From 6ab82889af6bdf4232045a473f4762c5c0401252 Mon Sep 17 00:00:00 2001 From: albailey Date: Thu, 17 Dec 2020 13:18:43 -0600 Subject: [PATCH] Fix zuul jobs broken due to pip upversion The install_command for docs, newnote and api-ref needed to be overridden to not use upper constraints. The bandit requirement needed to be made python3 only. The bandit scan was failing, so it is now updated to allow individual bandit failures to be suppressed in tox.ini Need to include a py file change in order for bandit to be triggered by zuul. Partial-Bug: #1907678 Signed-off-by: albailey Change-Id: Ic73d0ea590ab1b7857f7275fa9c71828b0d343ee --- service-mgmt-client/sm-client/sm_client/shell.py | 2 +- test-requirements.txt | 2 +- tox.ini | 11 +++++++++-- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/service-mgmt-client/sm-client/sm_client/shell.py b/service-mgmt-client/sm-client/sm_client/shell.py index 7da3795e..761cfbdb 100644 --- a/service-mgmt-client/sm-client/sm_client/shell.py +++ b/service-mgmt-client/sm-client/sm_client/shell.py @@ -1,5 +1,5 @@ # -# Copyright (c) 2014-2018 Wind River Systems, Inc. +# Copyright (c) 2014-2020 Wind River Systems, Inc. # # SPDX-License-Identifier: Apache-2.0 # diff --git a/test-requirements.txt b/test-requirements.txt index 1132aeaa..0f06d18a 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -2,4 +2,4 @@ hacking bashate >= 0.2 PyYAML >= 3.1.0 yamllint >= 0.5.2 -bandit!=1.6.0,>=1.1.0,<2.0.0 +bandit;python_version>="3.0" diff --git a/tox.ini b/tox.ini index 16508019..964cfa6f 100644 --- a/tox.ini +++ b/tox.ini @@ -74,7 +74,7 @@ commands = # H501: Do not use locals() for string formatting # W are warnings # W504 W504 line break after binary operator -# W605 invalid escape sequence +# W605 invalid escape sequence # - errors - # E741 ambiguous variable name # F811 redefinition of unused '' from line @@ -113,6 +113,7 @@ commands = {posargs} [testenv:docs] basepython = python3 +install_command = pip install -U {opts} {packages} deps = -r{toxinidir}/doc/requirements.txt commands = rm -rf doc/build @@ -130,12 +131,14 @@ whitelist_externals = rm [testenv:newnote] basepython = python3 # Re-use the releasenotes venv +install_command = pip install -U {opts} {packages} envdir = {toxworkdir}/releasenotes deps = -r{toxinidir}/doc/requirements.txt commands = reno new {posargs} [testenv:api-ref] basepython = python3 +install_command = pip install -U {opts} {packages} deps = -r{toxinidir}/doc/requirements.txt commands = @@ -143,8 +146,12 @@ commands = sphinx-build -W -b html -d api-ref/build/doctrees api-ref/source api-ref/build/html whitelist_externals = rm +[bandit] +# B411: blacklist Using xmlrpclib +skips = B411 + [testenv:bandit] basepython = python3 description = Bandit code scan for *.py files under config folder deps = -r{toxinidir}/test-requirements.txt -commands = bandit -r {toxinidir}/ -x '**/.tox/**',**/.eggs/** -lll +commands = bandit --ini tox.ini -r {toxinidir}/ -x '**/.tox/**',**/.eggs/** -lll