841 add bandit to pipeline
Description
Issue: https://repo1.dso.mil/ironbank-tools/ironbank-pipeline/-/issues/841
- Bandit has been added to the irobank-modules pipeline.
- It exits with 1 if there are any findings.
- This causes the job to fail, so the bandit job is set to allow to fail for now while we work on mitigating the findings.
- There are currently 0 high findings.
- The bandit job also generates a report artifact.
- The following jobs have been pulled into one stage called "code-check": bandit, format, lint, trufflehog, unit-testing.
Risk
- N/A
Testing
- To run the bandit job locally run the command
make run_bandit.
Edited by Jeffrey Wuebbles