From 4dde5f3cb27186a86be90e6b85508ea236dcb630 Mon Sep 17 00:00:00 2001 From: "ChangBo Guo(gcb)" Date: Thu, 7 Dec 2017 13:43:21 +0800 Subject: [PATCH] Add bandit to pep8 job Add the bandit security scanner to the pep8 job. * skip B314,B405 * Don't use '/temp/file' Change-Id: I5ae66767178d037d312eb2ab0374dd6f137ecc7b --- oslo_reports/tests/test_guru_meditation_report.py | 6 +++--- test-requirements.txt | 3 +++ tox.ini | 7 ++++++- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/oslo_reports/tests/test_guru_meditation_report.py b/oslo_reports/tests/test_guru_meditation_report.py index b86bcf3..0a4f6b3 100644 --- a/oslo_reports/tests/test_guru_meditation_report.py +++ b/oslo_reports/tests/test_guru_meditation_report.py @@ -65,7 +65,7 @@ class GmrConfigFixture(fixture.Config): self.conf.set_override( 'file_event_handler', - '/tmp/file', + '/specific/file', group='oslo_reports') self.conf.set_override( 'file_event_handler_interval', @@ -201,7 +201,7 @@ class TestGuruMeditationReport(base.BaseTestCase): version = FakeVersionObj() gmr.TextGuruMeditation.setup_autorun(version, conf=self.CONF) mock_setup_fh.assert_called_once_with( - '/tmp/file', 10, version, None, '/var/fake_log') + '/specific/file', 10, version, None, '/var/fake_log') @mock.patch('os.stat') @mock.patch('time.sleep') @@ -215,7 +215,7 @@ class TestGuruMeditationReport(base.BaseTestCase): self.CONF.oslo_reports.file_event_handler_interval, version, None, self.CONF.oslo_reports.log_dir) - mock_stat.assert_called_once_with('/tmp/file') + mock_stat.assert_called_once_with('/specific/file') self.assertEqual(1, mock_thread.called) @mock.patch('oslo_utils.timeutils.utcnow', diff --git a/test-requirements.txt b/test-requirements.txt index 0db18b7..cc62351 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -16,3 +16,6 @@ greenlet>=0.4.10 # MIT coverage!=4.4,>=4.0 # Apache-2.0 reno>=2.5.0 # Apache-2.0 + +# Bandit security code scanner +bandit>=1.1.0 # Apache-2.0 diff --git a/tox.ini b/tox.ini index 565a1db..575bd77 100644 --- a/tox.ini +++ b/tox.ini @@ -11,7 +11,12 @@ install_command = pip install {opts} {packages} commands = python setup.py testr --slowest --testr-args='{posargs}' [testenv:pep8] -commands = flake8 +deps = + -r{toxinidir}/test-requirements.txt +commands = + flake8 + # Run security linter + bandit -r oslo_reports tests -n5 --skip B314,B405 [testenv:venv] commands = {posargs}