We do not need tox_install.sh, pip can handle constraints itself
and install the project correctly. Thus update tox.ini and remove
the now obsolete tools/tox_install.sh file.
This follows https://review.openstack.org/#/c/508061 to remove
tools/tox_install.sh.
Change-Id: I85d256e9e66bbf940f5b645c4a887b1f2a3707de
Adding constraints support to libraries is slightly more complex than
services as the libraries themselves are listed in upper-constraints.txt
which leads to errors that you can't install a specific version and a
constrained version.
This change adds constraints support by also adding a helper script to
edit the constraints to remove bandit.
Change-Id: Id9826953ea4f63702af427c0170c235afb91abaf
Can no longer rely on Zuul's layout.yml to just have str's in its
set of test names, so we coerce to str. Somewhat hacky workaround
but works for now.
Change-Id: Ib6676f0f106345e6919e81b1ca5327c8f2e5e8dd
This commit adds to the openstack coverage tool. Specifically we
add a '-t' option. If provided, this option will git clone any
project which uses Bandit in a job, run the tox Bandit job,
capture the output of any failed run, and display a summary table
at the end.
This tool is to support pre-release Bandit checking to make sure
that our changes haven't introduced any new issues in projects
which use it.
Change-Id: I321bcb15b59e3ee00ed2f2c6c2c890b77f30370e
This script is intended for inclusion in the Bandit repository and usage
by the Bandit and other OpenStack teams. It is not intended for inclusion
in Bandit packages / distribution.
It executes against Jenkins and Zuul configuration files in the
openstack-infra/project-config repository, parses out Bandit jobs
and tests, and prints a summary of results.
It includes definition of an openstack_coverage testenv in tox.ini with
basic PyYAML and request dependencies to allow easy venv creation and
script execution.
Co-Authored-By: Ian Cordasco <graffatcolmingov@gmail.com>
Change-Id: I2d133146223a6b185347662b47cc2bd6355a0900