Merge pull request #19 from amcmahon-rh/addBandit

Adding bandit to pipeline [RHELDST-12098]

Author: rohanpm

.github/workflows/tox-test.yml

@@ -80,3 +80,17 @@ jobs:
         run: pip install tox
       - name: Run Tox
         run: tox -e docs
+  bandit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Install RPM
+        run: sudo apt-get install -y rpm
+      - name: Setup Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.8
+      - name: Install Tox
+        run: pip install tox
+      - name: Run Tox
+        run: tox -e bandit

tox.ini

@@ -1,5 +1,5 @@
 [tox]
-envlist = py27,py36,static,pidiff,docs
+envlist = py27,py36,static,pidiff,docs,bandit
 
 [testenv]
 deps=-rtest-requirements.txt
@@ -47,3 +47,8 @@ commands=
 
 [pytest]
 testpaths = tests
+
+
+[testenv:bandit]
+deps = bandit
+commands = bandit -r . -ll --exclude './.tox,./misc/ci'