add bandit to pep8 job

Add the bandit security scanner to the pep8 job. Change-Id: I4fa14f3c42f064b6ec58e1f3a3cde22ad031ac7a Signed-off-by: Doug Hellmann <doug@doughellmann.com>
author: Doug Hellmann <doug@doughellmann.com> 2017-11-10 18:00:22 -0500
committer: Doug Hellmann <doug@doughellmann.com> 2017-11-30 17:47:15 -0500
commit: 6aae80ec1897342222a255ae2aafe28cd2069137 (patch)
tree: 0b50194bcc716540990eef7c3e441be913795d9b
parent: 3ffdb1f0ba05555686840065a4cae36b93de86b5 (diff)
download: stevedore-6aae80ec1897342222a255ae2aafe28cd2069137.tar.gz
2 files changed, 9 insertions, 2 deletions
diff --git a/test-requirements.txt b/test-requirements.txt
index 699eeaf..18a5a8c 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -7,3 +7,5 @@ coverage!=4.4,>=4.0 # Apache-2.0
 testrepository>=0.0.18 # Apache-2.0/BSD
 # sphinx is needed for testing the sphinxext module
 sphinx>=1.6.2 # BSD
+# Bandit security code scanner
+bandit>=1.1.0 # Apache-2.0
diff --git a/tox.ini b/tox.ini
index 5b84b80..12de56d 100644
--- a/tox.ini
+++ b/tox.ini
@@ -20,9 +20,14 @@ deps =
 commands = {posargs}
 
 [testenv:pep8]
-deps = flake8
+deps =
+  -r{toxinidir}/test-requirements.txt
+  flake8
 ignore = E251
-commands = flake8 stevedore setup.py
+commands =
+  flake8 stevedore setup.py
+  # Run security linter
+  bandit -r stevedore -x tests -n5
 
 [testenv:docs]
 deps = -r{toxinidir}/doc/requirements.txt
author	Doug Hellmann <doug@doughellmann.com>	2017-11-10 18:00:22 -0500
committer	Doug Hellmann <doug@doughellmann.com>	2017-11-30 17:47:15 -0500
commit	6aae80ec1897342222a255ae2aafe28cd2069137 (patch)
tree	0b50194bcc716540990eef7c3e441be913795d9b
parent	3ffdb1f0ba05555686840065a4cae36b93de86b5 (diff)
download	stevedore-6aae80ec1897342222a255ae2aafe28cd2069137.tar.gz