Skip to content

Document adding a job to GitLab CICD#1086

Open
Bengt wants to merge 3 commits intoPyCQA:mainfrom
Bengt:Add-GitLab-CICD-Job
Open

Document adding a job to GitLab CICD#1086
Bengt wants to merge 3 commits intoPyCQA:mainfrom
Bengt:Add-GitLab-CICD-Job

Conversation

@Bengt
Copy link
Copy Markdown

@Bengt Bengt commented Jan 3, 2024

This documents how to add a job to GitLab CI/CD for running Bandit.

lukehinds
lukehinds reviewed Jan 6, 2024
View reviewed changes
Comment thread doc/source/start.rst
bandit:
cache: {}
image:
name: cytopia/bandit:1-py3.10
Copy link
Copy Markdown
Member

@lukehinds lukehinds Jan 6, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! Good addition. Looking at this though, makes me realise we should really start producing our own images, just in case cytopia/bandit:1-py3.10 were to fall into bad hands. I will raise an issue, but until then let's keep this PR open.

Copy link
Copy Markdown
Author

@Bengt Bengt Jan 6, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello, @lukehinds! Thanks for considering this contribution. Yes, I also noticed that using the cytopia image is suboptimal and first-party Docker images would be preferable. By adding this job to the documentation, users might get encouraged to trust the source of the image. I have subscribed to the issue about creating such an image, so I can update this PR with the image name.

Copy link
Copy Markdown
Member

@lukehinds lukehinds Mar 1, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We now have official images: https://github.com/PyCQA/bandit?tab=readme-ov-file#container-images

Copy link
Copy Markdown
Member

@ericwb ericwb Jan 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, please switch the official Bandit image.

@lukehinds lukehinds mentioned this pull request Jan 6, 2024
Closed
ericwb
ericwb reviewed Jan 7, 2024
View reviewed changes
Copy link
Copy Markdown
Member

@ericwb ericwb left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it would be better to start a new integrations doc. There are a slew of various ways Bandit can be integrated into various systems, Jenkins, Flake8, Ruff, VSCode, Vim, Emacs, Sonarqube, GitHub Action, pre-commit, etc, etc

ericwb
ericwb requested changes Jan 11, 2025
View reviewed changes
Comment thread doc/source/start.rst
Comment on lines +132 to +133
GitLab CI/CD integration
------------------
Copy link
Copy Markdown
Member

@ericwb ericwb Jan 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
GitLab CI/CD integration
------------------
GitLab CI/CD integration
------------------------

Comment thread doc/source/start.rst
bandit:
cache: {}
image:
name: cytopia/bandit:1-py3.10
Copy link
Copy Markdown
Member

@ericwb ericwb Jan 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, please switch the official Bandit image.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lukehinds lukehinds lukehinds left review comments

@ericwb ericwb ericwb requested changes

@sigmavirus24 sigmavirus24 Awaiting requested review from sigmavirus24 sigmavirus24 is a code owner

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Bengt @ericwb @lukehinds