Sonarfix:Reduce coginitive complexity vmtype util

[vvp/validation-scripts.git] / checks.py

diff --git a/checks.py b/checks.py
index 6f508eb..4431d26 100644 (file)
--- a/checks.py
+++ b/checks.py
@@ -35,13 +35,16 @@
 #
 # ============LICENSE_END============================================
 #
+import contextlib
 import csv
+import io
 import json
 import os
-import subprocess
+import subprocess  #nosec
 import sys
 
 import pytest
+from flake8.main.application import Application
 
 from update_reqs import get_requirements
 
@@ -49,6 +52,16 @@ THIS_DIR = os.path.dirname(os.path.abspath(__file__))
 CURRENT_NEEDS_PATH = os.path.join(THIS_DIR, "ice_validator/heat_requirements.json")
 
 
+def run_pytest(*args, msg="pytest failed"):
+    original_dir = os.getcwd()
+    try:
+        os.chdir(os.path.join(THIS_DIR, "ice_validator"))
+        if pytest.main(list(args)) != 0:
+            return [msg]
+    finally:
+        os.chdir(original_dir)
+
+
 class Traceability:
 
     PATH = os.path.join(THIS_DIR, "ice_validator/output/traceability.csv")
@@ -142,18 +155,14 @@ def check_requirements_up_to_date():
     return None
 
 
+def check_app_tests_pass():
+    return run_pytest("tests", "--self-test",
+                      msg="app_tests failed. Run pytest app_tests and fix errors.")
+
+
 def check_self_test_pass():
-    """
-    Run pytest self-test and ensure it passes
-    :return:
-    """
-    original_dir = os.getcwd()
-    try:
-        os.chdir(os.path.join(THIS_DIR, "ice_validator"))
-        if pytest.main(["tests", "--self-test"]) != 0:
-            return ["VVP self-test failed. Run pytest --self-test and fix errors."]
-    finally:
-        os.chdir(original_dir)
+    return run_pytest("tests", "--self-test",
+                      msg="self-test failed. Run pytest --self-test and fix errors.")
 
 
 def check_testable_requirements_are_mapped():
@@ -167,11 +176,24 @@ def check_non_testable_requirements_are_not_mapped():
 
 
 def check_flake8_passes():
-    result = subprocess.run(["flake8", "."], encoding="utf-8",
-                            stdout=subprocess.PIPE,
-                            stderr=subprocess.PIPE)
+    output = io.StringIO()
+    with contextlib.redirect_stdout(output), contextlib.redirect_stderr(output):
+        app = Application()
+        app.run(["ice_validator"])
+    output.seek(0)
+    lines = [f"   {l}" for l in output.readlines()]
+    return ["flake8 errors detected:"] + lines if lines else []
+
+
+def check_bandit_passes():
+    result = subprocess.run(                                            #nosec
+        ["bandit", "-c", "bandit.yaml", "-r", ".", "-x", "./.tox/**"],  #nosec
+        encoding="utf-8",                                               #nosec
+        stdout=subprocess.PIPE,                                         #nosec
+        stderr=subprocess.PIPE,                                         #nosec
+    )                                                                   #nosec
     msgs = result.stdout.split("\n") if result.returncode != 0 else []
-    return ["flake8 errors detected:"] + [f"  {e}" for e in msgs] if msgs else []
+    return ["bandit errors detected:"] + [f"  {e}" for e in msgs] if msgs else []
 
 
 if __name__ == "__main__":
@@ -181,6 +203,7 @@ if __name__ == "__main__":
         check_testable_requirements_are_mapped,
         check_non_testable_requirements_are_not_mapped,
         check_flake8_passes,
+        check_bandit_passes,
     ]
     results = [check() for check in checks]
     errors = "\n".join("\n".join(msg) for msg in results if msg)