python-openstackclient/tox.ini
blue55 20c23d8ccb Enable some off-by-default checks
Some of the available checks are disabled by default, like:
[H203] Use assertIs(Not)None to check for None

Change-Id: I59dafb62cedc5217b6e5eb6efb997a9ee3c29bbb
2017-06-23 16:31:48 +08:00

94 lines
3.4 KiB
INI

[tox]
minversion = 2.3
envlist = py35,py27,pep8
skipdist = True
[testenv]
usedevelop = True
install_command =
{toxinidir}/tools/tox_install.sh {env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt} {opts} {packages}
setenv = VIRTUAL_ENV={envdir}
deps = -r{toxinidir}/test-requirements.txt
commands = ostestr {posargs}
whitelist_externals = ostestr
[testenv:fast8]
# Use same environment directory as pep8 env to save space and install time
envdir = {toxworkdir}/pep8
commands =
{toxinidir}/tools/fast8.sh
[testenv:pep8]
commands =
flake8
bandit -r openstackclient -x tests -s B105,B106,B107,B401,B404,B603,B606,B607,B110,B605,B101
[testenv:bandit]
# This command runs the bandit security linter against the openstackclient
# codebase minus the tests directory. Some tests are being excluded to
# reduce the number of positives before a team inspection, and to ensure a
# passing gate job for initial addition. The excluded tests are:
# B105-B107: hardcoded password checks - likely to generate false positives
# in a gate environment
# B401: import subprocess - not necessarily a security issue; this plugin is
# mainly used for penetration testing workflow
# B603,B606: process without shell - not necessarily a security issue; this
# plugin is mainly used for penetration testing workflow
# B607: start process with a partial path - this should be a project level
# decision
# NOTE(elmiko): The following tests are being excluded specifically for
# python-openstackclient, they are being excluded to ensure that voting jobs
# in the project and in bandit integration tests continue to pass. These
# tests have generated issue within the project and should be investigated
# by the project.
# B110: try, except, pass detected - possible security issue; this should be
# investigated by the project for possible exploitation
# B605: process with a shell - possible security issue; this should be
# investigated by the project for possible exploitation
# B101: use of assert - this code will be removed when compiling to optimized
# byte code
commands =
bandit -r openstackclient -x tests -s B105,B106,B107,B401,B404,B603,B606,B607,B110,B605,B101
[testenv:functional]
setenv = OS_TEST_PATH=./openstackclient/tests/functional
passenv = OS_*
[testenv:functional-tips]
setenv = OS_TEST_PATH=./openstackclient/tests/functional
passenv = OS_*
commands =
pip install -q -U -e "git+file:///opt/stack/new/osc-lib#egg=osc_lib"
pip install -q -U -e "git+file:///opt/stack/new/python-openstacksdk#egg=openstacksdk"
pip install -q -U -e "git+file:///opt/stack/new/os-client-config#egg=os_client_config"
pip freeze
ostestr {posargs}
[testenv:venv]
commands = {posargs}
[testenv:cover]
commands =
python setup.py test --coverage --testr-args='{posargs}'
coverage report
[testenv:debug]
passenv = OS_*
commands =
oslo_debug_helper -t openstackclient/tests {posargs}
[testenv:docs]
commands = python setup.py build_sphinx
[testenv:releasenotes]
commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
[flake8]
show-source = True
# H203: Use assertIs(Not)None to check for None
enable-extensions = H203
exclude = .git,.tox,dist,doc,*lib/python*,*egg,build,tools
# If 'ignore' is not set there are default errors and warnings that are set
# Doc: http://flake8.readthedocs.org/en/latest/config.html#default
ignore = __