Easily generate a valid configuration file for bandit

Most of the OpenStack projects that use bandit seem to share a similar bandit.yaml configuration file. Basically, they copy/paste the example config file provided by bandit (see bandit/config/bandit.yaml in the git repo) and remove some checkers, maybe sometimes tweak the configuration of a checker, and that's it.

Updating the configuration when a new release of bandit comes out might be tricky: every project has to manually check what checkers have been added, what part of the configuration has changed, etc. While this makes sense for projects that need fine-tuned configuration, most OpenStack configuration could probably use a generic 'default' configuration.

Apparently, the format of the config file might change in a near future[1]. At least until then, I think it might help to provide developers with a tool that could generate a bandit.yaml configuration suitable for their projects.

I wrote a proof-of-concept [2] that does exactly that. It generates a bandit.yaml file, containing a single profile, with all checks enabled, except those explicitely disabled using an option of the command line.

I'd like this to live in the bandit git repo. It could also use its own configuration file.

[1] http://lists.openstack.org/pipermail/openstack-dev/2015-November/078270.html
[2] https://github.com/CyrilRoelandteNovance/bandit_conf_generator

---
Simpler configuration format.

A simpler configuration format could look like this:

$ cat oslo_messaging.yaml
profile_name: gate
exclude_checkers: [assert_used, try_except_pass]

This is clean and simple, and most projects will likely only need this.

We could then add something like this:

blacklist_imports:
    _bcg_remove_import_sets: [telnet]
    bad_import_sets:
        - foobar:
            imports: [foo, bar]
            level: HIGH
            message: >
                FOO BAR

to tweak the configuration of the 'blacklist_imports' checker by removing the 'telnet' section and adding the 'foobar' one.