diff options
author | Peter MacKinnon <pmackinn@redhat.com> | 2016-02-22 09:33:58 -0500 |
---|---|---|
committer | Peter Stachowski <peter@tesora.com> | 2016-05-13 13:41:12 +0000 |
commit | 64fc24516b14bd3e394b4d1fcd82c674081b4fda (patch) | |
tree | 15e3fd6ced6d5a3329e90e8271023f3402d48209 /tox.ini | |
parent | a3b3fcbd7dd01b51dbaea12993c177e6ca6a1b5a (diff) | |
download | trove-64fc24516b14bd3e394b4d1fcd82c674081b4fda.tar.gz |
Add bandit security config
Bandit is an OpenStack security linter that uses python AST modules
to perform static code analysis of a project. It can help identify
low, medium, and high security "hotspots" in a project codebase.
This change provides an initial Bandit config based on the existing
one used by Sahara.
Change-Id: Idcfb5641007bb27de8df262b236b9a46d7e11d5d
Closes-Bug: 1547730
Diffstat (limited to 'tox.ini')
-rw-r--r-- | tox.ini | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -103,3 +103,6 @@ commands = openstack-doc-test --check-build --publish --force # no file there. It can be removed when infra changes this. install_command = pip install -U {opts} {packages} commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html + +[testenv:bandit] +commands = bandit -r trove -n5 -x tests |