From e490764985f8683acfc205008535e89386c14656 Mon Sep 17 00:00:00 2001
From: Haibo Lin <hlin@redhat.com>
Date: Thu, 7 Apr 2022 13:47:12 +0800
Subject: [PATCH] Involve bandit

JIRA: RHELCMP-8562
Signed-off-by: Haibo Lin <hlin@redhat.com>
---
 tox.ini | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/tox.ini b/tox.ini
index 4ba977cf..ae1cf711 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,5 +1,5 @@
 [tox]
-envlist = flake8, black, py27, py3
+envlist = bandit, flake8, black, py27, py3
 
 [testenv:flake8]
 deps =
@@ -8,6 +8,14 @@ whitelist_externals = sh
 commands =
     sh -c "flake8 pungi pungi_utils setup.py tests/*py"
 
+[testenv:bandit]
+basepython = python3
+skip_install = true
+deps = bandit
+commands =
+    bandit -r -ll pungi pungi_utils
+ignore_outcome = True
+
 [testenv:black]
 basepython = python3
 whitelist_externals = sh