Bandit crashes on Python 2 deprecation
Opened this issue · 1 comments
Ochaun commented
Probably need to just deprecate support for 2.x for bandit installs. Ansible crashes on provision.
ochau@Win ~/github/static-analysis-ttp (master)
$ vagrant provision --provision-with bandit
==> linux: Running provisioner: bandit (ansible_local)...
linux: Installing Ansible...
linux: Running ansible-playbook...
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [linux]
TASK [python2 and 3 deps] ******************************************************
ok: [linux]
TASK [installing bandit for py2] ***********************************************
fatal: [linux]: FAILED! => {"changed": false, "cmd": ["/opt/bandit/python2_venv/bin/pip", "install", "bandit"], "msg": "stdout: Collecting bandit\n Using cached bandit-1.7.0.tar.gz (506 kB)\n\n:stderr: DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.\nERROR: Package 'bandit' requires a different Python: 2.7.17 not in '>=3.5'\n"}
PLAY RECAP *********************************************************************
linux : ok=2 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.elreydetoda commented
I honestly think we should probably move it into a docker container then, because just since py 2 is EOL doesn't mean we won't have to do static analysis on py 2. So, we need to still be able to handle that probably.
I will comment it out for now, so it builds properly.