Replaces Huawei driver XML with defusedxml

Replaces Huawei driver's use of Python's
native XML library methods with defusedxml's
methods instead. The native library is vulnerable
to XML attacks while defusedxml isn't. This also
makes Bandit 3 issues happier.

Change-Id: I27d1204ec7dafd3b578d1261c3fd2e371ae405fb

manila/share/drivers/huawei/huawei_nas.py

@@ -14,8 +14,7 @@
 #    under the License.
 
 """Huawei Nas Driver for Huawei storage arrays."""
-from xml.etree import ElementTree as ET
-
+from defusedxml import ElementTree as ET
 from oslo_config import cfg
 from oslo_log import log
 from oslo_utils import importutils

manila/share/drivers/huawei/v3/helper.py

@@ -17,8 +17,8 @@ import base64
 import copy
 import requests
 import time
-from xml.etree import ElementTree as ET
 
+from defusedxml import ElementTree as ET
 from oslo_log import log
 from oslo_serialization import jsonutils
 

manila/tests/share/drivers/huawei/test_huawei_nas.py

@@ -25,8 +25,8 @@ from unittest import mock
 import xml.dom.minidom
 
 import ddt
+from defusedxml import ElementTree as ET
 from oslo_serialization import jsonutils
-from xml.etree import ElementTree as ET
 
 from manila.common import constants as common_constants
 from manila import context

requirements.txt

@@ -10,6 +10,7 @@
 pbr>=5.5.0 # Apache-2.0
 
 alembic>=1.4.2 # MIT
+defusedxml>=0.7.1 # PSFL
 eventlet>=0.26.1 # MIT
 greenlet>=0.4.16 # MIT
 lxml>=4.5.2 # BSD