add bandit to pep8 job

Add the bandit security scanner to the pep8 job. Note: we skip some cases which we can't fix now. Change-Id: Iad8b31d1c214376cbdca39fa28afa7f46af6ccca
author: ChangBo Guo(gcb) <eric.guo@easystack.cn> 2017-11-30 10:59:56 +0800
committer: ChangBo Guo(gcb) <eric.guo@easystack.cn> 2017-12-12 10:49:20 +0800
commit: 86fb3dcc275b00d1d059033e908b55a0ce82cbbb (patch)
tree: e2070810b76ff48c63d987f814d205a19a6395ed
parent: 9584101c993747d28fd36ebbf93792c053eaaf54 (diff)
download: oslo-concurrency-86fb3dcc275b00d1d059033e908b55a0ce82cbbb.tar.gz
2 files changed, 9 insertions, 1 deletions
diff --git a/test-requirements.txt b/test-requirements.txt
index 552d826..0903d1d 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -14,3 +14,6 @@ sphinx>=1.6.2 # BSD
 reno>=2.5.0 # Apache-2.0
 
 eventlet!=0.18.3,!=0.20.1,<0.21.0,>=0.18.2 # MIT
+
+# Bandit security code scanner
+bandit>=1.1.0 # Apache-2.0
diff --git a/tox.ini b/tox.ini
index 10bcb20..80161ca 100644
--- a/tox.ini
+++ b/tox.ini
@@ -14,7 +14,12 @@ commands =
     env TEST_EVENTLET=1 lockutils-wrapper python setup.py testr --slowest --testr-args='{posargs}'
 
 [testenv:pep8]
-commands = flake8
+deps =
+  -r{toxinidir}/test-requirements.txt
+commands =
+  flake8
+  # Run security linter
+  bandit -r oslo_concurrency -x tests -n5 --skip B311,B404,B603,B606
 
 [testenv:venv]
 commands = {posargs}
author	ChangBo Guo(gcb) <eric.guo@easystack.cn>	2017-11-30 10:59:56 +0800
committer	ChangBo Guo(gcb) <eric.guo@easystack.cn>	2017-12-12 10:49:20 +0800
commit	86fb3dcc275b00d1d059033e908b55a0ce82cbbb (patch)
tree	e2070810b76ff48c63d987f814d205a19a6395ed
parent	9584101c993747d28fd36ebbf93792c053eaaf54 (diff)
download	oslo-concurrency-86fb3dcc275b00d1d059033e908b55a0ce82cbbb.tar.gz