[Security] Implement bandit

Bandit (https://github.com/openstack/bandit) is a python security linter. Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
2016-12-07 09:41:23 +01:00
parent 3fbd182453
commit 6fa0a4a796
3 changed files with 16 additions and 1 deletions
--- a/.travis.yml
+++ b/.travis.yml
@@ -8,7 +8,9 @@ install:
  - pip install -r requirements.txt
  - pip install -r requirements-test.txt
  - pip install -q coverage coveralls --use-wheel
-script: py.test --cov=puppetboard --pep8  -v
+script:
+  - py.test --cov=puppetboard --pep8  -v
+  - ./bandit.sh

 after_success:
  - coveralls
--- a/bandit.sh
+++ b/bandit.sh
@@ -0,0 +1,12 @@
+#!/bin/bash -xe
+# Runs bandit tests
+
+pyver="$(python -V 2>&1)"
+
+if [[ $pyver =~ Python\ 2\.6 ]]
+then
+    echo 'Bandit does not support python 2.6'
+else
+    bandit -r puppetboard
+    bandit -r tests
+fi
--- a/requirements-test.txt
+++ b/requirements-test.txt
@@ -6,3 +6,4 @@ pytest-pep8==1.0.5
 pytest-cov==2.2.1
 cov-core==1.15.0
 unittest2==1.1.0; python_version < '2.7'
+bandit