From 802f8607e1fc5d1ab94b7dd2e6d1f7c0ababa5d4 Mon Sep 17 00:00:00 2001
From: Nicolas <nh202b@att.com>
Date: Tue, 18 Apr 2017 05:18:55 -0700
Subject: [PATCH] Add bandit job to the pep8 gate for Murano

This patch updates the pep8 tox job to also run bandit,
as is the convention across most projects.
The predefined bandit tox job is referenced by the pep8 tox job.

Change-Id: Ief99196c04f69499bcf328ec202971f82ff3c32e
---
 murano/common/xmlutils.py | 3 ++-
 tox.ini                   | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/murano/common/xmlutils.py b/murano/common/xmlutils.py
index 1231a5902..7e3a78b2d 100644
--- a/murano/common/xmlutils.py
+++ b/murano/common/xmlutils.py
@@ -67,6 +67,7 @@ def safe_minidom_parse_string(xml_string):
 
     """
     try:
-        return minidom.parseString(xml_string, parser=ProtectedExpatParser())
+        return minidom.parseString(  # nosec
+            xml_string, parser=ProtectedExpatParser())  # nosec
     except sax.SAXParseException:
         raise expat.ExpatError()
diff --git a/tox.ini b/tox.ini
index eb9ffeaaf..63a7b88ac 100644
--- a/tox.ini
+++ b/tox.ini
@@ -25,6 +25,7 @@ commands = murano-test-runner {posargs}
 [testenv:pep8]
 commands =
     flake8 {posargs}
+    {[testenv:bandit]commands}
 
 [testenv:bandit]
 commands = bandit -c bandit.yaml -r murano -x tests -n 5 -ll