1 -pylint==2.5.3 # GPLv2 isort==4.3.21 # MIT # Needed to run DB commands in virtualenvs PyMySQL>=0.7.6 # MIT License -bashate>=0.5.1 # Apache-2.0 diff --git a/tox.ini b/tox.ini index f8f9f81e995..3c186b8e657 100644 --- a/tox.ini +++ b/tox.ini @@ -17,6 +17,7 @@ deps = -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master} -r{toxinidir}/requirements.txt -r{toxinidir}/test-requirements.txt + hacking>=3.0.1,<3.1.0 # Apache-2.0 whitelist_externals = sh commands = {toxinidir}/tools/pip_install_src_modules.sh "{toxinidir}" @@ -96,6 +97,10 @@ commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasen envdir = {toxworkdir}/shared deps = {[testenv]deps} + {[testenv:bashate]deps} + {[testenv:bandit]deps} + flake8-import-order==0.18.1 # LGPLv3 + pylint==2.5.3 # GPLv2 commands= # If it is easier to add a check via a shell script, consider adding it in this file sh ./tools/misc-sanity-checks.sh @@ -203,11 +208,15 @@ envdir = {toxworkdir}/shared # B303: prohibit list calls: md5, sha1 # B311: Standard pseudo-random generators are not suitable for security/cryptographic purpose # B604: any_other_function_with_shell_equals_true -deps = -r{toxinidir}/test-requirements.txt +deps = + bandit!=1.6.0,>=1.1.0 # Apache-2.0 + -r{toxinidir}/test-requirements.txt commands = bandit -r neutron -x tests -n5 -s B104,B303,B311,B604 [testenv:bashate] envdir = {toxworkdir}/shared +deps = + bashate>=0.5.1 # Apache-2.0 commands = bash -c "find {toxinidir} \ -not \( -type d -name .tox\* -prune \) \ -not \( -type d -name .venv\* -prune \) \ @@ -243,6 +252,7 @@ deps = -c{toxinidir}/lower-constraints.txt -r{toxinidir}/test-requirements.txt -r{toxinidir}/requirements.txt + hacking>=3.0.1,<3.1.0 # Apache-2.0 [testenv:requirements] deps =