Fixing Bandit findings and adding travis Bandit job (#759)
* Fixes for Bandit This commit fixes a couple of issues so that Bandit can run cleanly using medium+ severity and confidence filtering. * Adding Lemur Bandit job to TravisCI
This commit is contained in:
parent
1c295896e6
commit
bc66ede9aa
@ -34,9 +34,11 @@ before_script:
|
||||
|
||||
install:
|
||||
- pip install coveralls
|
||||
- pip install bandit
|
||||
|
||||
script:
|
||||
- make test
|
||||
- bandit -r . -ll -ii -x lemur/tests/,docs
|
||||
|
||||
after_success:
|
||||
- coveralls
|
||||
|
@ -73,7 +73,8 @@ def from_file(file_path, silent=False):
|
||||
d.__file__ = file_path
|
||||
try:
|
||||
with open(file_path) as config_file:
|
||||
exec(compile(config_file.read(), file_path, 'exec'), d.__dict__)
|
||||
exec(compile(config_file.read(), # nosec: config file safe
|
||||
file_path, 'exec'), d.__dict__)
|
||||
except IOError as e:
|
||||
if silent and e.errno in (errno.ENOENT, errno.EISDIR):
|
||||
return False
|
||||
|
@ -1,11 +1,12 @@
|
||||
import os
|
||||
import arrow
|
||||
from jinja2 import Environment, FileSystemLoader
|
||||
from jinja2 import Environment, FileSystemLoader, select_autoescape
|
||||
|
||||
from lemur.plugins.utils import get_plugin_option
|
||||
|
||||
loader = FileSystemLoader(searchpath=os.path.dirname(os.path.realpath(__file__)))
|
||||
env = Environment(loader=loader)
|
||||
env = Environment(loader=loader, # nosec: potentially dangerous types esc.
|
||||
autoescape=select_autoescape(['html', 'xml']))
|
||||
|
||||
|
||||
def human_time(time):
|
||||
|
@ -11,6 +11,7 @@
|
||||
.. moduleauthor:: Mikhail Khodorovskiy <mikhail.khodorovskiy@jivesoftware.com>
|
||||
"""
|
||||
import base64
|
||||
import os
|
||||
import urllib
|
||||
import requests
|
||||
import itertools
|
||||
@ -139,7 +140,8 @@ class K8sSession(requests.Session):
|
||||
'Authorization': 'Bearer %s' % bearer
|
||||
})
|
||||
|
||||
k8_ca = '/tmp/k8.cert'
|
||||
k8_ca = os.path.join(os.path.abspath(os.path.dirname(__file__)),
|
||||
'k8.cert')
|
||||
|
||||
with open(k8_ca, "w") as text_file:
|
||||
text_file.write(cert)
|
||||
|
Loading…
Reference in New Issue
Block a user