Merge "Allow specifying targets in ini file"

2017-12-07 17:41:28 +00:00 · 2017-12-07 17:41:28 +00:00 · 03b390b59b
commit 03b390b59b
parent 3977c673e0 446e7f7249
4 changed files with 18 additions and 8 deletions
--- a/README.rst
+++ b/README.rst
@ -91,7 +91,7 @@ Usage::
                  [--msg-template MSG_TEMPLATE] [-o [OUTPUT_FILE]] [-v] [-d]
                  [--ignore-nosec] [-x EXCLUDED_PATHS] [-b BASELINE]
                  [--ini INI_PATH] [--version]
-                  targets [targets ...]
+                  [targets [targets ...]]

    Bandit - a Python source code security analyzer

@ -252,6 +252,7 @@ Projects may include a `.bandit` file that specifies command line arguments
 that should be supplied for that project. The currently supported arguments
 are:

+ - targets: comma separated list of target dirs/files to run bandit on
 - exclude: comma separated list of excluded paths
 - skips: comma separated list of tests to skip
 - tests: comma separated list of tests to run
--- a/bandit/cli/main.py
+++ b/bandit/cli/main.py
@ -98,7 +98,7 @@ def _log_option_source(arg_val, ini_val, option_name):
        LOG.info("Using command line arg for %s", option_name)
        return arg_val
    elif ini_val:
-        LOG.info("Using .bandit arg for %s", option_name)
+        LOG.info("Using ini file for %s", option_name)
        return ini_val
    else:
        return None
@ -151,7 +151,7 @@ def main():
        formatter_class=argparse.RawDescriptionHelpFormatter
    )
    parser.add_argument(
-        'targets', metavar='targets', type=str, nargs='+',
+        'targets', metavar='targets', type=str, nargs='*',
        help='source file(s) or directory(s) to be tested'
    )
    parser.add_argument(
@ -316,8 +316,16 @@ def main():

        args.tests = _log_option_source(args.tests, ini_options.get('tests'),
                                        'selected tests')
+        ini_targets = ini_options.get('targets')
+        if ini_targets:
+            ini_targets = ini_targets.split(',')
+        args.targets = _log_option_source(args.targets, ini_targets,
+                                          'selected targets')
        # TODO(tmcpeak): any other useful options to pass from .bandit?

+    if not args.targets:
+        LOG.error("No targets found in CLI or ini files, exiting.")
+        sys.exit(2)
    # if the log format string was set in the options, reinitialize
    if b_conf.get_option('log_format'):
        log_format = b_conf.get_option('log_format')
--- a/releasenotes/notes/target-in-ini-81802418b1cc970f.yaml
+++ b/releasenotes/notes/target-in-ini-81802418b1cc970f.yaml
@ -0,0 +1,5 @@
+---
+features:
+  - |
+    The 'targets' CLI arguments are now optional and can be specified in the
+    ini file.
--- a/tests/functional/test_runtime.py
+++ b/tests/functional/test_runtime.py
@ -15,7 +15,6 @@
 import os
 import subprocess

-import six
 import testtools


@ -41,10 +40,7 @@ class RuntimeTests(testtools.TestCase):
    def test_no_arguments(self):
        (retcode, output) = self._test_runtime(['bandit', ])
        self.assertEqual(2, retcode)
-        if six.PY2:
-            self.assertIn("error: too few arguments", output)
-        else:
-            self.assertIn("arguments are required: targets", output)
+        self.assertIn("No targets found in CLI or ini files", output)

    def test_piped_input(self):
        with open('examples/imports.py', 'r') as infile: