Adds Bandit testing environment to tox.ini

Enable the bandit test env in manila-ui Execute tox -e bandit to run it and also include zuul continous integration Getting rid of mark_safe()from the utils.py. This fix the issues in the utils.py Change-Id: Id75cbd8ce7e33ab4d920bdf389ac66f8d93f19dc
2024-02-06 20:31:09 +00:00 · 2024-02-06 20:31:09 +00:00 · 119c906ba6
parent 5c150c8cf4
commit 119c906ba6
3 changed files with 21 additions and 1 deletions
--- a/.zuul.yaml
+++ b/.zuul.yaml
@ -12,6 +12,7 @@
            voting: false
        - manila-ui-integration-tests:
            voting: false
+        - manila-ui-tox-bandit
    gate:
      jobs:
        - manila-ui-integration-tests:
@ -87,3 +88,18 @@
      devstack_services:
        horizon: true
      tox_envlist: integration
+
+
+- job:
+  # Security testing for known issues
+    name: manila-ui-tox-bandit
+    parent: openstack-tox
+    timeout: 2400
+    vars:
+      tox_envlist: bandit
+    irrelevant-files:
+      - ^.*\.rst$
+      - ^doc/.*$
+      - ^manila-ui/tests/.*$
+      - ^releasenotes/.*$
+      - ^tox.ini$
--- a/manila_ui/dashboards/utils.py
+++ b/manila_ui/dashboards/utils.py
@ -96,7 +96,7 @@ def metadata_to_str(metadata, meta_visible_limit=4, text_length_limit=25):
    meta_str = "<br/>".join(meta)
    if len(metadata.keys()) > meta_visible_limit and meta_str[-3:] != "...":
        meta_str += '...'
-    return mark_safe(meta_str)
+    return mark_safe(meta_str)  # nosec B308


 def get_nice_security_service_type(security_service):
--- a/tox.ini
+++ b/tox.ini
@ -31,6 +31,10 @@ commands =
  pip install {env:HORIZON_REPO:git+https://opendev.org/openstack/horizon}
  {[testenv]commands}

+[testenv:bandit]
+deps = bandit
+commands = bandit -r manila_ui -x manila_ui/tests/* -n5 -ll
+
 [testenv:integration]
 # Run integration tests only
 passenv = AVCONV_INSTALLED