Add more_info URL to the YAML output

Currently, outputting bandit findings as YAML does not put the
``more_info`` URL in the output as it would if the output format
is HTML or JSON.  This patch set updates the YAML formatter to
include the ``more_info`` URL to be inline with the HTML and JSON
formatters.

Change-Id: Ice134e3bbf67c59feb7a88b299e60838b6ad80d5
Closes-Bug: #1746827

bandit/formatters/yaml.py

@@ -60,6 +60,7 @@ This formatter outputs the issues in a yaml format.
       line_number: 6
       line_range:
       - 6
+      more_info: https://docs.openstack.org/bandit/latest/
       test_id: B506
       test_name: yaml_load
 
@@ -77,6 +78,8 @@ import sys
 
 import yaml
 
+from bandit.core import docs_utils
+
 LOG = logging.getLogger(__name__)
 
 
@@ -98,6 +101,8 @@ def report(manager, fileobj, sev_level, conf_level, lines=-1):
                                      conf_level=conf_level)
 
     collector = [r.as_dict() for r in results]
+    for elem in collector:
+        elem['more_info'] = docs_utils.get_url(elem['test_id'])
 
     itemgetter = operator.itemgetter
     if manager.agg_type == 'vuln':

releasenotes/notes/add-url-in-yaml-0bfdcc93f5b6d118.yaml

@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    [bug/1746827] The ``more_info`` URL link displayed in the HTML and JSON
+    outputs is now also available in the YAML output.

tests/unit/formatters/test_yaml.py

@@ -94,3 +94,5 @@ class JsonFormatterTests(testtools.TestCase):
                              data['results'][0]['line_range'])
             self.assertEqual(self.check_name, data['results'][0]['test_name'])
             self.assertIn('candidates', data['results'][0])
+            self.assertIn('more_info', data['results'][0])
+            self.assertIsNotNone(data['results'][0]['more_info'])