From da7b5b99bb429b809754d93c037f3927788abab0 Mon Sep 17 00:00:00 2001
From: Hugo Brito <hugo.brito@windriver.com>
Date: Mon, 22 Jan 2024 15:07:43 -0300
Subject: [PATCH] Fix tox constraints and bandit

This changes the upper-constraints to point to our internal,
since the OpenStack Stein file doesn't exist anymore. Also,
a small fix detected by the Bandit tool.

Test Plan:
- Execute: tox -e bandit

Closes-bug: 2033294

Change-Id: I8735bcd2ad23f4269d83a3ffc880a8588e72b5a3
Signed-off-by: Hugo Brito <hugo.brito@windriver.com>
---
 distributedcloud/dccommon/drivers/openstack/sysinv_v1.py | 2 +-
 tox.ini                                                  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/distributedcloud/dccommon/drivers/openstack/sysinv_v1.py b/distributedcloud/dccommon/drivers/openstack/sysinv_v1.py
index 9e37a095c..d5da9ebc6 100644
--- a/distributedcloud/dccommon/drivers/openstack/sysinv_v1.py
+++ b/distributedcloud/dccommon/drivers/openstack/sysinv_v1.py
@@ -519,7 +519,7 @@ class SysinvClient(base.DriverBase):
     def _validate_certificate(self, signature, certificate):
         # JKUNG need to look at the crypto public serial id
         certificate_sig = hashlib.md5(
-            encodeutils.safe_encode(certificate)).hexdigest()
+            encodeutils.safe_encode(certificate), usedforsecurity=False).hexdigest()
 
         if certificate_sig == signature:
             return True
diff --git a/tox.ini b/tox.ini
index 91ab251fd..0f9828802 100644
--- a/tox.ini
+++ b/tox.ini
@@ -6,7 +6,7 @@ skipsdist = True
 [testenv]
 basepython = python3
 install_command = pip install -v -v -v \
-    -c{env:UPPER_CONSTRAINTS_FILE:https://opendev.org/openstack/requirements/raw/branch/stable/stein/upper-constraints.txt} \
+    -c{env:UPPER_CONSTRAINTS_FILE:https://opendev.org/starlingx/root/raw/branch/master/build-tools/requirements/debian/upper-constraints.txt} \
     {opts} {packages}
 setenv =
     VIRTUAL_ENV={envdir}