On 11/02/2015 07:40 PM, Brant Knudson wrote:
We could use something like this in keystone since we've got a few repositories. There should be a way to document why the test was skipped since otherwise we'll have to figure it out every time we update the file. Putting a comment on the command line would wind up being unwieldy, so we should have a config file for bandit-conf-generator... but then why not just have bandit know how to read the bandit-conf-generator config file and skip the extra step?
The bandit.yaml from python-keystoneclient supports multiple profiles, which is already something my tool, in its current state, cannot do.
I don't know exactly which set of features should be supported by a configuration generator. If it becomes too hard to write the configuration for the configuration generator, we might as well just write the configuration for bandit manually :⁾
See my answer to Victor about enhancing Bandit so that it can read a "simpler" config file. I'm not a big fan of it.
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
