From 1200d7a24d23ff4ce7585d4391ac6976c486423c Mon Sep 17 00:00:00 2001
From: Brant Knudson <bknudson@us.ibm.com>
Date: Wed, 13 Jan 2016 11:47:37 -0600
Subject: [PATCH] Bandit profile updates

We'd like to use the same "gate" profile for all OpenStack gate jobs,
so the "keystone_conservative" job which we were running as part of
the gate is change to "gate.

The other profiles that aren't used as part of the gate are removed.

Change-Id: I3dac68804bfa4930ac0dc6b4edeedd888577f3e5
---
 bandit.yaml | 17 +----------------
 tox.ini     |  2 +-
 2 files changed, 2 insertions(+), 17 deletions(-)

diff --git a/bandit.yaml b/bandit.yaml
index d4e7dbca..f86e6fed 100644
--- a/bandit.yaml
+++ b/bandit.yaml
@@ -29,7 +29,7 @@ exclude_dirs:
     - '/tests/'
 
 profiles:
-    keystone_conservative:
+    gate:
         include:
             - blacklist_functions
             - blacklist_imports
@@ -40,21 +40,6 @@ profiles:
             - linux_commands_wildcard_injection
             - ssl_with_bad_version
 
-
-    keystone_verbose:
-        include:
-            - blacklist_functions
-            - blacklist_imports
-            - request_with_no_cert_validation
-            - exec_used
-            - set_bad_file_permissions
-            - hardcoded_tmp_directory
-            - subprocess_popen_with_shell_equals_true
-            - any_other_function_with_shell_equals_true
-            - linux_commands_wildcard_injection
-            - ssl_with_bad_version
-            - ssl_with_bad_defaults
-
 blacklist_functions:
     bad_name_sets:
         - pickle:
diff --git a/tox.ini b/tox.ini
index 4a190193..1d1fc957 100644
--- a/tox.ini
+++ b/tox.ini
@@ -30,7 +30,7 @@ commands = oslo_debug_helper {posargs}
 
 [testenv:bandit]
 deps = -r{toxinidir}/test-requirements.txt
-commands = bandit -c bandit.yaml -r keystonemiddleware -n5 -p keystone_conservative
+commands = bandit -c bandit.yaml -r keystonemiddleware -n5 -p gate
 
 [flake8]
 # NOTE(lbragstad): Even though we aren't ignoring any hacking checks, we have