bandit scan is broken

Bug #1729308 reported by Pavlo Shchelokovskyy on 2017-11-01
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
oslo.service
Undecided
Pavlo Shchelokovskyy

Bug Description

although bandit is integration-tested against oslo.service, the bandit scan is not voting on oslo.service itself.

What's more, currently bandit scan on oslo.service is broken due to legacy bandit.yaml configuration file oslo.service is using [0]

We should fix the bandit.yaml (maybe also moving it to a non-legacy .bandit file) and enable bandit scan as part of pep8 job.

[0] http://logs.openstack.org/18/459618/3/check/legacy-bandit-integration-oslo.service/ec906ab/job-output.txt.gz#_2017-10-26_17_12_58_689610

Changed in oslo.service:
assignee: nobody → Pavlo Shchelokovskyy (pshchelo)

Fix proposed to branch: master
Review: https://review.openstack.org/516987

Changed in oslo.service:
status: New → In Progress

Reviewed: https://review.openstack.org/516987
Committed: https://git.openstack.org/cgit/openstack/oslo.service/commit/?id=de7615e768120956f17c727dc7fe19be2fb01745
Submitter: Zuul
Branch: master

commit de7615e768120956f17c727dc7fe19be2fb01745
Author: Pavlo Shchelokovskyy <email address hidden>
Date: Wed Nov 1 14:58:04 2017 +0200

    Fix bandit scan and make it voting

    This patch removes legacy bandit.yaml configuration file
    and makes the full bandit scan voting as part of pep8 job.

    A single low severity bandit scan violation was found in the
    process and corresponding line is now skipped as false positive.

    Change-Id: I0d432e4621bd89b1e6e74fc2005971d9dea794f9
    Closes-Bug: #1729308

Changed in oslo.service:
status: In Progress → Fix Released

This issue was fixed in the openstack/oslo.service 1.27.0 release.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers