[tox]
envlist = flake8,py2,py3,bandit

[testenv:flake8]
deps =
    flake8
    flake8-import-order
# On EL6, pip would get us a flake8 that doesn't work with python2.6. The next
# two lines let us use an RPM-based version from EPEL if it is installed
sitepackages = true
whitelist_externals = flake8
# dtto with for newer tox
allowlist_externals = flake8
# These two lines just speed things up by avoiding unnecessary setup
skip_install=true
usedevelop=true
commands =
    flake8

[testenv]
deps =
    -r{toxinidir}/requirements.txt
# We need to access python-rpm, at least, and potentially more on EL6
sitepackages = true
setenv =
    COLUMNS=80
# Expected that python-rpm is installed on the host
# If rpm's python bindings are missing, don't continue
# Also, because coverage might be installed system-wide and it serves as our
# entry point, let's make sure it's installed in the virtualenv.
#
# COLUMNS setting is propagated to optparse and ensures that formatted text
# is same in the CLI output on all platforms
commands_pre =
    {envbindir}/python -c "import rpm"

[testenv:py3]
deps =
    -r{toxinidir}/test-requirements.txt
setenv = 
    {[testenv]setenv}
    PYTHONPATH=.:plugins/hub/.:plugins/builder/.:plugins/cli/.:cli/.:www/lib
commands_pre =
    {[testenv]commands_pre}
    python -m coverage erase --rcfile .coveragerc3
commands = 
    python -m pytest -n auto --cov --cov-config .coveragerc3 --cov-report=html

[testenv:py2]
deps =
    -r{toxinidir}/test-requirements.txt
setenv =
    {[testenv]setenv}
    PYTHONPATH=.:plugins/builder/.:plugins/cli/.:cli/.:www/lib
    PYTHONHASHSEED=0
commands_pre =
    {[testenv]commands_pre}
    {envbindir}/coverage2 erase
commands =
    {envbindir}/coverage2 run --source . -m pytest {posargs:\
        tests/test_builder tests/test_cli tests/test_lib \
        tests/test_plugins/test_runroot_builder.py \
        tests/test_plugins/test_save_failed_tree_builder.py \
        tests/test_plugins/test_runroot_cli.py \
        tests/test_plugins/test_save_failed_tree_cli.py \
        tests/test_plugins/test_sidetag_cli.py}
    {envbindir}/coverage2 report
    {envbindir}/coverage2 html -d {toxinidir}/htmlcov/py2

# This is identical to the py2 testenv, but without attempting to install
# dependencies from requirements.txt. In practice this will mean RPM-based
# dependencies must be installed.
[testenv:py2-rpmdeps]
deps =
    -r{toxinidir}/test-requirements.txt
setenv =
    {[testenv:py2]setenv}
commands_pre =
    {[testenv:py2]commands_pre}
commands =
    {[testenv:py2]commands}

[testenv:bandit]
# These two lines just speed things up by avoiding unnecessary setup
skip_install=true
usedevelop=true
# B108 - Insecure usage of temp - we're very often handling it in non-standard way
#        (temp inside mock, etc)
# B608 - hardcoded SQL - not everything is turned into Processors
deps =
    bandit
allowlist_externals = bandit
commands =
    bandit -c .bandit.yaml -ll -s B108,B608 -r \
        builder cli kojihub koji plugins util vm www \
        builder/kojid \
        cli/koji \
        util/koji-gc util/kojira util/koji-shadow util/koji-sweep-db \
        vm/kojivmd