Page Menu
Home
GRNET
Search
Configure Global Search
Log In
Files
F1615115
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Sat, Mar 21, 6:42 PM
Size
2 KB
Mime Type
text/x-diff
Expires
Mon, Mar 23, 6:42 PM (1 d, 8 h)
Engine
blob
Format
Raw Data
Handle
354302
Attached To
R85 security-tools
View Options
diff --git a/jobs/tools-templates/bandit.yaml b/jobs/tools-templates/bandit.yaml
index beaff9c..763af83 100644
--- a/jobs/tools-templates/bandit.yaml
+++ b/jobs/tools-templates/bandit.yaml
@@ -1,18 +1,18 @@
- job-template:
name: '{name}-bandit'
description: "A job template for openstack's python static analyzer"
concurrent: true
output_type: html
builders:
- shell: |
#!/bin/bash -e
docker pull linosgian/bandit
docker run --rm \
- -u $(id -u):$(id -g) \
- -v $PWD:/app \
- linosgian/bandit -r . -f {output_type} -o {name}.{output_type} {bandit_extra_args}
+ -u $(id -u):$(id -g) \
+ -v $PWD:/app \
+ linosgian/bandit -P -r . -f {output_type} -o {name}.{output_type} {bandit_extra_args}
triggers:
- timed: '@hourly'
scm:
- git:
url: '{repo}'
diff --git a/tools/bandit/Dockerfile b/tools/bandit/Dockerfile
index 71a8f44..4c92192 100644
--- a/tools/bandit/Dockerfile
+++ b/tools/bandit/Dockerfile
@@ -1,6 +1,7 @@
FROM python:2
RUN pip install bandit
WORKDIR /app
-ENTRYPOINT ["bandit"]
+# Invert bandit's exit code it returns 1 upon success (?!)
+ENTRYPOINT ["/bin/bash", "-c", "! bandit $@"]
diff --git a/tools/bandit/out.html b/tools/bandit/out.html
new file mode 100644
index 0000000..581fbba
--- /dev/null
+++ b/tools/bandit/out.html
@@ -0,0 +1,105 @@
+
+<!DOCTYPE html>
+<html>
+<head>
+
+<meta charset="UTF-8">
+
+<title>
+ Bandit Report
+</title>
+
+<style>
+
+html * {
+ font-family: "Arial", sans-serif;
+}
+
+pre {
+ font-family: "Monaco", monospace;
+}
+
+.bordered-box {
+ border: 1px solid black;
+ padding-top:.5em;
+ padding-bottom:.5em;
+ padding-left:1em;
+}
+
+.metrics-box {
+ font-size: 1.1em;
+ line-height: 130%;
+}
+
+.metrics-title {
+ font-size: 1.5em;
+ font-weight: 500;
+ margin-bottom: .25em;
+}
+
+.issue-description {
+ font-size: 1.3em;
+ font-weight: 500;
+}
+
+.candidate-issues {
+ margin-left: 2em;
+ border-left: solid 1px; LightGray;
+ padding-left: 5%;
+ margin-top: .2em;
+ margin-bottom: .2em;
+}
+
+.issue-block {
+ border: 1px solid LightGray;
+ padding-left: .5em;
+ padding-top: .5em;
+ padding-bottom: .5em;
+ margin-bottom: .5em;
+}
+
+.issue-sev-high {
+ background-color: Pink;
+}
+
+.issue-sev-medium {
+ background-color: NavajoWhite;
+}
+
+.issue-sev-low {
+ background-color: LightCyan;
+}
+
+</style>
+</head>
+
+<body>
+
+<div id="metrics">
+ <div class="metrics-box bordered-box">
+ <div class="metrics-title">
+ Metrics:<br>
+ </div>
+ Total lines of code: <span id="loc">0</span><br>
+ Total lines skipped (#nosec): <span id="nosec">0</span>
+ </div>
+</div>
+
+
+
+<br>
+<div id="skipped">
+<div class="bordered-box">
+<b>Skipped files:</b><br><br>
+apimas <b>reason:</b> No such file or directory<br>
+</div>
+</div>
+
+
+<br>
+<div id="results">
+
+</div>
+
+</body>
+</html>
Event Timeline
Log In to Comment