X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=checks.py;h=b43d6c76f8949bd2686c3d220591a79b214d6f70;hb=14c5243cbbb0652ee9ad99519d7d456f5a6c88f4;hp=cde601a6917c22b719aa33299f593451ae95c896;hpb=eb94fa9a5d08f532cb7cdd89253e795ba4bc48ef;p=vvp%2Fvalidation-scripts.git diff --git a/checks.py b/checks.py index cde601a..b43d6c7 100644 --- a/checks.py +++ b/checks.py @@ -35,13 +35,16 @@ # # ============LICENSE_END============================================ # +import contextlib import csv +import io import json import os -import subprocess +import subprocess #nosec import sys import pytest +from flake8.main.application import Application from update_reqs import get_requirements @@ -167,14 +170,24 @@ def check_non_testable_requirements_are_not_mapped(): def check_flake8_passes(): - result = subprocess.run( - ["flake8", "."], - encoding="utf-8", - stdout=subprocess.PIPE, - stderr=subprocess.PIPE, - ) + output = io.StringIO() + with contextlib.redirect_stdout(output), contextlib.redirect_stderr(output): + app = Application() + app.run(["ice_validator"]) + output.seek(0) + lines = [f" {l}" for l in output.readlines()] + return ["flake8 errors detected:"] + lines if lines else [] + + +def check_bandit_passes(): + result = subprocess.run( #nosec + ["bandit", "-c", "bandit.yaml", "-r", ".", "-x", "./.tox/**"], #nosec + encoding="utf-8", #nosec + stdout=subprocess.PIPE, #nosec + stderr=subprocess.PIPE, #nosec + ) #nosec msgs = result.stdout.split("\n") if result.returncode != 0 else [] - return ["flake8 errors detected:"] + [f" {e}" for e in msgs] if msgs else [] + return ["bandit errors detected:"] + [f" {e}" for e in msgs] if msgs else [] if __name__ == "__main__": @@ -184,6 +197,7 @@ if __name__ == "__main__": check_testable_requirements_are_mapped, check_non_testable_requirements_are_not_mapped, check_flake8_passes, + check_bandit_passes, ] results = [check() for check in checks] errors = "\n".join("\n".join(msg) for msg in results if msg)