Merge "Adds Bandit testing environment to tox.ini"

2024-05-02 20:17:46 +00:00 · 2024-05-02 20:17:46 +00:00 · 7aa1caf283
parent c05f4ae341 119c906ba6
commit 7aa1caf283
3 changed files with 21 additions and 1 deletions
--- a/.zuul.yaml
+++ b/.zuul.yaml
@ -12,6 +12,7 @@
            voting: false
        - manila-ui-integration-tests:
            voting: false
+        - manila-ui-tox-bandit
    gate:
      jobs:
        - manila-ui-integration-tests:
@ -87,3 +88,18 @@
      devstack_services:
        horizon: true
      tox_envlist: integration
+
+
+- job:
+  # Security testing for known issues
+    name: manila-ui-tox-bandit
+    parent: openstack-tox
+    timeout: 2400
+    vars:
+      tox_envlist: bandit
+    irrelevant-files:
+      - ^.*\.rst$
+      - ^doc/.*$
+      - ^manila-ui/tests/.*$
+      - ^releasenotes/.*$
+      - ^tox.ini$
--- a/manila_ui/dashboards/utils.py
+++ b/manila_ui/dashboards/utils.py
@ -96,7 +96,7 @@ def metadata_to_str(metadata, meta_visible_limit=4, text_length_limit=25):
    meta_str = "<br/>".join(meta)
    if len(metadata.keys()) > meta_visible_limit and meta_str[-3:] != "...":
        meta_str += '...'
-    return mark_safe(meta_str)
+    return mark_safe(meta_str)  # nosec B308


 def get_nice_security_service_type(security_service):
--- a/tox.ini
+++ b/tox.ini
@ -31,6 +31,10 @@ commands =
  pip install {env:HORIZON_REPO:git+https://opendev.org/openstack/horizon}
  {[testenv]commands}

+[testenv:bandit]
+deps = bandit
+commands = bandit -r manila_ui -x manila_ui/tests/* -n5 -ll
+
 [testenv:integration]
 # Run integration tests only
 passenv = AVCONV_INSTALLED