ignore bandit issue for python3 input()

This commit is contained in:
Robert Kaussow 2019-10-08 15:26:25 +02:00
parent 669bb9442a
commit 275e4a6824
5 changed files with 247 additions and 1 deletions

149
.drone.jsonnet Normal file
View File

@ -0,0 +1,149 @@
local PythonVersion(pyversion="3.5") = {
name: "python" + std.strReplace(pyversion, '.', '') + "-pytest",
image: "python:" + pyversion,
pull: "always",
environment: {
PY_COLORS: 1
},
commands: [
"pip install -r test-requirements.txt -qq",
"pip install -qq .",
"ansible-doctor --help",
],
depends_on: [
"clone",
],
};
local PipelineLint = {
kind: "pipeline",
name: "lint",
platform: {
os: "linux",
arch: "amd64",
},
steps: [
{
name: "flake8",
image: "python:3.7",
pull: "always",
environment: {
PY_COLORS: 1
},
commands: [
"pip install -r test-requirements.txt -qq",
"pip install -qq .",
"flake8 ./ansibledoctor",
],
},
],
trigger: {
ref: ["refs/heads/master", "refs/tags/**", "refs/pull/**"],
},
};
local PipelineTest = {
kind: "pipeline",
name: "test",
platform: {
os: "linux",
arch: "amd64",
},
steps: [
PythonVersion(pyversion="3.5"),
PythonVersion(pyversion="3.6"),
PythonVersion(pyversion="3.7"),
PythonVersion(pyversion="3.8-rc"),
],
trigger: {
ref: ["refs/heads/master", "refs/tags/**", "refs/pull/**"],
},
depends_on: [
"lint",
],
};
local PipelineSecurity = {
kind: "pipeline",
name: "security",
platform: {
os: "linux",
arch: "amd64",
},
steps: [
{
name: "bandit",
image: "python:3.7",
pull: "always",
environment: {
PY_COLORS: 1
},
commands: [
"pip install -r test-requirements.txt -qq",
"pip install -qq .",
"bandit -r ./ansibledoctor -x ./ansibledoctor/tests",
],
},
],
depends_on: [
"test",
],
trigger: {
ref: ["refs/heads/master", "refs/tags/**", "refs/pull/**"],
},
};
local PipelineBuild = {
kind: "pipeline",
name: "build",
platform: {
os: "linux",
arch: "amd64",
},
steps: [
{
name: "build",
image: "python:3.7",
pull: "always",
commands: [
"python setup.py sdist bdist_wheel",
]
},
{
name: "checksum",
image: "alpine",
pull: "always",
commands: [
"cd dist/ && sha256sum * > sha256sum.txt"
],
},
{
name: "publish-gitea",
image: "plugins/gitea-release",
pull: "always",
settings: {
base_url: "https://gitea.owncloud.services",
api_key: { "from_secret": "gitea_token"},
files: ["dist/*", "sha256sum.txt"],
title: "${DRONE_TAG}",
note: "CHANGELOG.md",
},
when: {
ref: [ "refs/tags/**" ],
},
},
],
depends_on: [
"security",
],
trigger: {
ref: ["refs/heads/master", "refs/tags/**", "refs/pull/**"],
},
};
[
PipelineLint,
PipelineTest,
PipelineSecurity,
PipelineBuild,
]

32
Dockerfile.linux.amd64 Normal file
View File

@ -0,0 +1,32 @@
FROM python:3.7-alpine
LABEL maintainer="Robert Kaussow <mail@geeklabor.de>" \
org.label-schema.name="ansible later" \
org.label-schema.vcs-url="https://gitea.rknet.org/docker/molecule" \
org.label-schema.vendor="Robert Kaussow" \
org.label-schema.schema-version="1.0"
ENV PACKAGES="\
gcc \
make \
libffi-dev \
openssl-dev \
python-dev \
libc-dev \
"
ENV PIP_PACKAGES="\
ansible~=2.8.0 \
ansible-later~=0.2.0 \
"
RUN \
apk update \
&& apk add --update --no-cache ${PACKAGES} \
&& rm -rf /var/cache/apk/* \
&& pip install --upgrade --no-cache-dir pip \
&& pip install --no-cache-dir ${PIP_PACKAGES} \
&& rm -rf /root/.cache/
USER root
ENTRYPOINT ["/usr/local/bin/ansible-later"]

32
Dockerfile.linux.arm32v6 Normal file
View File

@ -0,0 +1,32 @@
FROM python:3.7-alpine
LABEL maintainer="Robert Kaussow <mail@geeklabor.de>" \
org.label-schema.name="ansible later" \
org.label-schema.vcs-url="https://gitea.rknet.org/docker/molecule" \
org.label-schema.vendor="Robert Kaussow" \
org.label-schema.schema-version="1.0"
ENV PACKAGES="\
gcc \
make \
libffi-dev \
openssl-dev \
python-dev \
libc-dev \
"
ENV PIP_PACKAGES="\
ansible~=2.8.0 \
ansible-later~=0.2.0 \
"
RUN \
apk update \
&& apk add --update --no-cache ${PACKAGES} \
&& rm -rf /var/cache/apk/* \
&& pip install --upgrade --no-cache-dir pip \
&& pip install --no-cache-dir ${PIP_PACKAGES} \
&& rm -rf /root/.cache/
USER root
ENTRYPOINT ["/usr/local/bin/ansible-later"]

32
Dockerfile.linux.arm64v8 Normal file
View File

@ -0,0 +1,32 @@
FROM python:3.7-alpine
LABEL maintainer="Robert Kaussow <mail@geeklabor.de>" \
org.label-schema.name="ansible later" \
org.label-schema.vcs-url="https://gitea.rknet.org/docker/molecule" \
org.label-schema.vendor="Robert Kaussow" \
org.label-schema.schema-version="1.0"
ENV PACKAGES="\
gcc \
make \
libffi-dev \
openssl-dev \
python-dev \
libc-dev \
"
ENV PIP_PACKAGES="\
ansible~=2.8.0 \
ansible-later~=0.2.0 \
"
RUN \
apk update \
&& apk add --update --no-cache ${PACKAGES} \
&& rm -rf /var/cache/apk/* \
&& pip install --upgrade --no-cache-dir pip \
&& pip install --no-cache-dir ${PIP_PACKAGES} \
&& rm -rf /root/.cache/
USER root
ENTRYPOINT ["/usr/local/bin/ansible-later"]

View File

@ -210,7 +210,8 @@ class FileUtils:
prompt = "[N/y]" prompt = "[N/y]"
try: try:
choice = input("{} {} ".format(question, prompt)) or default # input() is safe in python3
choice = input("{} {} ".format(question, prompt)) or default # nosec
to_bool(choice) to_bool(choice)
except (KeyboardInterrupt, ValueError) as e: except (KeyboardInterrupt, ValueError) as e:
raise ansibledoctor.Exception.InputError("Error while reading input", e) raise ansibledoctor.Exception.InputError("Error while reading input", e)