stx-puppet/test-requirements.txt at 4134023ab84d8a635b118d5e3ff26ade3bbe535b - stx-puppet - OpenDev: Free Software Needs Free Tools

starlingx/stx-puppet

Sharath Kumar K 4134023ab8 Tox and Zuul job for the bandit code scan in stx/stx-puppet

Setting up the bandit tool for the scanning of HIGH severity issues
in the python codes under Starlingx/stx-puppet folder.
Expecting this merge will enable zuul job for CI/CD of bandit scan.

Configuration files:
1. tox.ini for adding bandit environment and command.
2. test-requirements.txt for adding bandit version.
3. .zuul.yaml file for adding bandit job and configuring under
   check job to run code scan every time before code commit.

Test:
Run tox -e bandit command inside the fault folder to validate the
bandit scan and result.

Story: 2007541
Task: 39687
Depends-On: https://review.opendev.org/#/c/721294/

Change-Id: I2982268db2b5e75feeb287bc95420fedc9b0d816
Signed-off-by: Sharath Kumar K <sharath.kumar@intel.com>

2020-05-19 14:08:03 +00:00

5 lines

114 B

Plaintext

Raw Blame History

 # hacking pulls in flake8
 hacking!=0.13.0,<0.14,>=0.12.0 # Apache-2.0
 bashate >= 0.2
 bandit!=1.6.0,>=1.1.0,<2.0.0