Commit ed955279 authored by Gaëtan Montury's avatar Gaëtan Montury
Browse files

fix: correct bandit exclude of .venv and .cache 

fix #92
parent 3b7aac68

templates/gitlab-ci-python.yml

+3 −3
Original line number Diff line number Diff line
@@ -1221,15 +1221,15 @@ py-bandit: 
    - |

      if [[ "$SONAR_HOST_URL" ]]

      then

        _run bandit ${TRACE+--verbose} --exit-zero --exclude ./.cache --exclude ./.venv --format csv --output reports/py-bandit.bandit.csv ${BANDIT_ARGS}

        _run bandit ${TRACE+--verbose} --exit-zero --exclude ./.cache,./.venv --format csv --output reports/py-bandit.bandit.csv ${BANDIT_ARGS}

      fi

    # JSON (for DefectDojo)

    - |

      if [[ "$DEFECTDOJO_BANDIT_REPORTS" ]]

      then

        _run bandit ${TRACE+--verbose} --exit-zero --exclude ./.cache --exclude ./.venv --format json --output reports/py-bandit.bandit.json ${BANDIT_ARGS}

        _run bandit ${TRACE+--verbose} --exit-zero --exclude ./.cache,./.venv --format json --output reports/py-bandit.bandit.json ${BANDIT_ARGS}

      fi

    - _run bandit ${TRACE+--verbose} --exclude ./.cache --exclude ./.venv ${BANDIT_ARGS}

    - _run bandit ${TRACE+--verbose} --exclude ./.cache,./.venv ${BANDIT_ARGS}

  artifacts:

    when: always

    name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"