Add bandit job to the pep8 gate for Murano

This patch updates the pep8 tox job to also run bandit, as is the convention across most projects. The predefined bandit tox job is referenced by the pep8 tox job. Change-Id: Ief99196c04f69499bcf328ec202971f82ff3c32e
2017-04-18 05:18:55 -07:00 · 2017-04-18 05:18:55 -07:00 · 802f8607e1
parent 467e3caa80
commit 802f8607e1
2 changed files with 3 additions and 1 deletions
--- a/murano/common/xmlutils.py
+++ b/murano/common/xmlutils.py
@ -67,6 +67,7 @@ def safe_minidom_parse_string(xml_string):

    """
    try:
-        return minidom.parseString(xml_string, parser=ProtectedExpatParser())
+        return minidom.parseString(  # nosec
+            xml_string, parser=ProtectedExpatParser())  # nosec
    except sax.SAXParseException:
        raise expat.ExpatError()
--- a/tox.ini
+++ b/tox.ini
@ -25,6 +25,7 @@ commands = murano-test-runner {posargs}
 [testenv:pep8]
 commands =
    flake8 {posargs}
+    {[testenv:bandit]commands}

 [testenv:bandit]
 commands = bandit -c bandit.yaml -r murano -x tests -n 5 -ll