add bandit to pep8 job

Add the bandit security scanner to the pep8 job.
Note: we skip some cases which we can't fix now.

Change-Id: Iad8b31d1c214376cbdca39fa28afa7f46af6ccca
This commit is contained in:
ChangBo Guo(gcb) 2017-11-30 10:59:56 +08:00
parent 9584101c99
commit 86fb3dcc27
2 changed files with 9 additions and 1 deletions

View File

@ -14,3 +14,6 @@ sphinx>=1.6.2 # BSD
reno>=2.5.0 # Apache-2.0
eventlet!=0.18.3,!=0.20.1,<0.21.0,>=0.18.2 # MIT
# Bandit security code scanner
bandit>=1.1.0 # Apache-2.0

View File

@ -14,7 +14,12 @@ commands =
env TEST_EVENTLET=1 lockutils-wrapper python setup.py testr --slowest --testr-args='{posargs}'
[testenv:pep8]
commands = flake8
deps =
-r{toxinidir}/test-requirements.txt
commands =
flake8
# Run security linter
bandit -r oslo_concurrency -x tests -n5 --skip B311,B404,B603,B606
[testenv:venv]
commands = {posargs}