Merge pull request #2 from soda480/0.2.0

0.2.0

.github/workflows/main.yml

@@ -6,6 +6,9 @@ on:
   pull_request:
     branches:
       - master
+env:
+  CRYPTOGRAPHY_DONT_BUILD_RUST: 1
+
 jobs:
   build:
     runs-on: ubuntu-16.04
@@ -14,8 +17,11 @@ jobs:
     steps:
     - uses: actions/checkout@v2
 
+    - name: Install required packages
+      run: apk --update --no-cache add gcc libc-dev libffi-dev openssl-dev
+
     - name: Install pybuilder
-      run: pip install pybuilder==0.11.17
+      run: pip install pybuilder
 
     - name: Install dependencies
       run: pyb install_dependencies
@@ -27,7 +33,7 @@ jobs:
       run: |
         apk update
         apk add bash curl
-        sed -e 's,filename="pybuilder-bandit/,filename="src/main/python/pybuilder_bandit/,g' target/reports/coverage.xml > coverage.xml
+        sed -e 's,filename="pybuilder-bandit/,filename="src/main/python/pybuilder_bandit/,g' target/reports/pybuilder-bandit_coverage.xml > coverage.xml
 
     - name: Upload coverage to Codecov
       uses: codecov/codecov-action@v1

Dockerfile

@@ -1,11 +1,13 @@
 FROM python:3.6-alpine
 
 ENV PYTHONDONTWRITEBYTECODE 1
+ENV CRYPTOGRAPHY_DONT_BUILD_RUST 1
 
 WORKDIR /pybuilder-bandit
 
 COPY . /pybuilder-bandit/
 
+RUN apk --update --no-cache add gcc libc-dev libffi-dev openssl-dev
 RUN pip install pybuilder==0.11.17
 RUN pyb install_dependencies
 RUN pyb install

README.md

@@ -9,10 +9,13 @@ A pybuilder plugin that analyzes your project for common security issues using `
 
 To add this plugin into your pybuilder project, add the following line near the top of your build.py:
 ```python
-use_plugin('pypi:pybuilder_bandit', '~=0.1.1')
+use_plugin('pypi:pybuilder_bandit')
 ```
 
-**NOTE** version `v0.1.x` of this plugin will only work with version `v0.11.x` of Pybuilder.
+**NOTE** if you are using Pybuilder version `v0.11.x`, then specify the following version of the plugin:
+```python
+use_plugin('pypi:pybuilder_bandit', '~=0.1.1')
+```
 
 ### Pybuilder bandit properties ###
 

build.py

@@ -18,7 +18,7 @@
 authors = [Author('Emilio Reyes', 'soda480@gmail.com')]
 summary = 'Pybuilder plugin for bandit security linter'
 url = '/~https://github.com/soda480/pybuilder-bandit'
-version = '0.1.1'
+version = '0.2.0'
 default_task = ['clean', 'analyze']
 license = 'Apache License, Version 2.0'
 description = summary
@@ -54,4 +54,4 @@ def set_properties(project):
     # project.set_property('bandit_break_build', True)
     # project.set_property('bandit_confidence_level', 'LOW')
     # project.set_property('bandit_severity_level', 'MEDIUM')
-    # project.set_property('bandit_skip_ids', 'B311,B315')
+    # project.set_property('bandit_skip_ids', 'B311,B110')

src/main/python/pybuilder_bandit/task.py

@@ -20,20 +20,20 @@ def init_bandit(project):
 
 @task('bandit', description='execute bandit security linter')
 @depends('prepare')
-def bandit(project, logger):
+def bandit(project, logger, reactor):
     """ execute bandit security linter
     """
     set_verbose_property(project)
-    command = get_command(project)
+    command = get_command(project, reactor)
     logger.info(f'Executing bandit security linter: \"{command.as_string}\"')
     result = command.run_on_production_source_files(logger, include_dirs_only=True)
     process_result(project, result, logger)
 
 
-def get_command(project):
+def get_command(project, reactor):
     """ return bandit command
     """
-    command = ExternalCommandBuilder('bandit', project)
+    command = ExternalCommandBuilder('bandit', project, reactor)
     command.use_argument('--recursive')
     command.use_argument('--format')
     command.use_argument('custom')

src/unittest/python/test_task.py

@@ -43,7 +43,7 @@ def test__bandit_Should_CallExpected_When_VerifyResultFalse(self, process_result
         get_command_patch.return_value = command_mock
         project_mock = Mock()
         logger_mock = Mock()
-        bandit(project_mock, logger_mock)
+        bandit(project_mock, logger_mock, Mock())
         process_result_patch.assert_called_once_with(project_mock, command_mock.run_on_production_source_files.return_value, logger_mock)
 
     @patch('pybuilder_bandit.task.translate_severity_level')
@@ -54,8 +54,9 @@ def test__get_command_Should_CallAndReturnExpected_When_Skip(self, external_comm
         external_command_builder_patch.return_value = command_mock
         project_mock = Mock()
         project_mock.get_property.return_value = 'id1,id2,id3'
-        result = get_command(project_mock)
-        external_command_builder_patch.assert_called_once_with('bandit', project_mock)
+        reactor_mock = Mock()
+        result = get_command(project_mock, reactor_mock)
+        external_command_builder_patch.assert_called_once_with('bandit', project_mock, reactor_mock)
         self.assertEqual(result, external_command_builder_patch.return_value)
         self.assertTrue(call('--skip') in command_mock.use_argument.mock_calls)
         self.assertTrue(call('id1,id2,id3') in command_mock.use_argument.mock_calls)
@@ -68,8 +69,9 @@ def test__get_command_Should_CallAndReturnExpected_When_NoSkip(self, external_co
         external_command_builder_patch.return_value = command_mock
         project_mock = Mock()
         project_mock.get_property.return_value = None
-        result = get_command(project_mock)
-        external_command_builder_patch.assert_called_once_with('bandit', project_mock)
+        reactor_mock = Mock()
+        result = get_command(project_mock, reactor_mock)
+        external_command_builder_patch.assert_called_once_with('bandit', project_mock, reactor_mock)
         self.assertEqual(result, external_command_builder_patch.return_value)
         self.assertFalse(call('--skip') in command_mock.use_argument.mock_calls)