Fix bandit tox environment to properly run

These changes were necessary:
- Move bandit dependency from test-requirements-bandit.txt to
  test-requirements.txt
- Only print high and medium severity errors (-ll)
- Rename blacklist_functions to proper plugin name of
  blacklist_calls

Change-Id: Ibf2a16e3fc62aadc995c70b5dfe2258f1cf23f85

bandit.yaml

@@ -21,7 +21,6 @@ plugin_name_pattern: '*.py'
 # globs of files which should be analyzed
 include:
     - '*.py'
-    - '*.pyw'
 
 # a list of strings, which if found in the path will cause files to be excluded
 # for example /tests/ - to remove all all files in tests directory
@@ -47,7 +46,7 @@ profiles:
         include:
             - hardcoded_sql_expressions
 
-blacklist_functions:
+blacklist_calls:
     bad_name_sets:
         - pickle:
             qualnames: [pickle.loads, pickle.load, pickle.Unpickler,

test-requirements-bandit.txt

@@ -1 +0,0 @@
-bandit==0.10.1

test-requirements.txt

@@ -22,3 +22,5 @@ coverage>=3.6
 # this is required for the docs build jobs
 oslosphinx>=2.5.0  # Apache-2.0
 sphinx>=1.1.2,!=1.2.0,!=1.3b1,<1.3
+
+bandit>=0.10.1

tox.ini

@@ -17,8 +17,8 @@ deps = -r{toxinidir}/requirements.txt
 commands = pylint oslo
 
 [testenv:bandit]
-deps = -r{toxinidir}/test-requirements-bandit.txt
+deps = -r{toxinidir}/test-requirements.txt
-commands = bandit -c bandit.yaml -r oslo_vmware -n 5
+commands = bandit -c bandit.yaml -r oslo_vmware -n 5 -ll
 
 [testenv:docs]
 commands = python setup.py build_sphinx