From ac19bb5e9579f40381442d0dcb62071358ae7f5b Mon Sep 17 00:00:00 2001 From: Travis McPeak Date: Mon, 4 May 2015 15:30:22 -0400 Subject: [PATCH] Changing config file search paths This commit changes the location that the Bandit config file, bandit.yaml, is stored and how it is packaged. Previously, the config file was listed as a data_file which is supposed to be outside of the Bandit installed package. This meant that depending on the system it might be installed in different places (/etc, or /usr/lcoal/etc, for example). When Bandit was installed in a virutal environment the installed location would change once again. Another disadvantage to this approach is that installing Bandit might require sudo, and Bandit might not clean up its config properly. This commit changes the packaging so that bandit.yaml is always installed in bandit/config/bandit.yaml. If there is a bandit config file in the current directory or the user's home directory, these are still preferred. Change-Id: I5f971aa208dd2599f852b5253b4401990201cc8f --- bandit/bandit.py | 39 +++++++++++++++--------- bandit.yaml => bandit/config/bandit.yaml | 0 setup.cfg | 10 +++--- tests/test_functional.py | 2 +- 4 files changed, 29 insertions(+), 22 deletions(-) rename bandit.yaml => bandit/config/bandit.yaml (100%) diff --git a/bandit/bandit.py b/bandit/bandit.py index c4fdbab8..da4ff315 100755 --- a/bandit/bandit.py +++ b/bandit/bandit.py @@ -81,24 +81,33 @@ def main(): args = parser.parse_args() config_file = args.config_file if not config_file: - if 'VIRTUAL_ENV' in os.environ: - etc_config = '%s/etc/bandit/%s' % (os.environ['VIRTUAL_ENV'], - default_test_config) - else: - etc_config = '/etc/bandit/%s' % (default_test_config) - home_config = "%s/.config/bandit/%s" % (os.environ['HOME'], - default_test_config) - if os.access(default_test_config, os.R_OK): - config_file = default_test_config - elif os.access(home_config, os.R_OK): - config_file = home_config - elif os.access(etc_config, os.R_OK): - config_file = etc_config + + home_config = None + + # attempt to get the home directory from environment + home_dir = os.environ.get('HOME') + if home_dir: + home_config = "%s/.config/bandit/%s" % (home_dir, + default_test_config) + + installed_config = str(os.path.dirname(os.path.realpath(__file__)) + + '/config/%s' % default_test_config) + + # prefer config file in the following order: + # 1) current directory, 2) user home directory, 3) bundled config + config_paths = [default_test_config, home_config, installed_config] + + for path in config_paths: + if path and os.access(path, os.R_OK): + config_file = path + break if not config_file: # no logger yet, so using print - print ("no config file found, tried ... \n\t%s \n\t%s \n\t%s") % ( - etc_config, home_config, default_test_config) + print ("no config found, tried ...") + for path in config_paths: + if path: + print ("\t%s" % path) sys.exit(2) b_mgr = b_manager.BanditManager(config_file, args.agg_type, diff --git a/bandit.yaml b/bandit/config/bandit.yaml similarity index 100% rename from bandit.yaml rename to bandit/config/bandit.yaml diff --git a/setup.cfg b/setup.cfg index 556fa05c..dca403f5 100644 --- a/setup.cfg +++ b/setup.cfg @@ -19,12 +19,10 @@ classifier = Programming Language :: Python :: 2.7 Topic :: Security -[files] -packages = - bandit -data_files = - etc/bandit = bandit.yaml - [entry_points] console_scripts = bandit = bandit.bandit:main + +[files] +package_data = + bandit = config/bandit.yaml diff --git a/tests/test_functional.py b/tests/test_functional.py index 85f9960a..50fdc6fe 100644 --- a/tests/test_functional.py +++ b/tests/test_functional.py @@ -24,7 +24,7 @@ from bandit.core import manager as b_manager from bandit.core import test_set as b_test_set -cfg_file = os.path.join(os.getcwd(), 'bandit.yaml') +cfg_file = os.path.join(os.getcwd(), 'bandit/config/bandit.yaml') class FunctionalTests(unittest.TestCase):