Add bandit security config

Bandit is an OpenStack security linter that uses python AST modules to perform static code analysis of a project. It can help identify low, medium, and high security "hotspots" in a project codebase. This change provides an initial Bandit config based on the existing one used by Sahara. Change-Id: Idcfb5641007bb27de8df262b236b9a46d7e11d5d Closes-Bug: 1547730
author: Peter MacKinnon <pmackinn@redhat.com> 2016-02-22 09:33:58 -0500
committer: Peter Stachowski <peter@tesora.com> 2016-05-13 13:41:12 +0000
commit: 64fc24516b14bd3e394b4d1fcd82c674081b4fda (patch)
tree: 15e3fd6ced6d5a3329e90e8271023f3402d48209 /tox.ini
parent: a3b3fcbd7dd01b51dbaea12993c177e6ca6a1b5a (diff)
download: trove-64fc24516b14bd3e394b4d1fcd82c674081b4fda.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/tox.ini b/tox.ini
index fc5cc870..041740ea 100644
--- a/tox.ini
+++ b/tox.ini
@@ -103,3 +103,6 @@ commands = openstack-doc-test --check-build --publish --force
 # no file there. It can be removed when infra changes this.
 install_command = pip install -U {opts} {packages}
 commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
+
+[testenv:bandit]
+commands = bandit -r trove -n5 -x tests
author	Peter MacKinnon <pmackinn@redhat.com>	2016-02-22 09:33:58 -0500
committer	Peter Stachowski <peter@tesora.com>	2016-05-13 13:41:12 +0000
commit	64fc24516b14bd3e394b4d1fcd82c674081b4fda (patch)
tree	15e3fd6ced6d5a3329e90e8271023f3402d48209 /tox.ini
parent	a3b3fcbd7dd01b51dbaea12993c177e6ca6a1b5a (diff)
download	trove-64fc24516b14bd3e394b4d1fcd82c674081b4fda.tar.gz