Skip to content

Commit

Permalink
Add bandit checks to test code
Browse files Browse the repository at this point in the history
Signed-off-by: mulhern <[email protected]>
  • Loading branch information
mulkieran committed Sep 18, 2024
1 parent fa60d1f commit cfef40b
Show file tree
Hide file tree
Showing 8 changed files with 24 additions and 9 deletions.
1 change: 1 addition & 0 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,7 @@ jobs:
- name: Install dependencies
run: >
dnf install -y
bandit
make
pylint
python3-dbus
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/support.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ jobs:
matrix:
include:
- dependencies: >
bandit
pylint
python3-dbus-client-gen
python3-dbus-python-client-gen
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/weekly.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ jobs:
include:
# PYTHON CHECKS ON NEXT FEDORA PYTHON AND PYTHON TOOLS VERSION
- dependencies: >
bandit
pylint
python3-dbus-client-gen
python3-dbus-python-client-gen
Expand Down
1 change: 1 addition & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -432,6 +432,7 @@ clippy: clippy-macros clippy-min clippy-udev-utils clippy-no-ipc clippy-utils cl
## Lint Python parts of the source code
pylint:
pylint --disable=invalid-name ./src/bin/utils/stratis-decode-dm
bandit ./src/bin/utils/stratis-decode-dm --skip B101

.PHONY:
audit
Expand Down
7 changes: 7 additions & 0 deletions tests/client-dbus/Makefile
Original file line number Diff line number Diff line change
@@ -1,9 +1,16 @@
UNITTEST_OPTS = --verbose

# Ignore bandit B404 errors. Any import of the subprocess module causes this
# error. We know what we are doing when we import that module and do not
# need to be warned.
BANDIT_SKIP = --skip B404,B603,B311

.PHONY: lint
lint:
pylint src/stratisd_client_dbus --ignore=_introspect.py
pylint tests --disable=R0801
bandit --recursive ./src ${BANDIT_SKIP}
bandit --recursive ./tests ${BANDIT_SKIP}

.PHONY: startup-tests
startup-tests:
Expand Down
18 changes: 11 additions & 7 deletions tests/client-dbus/src/stratisd_client_dbus/_implementation.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
"""

# isort: STDLIB
import xml.etree.ElementTree as ET
import xml.etree.ElementTree as ET # nosec B405

# isort: FIRSTPARTY
from dbus_client_gen import managed_object_class, mo_query_builder
Expand All @@ -31,9 +31,9 @@
)
from ._introspect import SPECS

_POOL_SPEC = ET.fromstring(SPECS[POOL_INTERFACE])
_FILESYSTEM_SPEC = ET.fromstring(SPECS[FILESYSTEM_INTERFACE])
_BLOCKDEV_SPEC = ET.fromstring(SPECS[BLOCKDEV_INTERFACE])
_POOL_SPEC = ET.fromstring(SPECS[POOL_INTERFACE]) # nosec B314
_FILESYSTEM_SPEC = ET.fromstring(SPECS[FILESYSTEM_INTERFACE]) # nosec B314
_BLOCKDEV_SPEC = ET.fromstring(SPECS[BLOCKDEV_INTERFACE]) # nosec B314

pools = mo_query_builder(_POOL_SPEC)
filesystems = mo_query_builder(_FILESYSTEM_SPEC)
Expand All @@ -46,11 +46,15 @@

ObjectManager = make_class(
"ObjectManager",
ET.fromstring(SPECS["org.freedesktop.DBus.ObjectManager"]),
ET.fromstring(SPECS["org.freedesktop.DBus.ObjectManager"]), # nosec B314
TIME_OUT,
)
Report = make_class("Report", ET.fromstring(SPECS[REPORT_INTERFACE]), TIME_OUT)
Manager = make_class("Manager", ET.fromstring(SPECS[MANAGER_INTERFACE]), TIME_OUT)
Report = make_class(
"Report", ET.fromstring(SPECS[REPORT_INTERFACE]), TIME_OUT # nosec B314
)
Manager = make_class(
"Manager", ET.fromstring(SPECS[MANAGER_INTERFACE]), TIME_OUT # nosec B314
)
Filesystem = make_class("Filesystem", _FILESYSTEM_SPEC, TIME_OUT)
Pool = make_class("Pool", _POOL_SPEC, TIME_OUT)
Blockdev = make_class("Blockdev", _BLOCKDEV_SPEC, TIME_OUT)
2 changes: 1 addition & 1 deletion tests/client-dbus/tests/udev/_utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -232,7 +232,7 @@ def settle():
:return: None
"""
time.sleep(2)
subprocess.check_call(["udevadm", "settle"])
subprocess.check_call(["/usr/bin/udevadm", "settle"])


def wait_for_udev_count(expected_num):
Expand Down
2 changes: 1 addition & 1 deletion tests/client-dbus/tests/udev/test_predict.py
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ def _call_blockdev_size(dev):
:rtype: str
"""
with subprocess.Popen(
["blockdev", "--getsize64", dev],
["/usr/sbin/blockdev", "--getsize64", dev],
stdout=subprocess.PIPE,
) as command:
outs, _ = command.communicate()
Expand Down

0 comments on commit cfef40b

Please sign in to comment.