cookstyle 5.9.3 → 5.10.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b4f5eafb40f3af8be2a8af2d128ad4b9788e41c52ab1a410831143ab50d719be
-  data.tar.gz: a580aaee49df70685f9e1f0cf8ca6a71270d81b5277e37a497a572e06cf3aea3
+  metadata.gz: f5b67cdd58b4a1b059bc220b84e9b61fc242690234cae85cdc06798c96926d39
+  data.tar.gz: c8c1f767761dffcdf81111e4886b566458bb1337cea63826addccc78341359c2
 SHA512:
-  metadata.gz: 1684945f60801dd046dc16c0b5d813863ae9dd0ec0616a681a23d86e12fe77c5a337d2bce0002a59041afafc2b02f0f3d1a99b338e39c43d940a8fd66302abcb
-  data.tar.gz: db367ba9d75c4dad58daf64759bb361c6da1141131b134d7a3c52e18a21e627f831ef59f274a38842871939a810e78945db0a8d3f821a322f7c3dae6d9323f9c
+  metadata.gz: 396a689a645d364c225cdba6ec31380b77450d0336a1b3f9d4c3b146220a9ba0a723009892fba86ef82e02e3b88b024555a983ab7cd04df8ab5b5baaca388acc
+  data.tar.gz: bd65a338641f061e1e6bfaf935096e2b4dc4fec7789ade64421cf615ddf668b1f694e561f11105ddcf066bb8bb975a4b80728f10257425c146f7f7ac8e120570

data/config/cookstyle.yml

@@ -237,6 +237,20 @@ ChefCorrectness/InvalidVersionMetadata:
   Include:
     - '**/metadata.rb'
 
+ChefCorrectness/NotifiesActionNotSymbol:
+  Description: When notifying an action within a resource the action should always be a symbol. In Chef Infra Client releases before 14.0 this may result in double notification.
+  Enabled: true
+  VersionAdded: '5.10.0'
+  Include:
+    - '**/metadata.rb'
+
+ChefCorrectness/IncorrectLibraryInjection:
+  Description: Libraries should be injected into the Chef::DSL::Recipe or Chef::DSL::Resource classes and not Recipe/Resource/Provider classes directly.
+  Enabled: true
+  VersionAdded: '5.10.0'
+  Include:
+    - '**/metadata.rb'
+
 ###############################
 # ChefDeprecations: Resolving Deprecations that block upgrading Chef Infra Client
 ###############################
@@ -514,6 +528,34 @@ ChefDeprecations/ChefHandlerUsesSupports:
   Exclude:
     - '**/metadata.rb'
 
+ChefDeprecations/DeprecatedYumRepositoryProperties:
+  Description: With the release of Chef Infra Client 12.14 and the yum cookbook 3.0 several properties in the yum_repository resource were renamed. url -> baseurl, keyurl -> gpgkey, and mirrorexpire -> mirror_expire.
+  Enabled: true
+  VersionAdded: '5.10.0'
+  Exclude:
+    - '**/metadata.rb'
+
+ChefDeprecations/EOLAuditModeUsage:
+  Description: The beta Audit Mode feature in Chef Infra Client was removed in Chef Infra Client 15.0. Users should instead use InSpec and the audit cookbook. See https://www.inspec.io/ for more informmation.
+  Enabled: true
+  VersionAdded: '5.10.0'
+  Exclude:
+    - '**/metadata.rb'
+
+ChefDeprecations/ResourceInheritsFromCompatResource:
+  Description: HWRP style resource should inherit from the 'Chef::Resource' class and not the 'ChefCompat::Resource' class from the deprecated compat_resource cookbook.
+  Enabled: true
+  VersionAdded: '5.10.0'
+  Include:
+    - '**/libraries/*.rb'
+
+ChefDeprecations/VerifyPropertyUsesFileExpansion:
+  Description: Use the 'path' variable in the verify property and not the 'file' variable which was removed in Chef Infra Client 13.
+  Enabled: true
+  VersionAdded: '5.10.0'
+  Exclude:
+    - '**/metadata.rb'
+
 ###############################
 # ChefModernize: Cleaning up legacy code and using new built-in resources
 ###############################
@@ -580,11 +622,12 @@ ChefModernize/CustomResourceWithAttributes:
     - '**/resources/*.rb'
 
 ChefModernize/CustomResourceWithAllowedActions:
-  Description: Custom Resources don't need to define the allowed actions with allowed_actions or actions methods
+  Description: Resources no longer need to define the allowed actions using the allowed_actions / actions helper methods or within an initialize method.
   Enabled: true
   VersionAdded: '5.2.0'
   Include:
     - '**/resources/*.rb'
+    - '**/libraries/*.rb'
 
 ChefModernize/IncludingAptDefaultRecipe:
   Description: Do not include the Apt default recipe to update package cache. Instead use the apt_update resource, which is built into Chef Infra Client 12.7 and later.
@@ -762,6 +805,24 @@ ChefModernize/PowerShellGuardInterpreter:
   Exclude:
     - '**/metadata.rb'
 
+ChefModernize/DefaultActionFromInitialize:
+  Description: The default actions can now be specified using the `default_action` helper instead of using the @action variable in the resource provider initialize method.
+  Enabled: true
+  VersionAdded: '5.10.0'
+  Include:
+    - '**/resources/*.rb'
+    - '**/providers/*.rb'
+    - '**/libraries/*.rb'
+
+ChefModernize/ResourceNameFromInitialize:
+  Description: The name of a resource can be set with the "resource_name" helper instead of using the initialize method.
+  Enabled: true
+  VersionAdded: '5.10.0'
+  Include:
+    - '**/resources/*.rb'
+    - '**/providers/*.rb'
+    - '**/libraries/*.rb'
+
 ###############################
 # Migrating to new patterns
 ###############################
@@ -776,6 +837,21 @@ ChefEffortless/CookbookUsesDatabags:
   Enabled: false
   VersionAdded: '5.1.0'
 
+ChefEffortless/CookbookUsesEnvironmments:
+  Description: Cookbook uses environments, which cannot be used in the Effortless Infra pattern
+  Enabled: false
+  VersionAdded: '5.10.0'
+
+ChefEffortless/CookbookUsesPolicygroups:
+  Description: Cookbook uses Policy Groups, which cannot be used in the Effortless Infra pattern
+  Enabled: false
+  VersionAdded: '5.10.0'
+
+ChefEffortless/CookbookUsesRoles:
+  Description: Cookbook uses Roles, which cannot be used in the Effortless Infra pattern
+  Enabled: false
+  VersionAdded: '5.10.0'
+
 #### The base rubocop 0.37 enabled.yml file we started with ####
 
 Layout/AccessModifierIndentation:

data/lib/cookstyle/version.rb

@@ -1,4 +1,4 @@
 module Cookstyle
-  VERSION = "5.9.3".freeze # rubocop: disable Style/StringLiterals
+  VERSION = "5.10.11".freeze # rubocop: disable Style/StringLiterals
   RUBOCOP_VERSION = '0.72.0'.freeze
 end

data/lib/rubocop/cop/chef/correctness/incorrect_library_injection.rb

@@ -0,0 +1,60 @@
+#
+# Copyright:: Copyright 2019, Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+module RuboCop
+  module Cop
+    module Chef
+      module ChefCorrectness
+        # Libraries should be injected into the Chef::DSL::Recipe or Chef::DSL::Resource classes and not Recipe/Resource/Provider classes directly.
+        #
+        # @example
+        #
+        #   # bad
+        #   ::Chef::Recipe.send(:include, Filebeat::Helpers)
+        #   ::Chef::Provider.send(:include, Filebeat::Helpers)
+        #   ::Chef::Resource.send(:include, Filebeat::Helpers)
+        #
+        #   # good
+        #   ::Chef::DSL::Recipe.send(:include, Filebeat::Helpers) # covers previous Recipe & Provider classes
+        #   ::Chef::DSL::Resource.send(:include, Filebeat::Helpers)
+        #
+        class IncorrectLibraryInjection < Cop
+          MSG = 'Libraries should be injected into the Chef::DSL::Recipe or Chef::DSL::Resource classes and not Recipe/Resource/Provider classes directly.'.freeze
+
+          def_node_matcher :legacy_class_sends?, <<-PATTERN
+            (send (const (const (cbase) :Chef) {:Recipe :Provider :Resource}) :send (sym :include) ... )
+          PATTERN
+
+          def on_send(node)
+            legacy_class_sends?(node) do
+              add_offense(node, location: :expression, message: MSG, severity: :refactor)
+            end
+          end
+
+          def autocorrect(node)
+            lambda do |corrector|
+              new_val = node.source
+              new_val.gsub!(/Chef::(Provider|Recipe)/, 'Chef::DSL::Recipe')
+              new_val.gsub!(/Chef::Resource/, 'Chef::DSL::Resource')
+
+              corrector.replace(node.loc.expression, new_val)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/correctness/node_normal.rb

@@ -1,5 +1,5 @@
 #
-# Copyright:: Copyright 2019-2019, Chef Software Inc.
+# Copyright:: Copyright 2019, Chef Software Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

data/lib/rubocop/cop/chef/correctness/node_normal_unless.rb

@@ -1,5 +1,5 @@
 #
-# Copyright:: Copyright 2019-2019, Chef Software Inc.
+# Copyright:: Copyright 2019, Chef Software Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

data/lib/rubocop/cop/chef/correctness/notifies_action_not_symbol.rb

@@ -0,0 +1,56 @@
+#
+# Copyright:: 2019, Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+module RuboCop
+  module Cop
+    module Chef
+      module ChefCorrectness
+        # When notifying an action within a resource the action should always be a symbol. In Chef Infra Client releases before 14.0 this may result in double notification.
+        #
+        # @example
+        #
+        #   # bad
+        #   execute 'some commmand' do
+        #     notifies 'restart', 'service[httpd]', 'delayed'
+        #   end
+        #
+        #   # good
+        #   execute 'some commmand' do
+        #     notifies :restart, 'service[httpd]', 'delayed'
+        #   end
+        #
+        class NotifiesActionNotSymbol < Cop
+          include RuboCop::Chef::CookbookHelpers
+
+          MSG = 'Resource notifcation actions should be symbols not strings.'.freeze
+
+          def on_block(node)
+            match_property_in_resource?(nil, 'notifies', node) do |notifies_property|
+              add_offense(notifies_property, location: :expression, message: MSG, severity: :refactor) if notifies_property.node_parts[2].str_type?
+            end
+          end
+
+          def autocorrect(node)
+            lambda do |corrector|
+              corrector.replace(node.first_argument.loc.expression, ":#{node.node_parts[2].value}")
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/deprecation/deprecated_yum_repository_properties.rb

@@ -0,0 +1,65 @@
+#
+# Copyright:: 2019, Chef Software, Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+module RuboCop
+  module Cop
+    module Chef
+      module ChefDeprecations
+        # With the release of Chef Infra Client 12.14 and the yum cookbook 3.0 several properties in the yum_repository resource were renamed. url -> baseurl, keyurl -> gpgkey, and mirrorexpire -> mirror_expire.
+        #
+        # @example
+        #
+        #   # bad
+        #   yum_repository 'OurCo' do
+        #     description 'OurCo yum repository'
+        #     url 'http://artifacts.ourco.org/foo/bar'
+        #     keyurl 'http://artifacts.ourco.org/pub/yum/RPM-GPG-KEY-OURCO-6'
+        #     mirrorexpire 1440
+        #     action :create
+        #   end
+        #
+        #   # good
+        #   yum_repository 'OurCo' do
+        #     description 'OurCo yum repository'
+        #     baseurl 'http://artifacts.ourco.org/foo/bar'
+        #     gpgkey 'http://artifacts.ourco.org/pub/yum/RPM-GPG-KEY-OURCO-6'
+        #     mirror_expire 1440
+        #     action :create
+        #   end
+        #
+        class DeprecatedYumRepositoryProperties < Cop
+          include RuboCop::Chef::CookbookHelpers
+
+          MSG = 'With the release of Chef Infra Client 12.14 and the yum cookbook 3.0 several properties in the yum_repository resource were renamed. url -> baseurl, keyurl -> gpgkey, and mirrorexpire -> mirror_expire.'.freeze
+
+          def on_block(node)
+            %w(url keyurl mirrorexpire).each do |prop|
+              match_property_in_resource?(:yum_repository, prop, node) do |prop_node|
+                add_offense(prop_node, location: :expression, message: MSG, severity: :refactor)
+              end
+            end
+          end
+
+          def autocorrect(node)
+            lambda do |corrector|
+              corrector.replace(node.loc.expression, node.loc.expression.source.gsub(/^url/, 'baseurl').gsub(/^keyurl/, 'gpgkey').gsub(/^mirrorexpire/, 'mirror_expire'))
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/deprecation/eol_audit_mode.rb

@@ -0,0 +1,48 @@
+#
+# Copyright:: 2019, Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+module RuboCop
+  module Cop
+    module Chef
+      module ChefDeprecations
+        # The beta Audit Mode for Chef Infra Client was removed in Chef Infra Client 15.0. Users should instead use InSpec and the audit cookbook. See https://www.inspec.io/ for more informmation.
+        #
+        # @example
+        #
+        #   # bad
+        #   control_group 'Baseline' do
+        #     control 'SSH' do
+        #       it 'should be listening on port 22' do
+        #         expect(port(22)).to be_listening
+        #       end
+        #     end
+        #   end
+
+        class EOLAuditModeUsage < Cop
+          MSG = 'The beta Audit Mode feature in Chef Infra Client was removed in Chef Infra Client 15.0. Users should instead use InSpec and the audit cookbook. See https://www.inspec.io/ for more informmation.'.freeze
+
+          def_node_matcher :control_group?, '(send nil? :control_group ...)'
+
+          def on_send(node)
+            control_group?(node) do
+              add_offense(node, location: :selector, message: MSG, severity: :refactor)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/deprecation/inherits_compat_resource.rb

@@ -0,0 +1,61 @@
+#
+# Copyright:: 2019, Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+module RuboCop
+  module Cop
+    module Chef
+      module ChefDeprecations
+        # Resources written in the class based HWRP style should inherit from the 'Chef::Resource' class and not the 'ChefCompat::Resource' class from the deprecated compat_resource cookbook.
+        #
+        # @example
+        #
+        #  # bad
+        #  class AptUpdate < ChefCompat::Resource
+        #    # some resource code
+        #  end
+        #
+        #  # good
+        #  class AptUpdate < Chef::Resource
+        #    # some resource code
+        #  end
+        #
+        #  # better
+        #  Write a custom resource using the custom resource DSL and avoid class based HWRPs entirely
+        #
+        class ResourceInheritsFromCompatResource < Cop
+          MSG = "HWRP style resource should inherit from the 'Chef::Resource' class and not the 'ChefCompat::Resource' class from the deprecated compat_resource cookbook.".freeze
+
+          def_node_matcher :inherits_from_compat_resource?, <<-PATTERN
+          (class (const nil? _ ) (const (const nil? :ChefCompat) :Resource) ... )
+          PATTERN
+
+          def on_class(node)
+            inherits_from_compat_resource?(node) do
+              add_offense(node, location: :expression, message: MSG, severity: :refactor)
+            end
+          end
+
+          def autocorrect(node)
+            lambda do |corrector|
+              corrector.replace(node.loc.expression, node.loc.expression.source.gsub('ChefCompat', 'Chef'))
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/deprecation/node_set.rb

@@ -1,5 +1,5 @@
 #
-# Copyright:: Copyright 2019-2019, Chef Software Inc.
+# Copyright:: Copyright 2019, Chef Software Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

data/lib/rubocop/cop/chef/deprecation/node_set_unless.rb

@@ -1,5 +1,5 @@
 #
-# Copyright:: Copyright 2019-2019, Chef Software Inc.
+# Copyright:: Copyright 2019, Chef Software Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

data/lib/rubocop/cop/chef/deprecation/verify_property_file_expansion.rb

@@ -0,0 +1,55 @@
+#
+# Copyright:: 2019, Chef Software, Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+module RuboCop
+  module Cop
+    module Chef
+      module ChefDeprecations
+        # In Chef Infra Client 13 the "file" variable for use within the verify property was replaced with the "path" variable.
+        #
+        # @example
+        #
+        #   # bad
+        #   file '/etc/nginx.conf' do
+        #     verify 'nginx -t -c %{file}'
+        #   end
+        #
+        #   # good
+        #   file '/etc/nginx.conf' do
+        #     verify 'nginx -t -c %{path}'
+        #   end
+        #
+        class VerifyPropertyUsesFileExpansion < Cop
+          include RuboCop::Chef::CookbookHelpers
+
+          MSG = "Use the 'path' variable in the verify property and not the 'file' variable which was removed in Chef Infra Client 13.".freeze
+
+          def on_block(node)
+            match_property_in_resource?(nil, 'verify', node) do |verify|
+              add_offense(verify, location: :expression, message: MSG, severity: :refactor) if verify.source.match?(/%{file}/)
+            end
+          end
+
+          def autocorrect(node)
+            lambda do |corrector|
+              corrector.replace(node.loc.expression, node.loc.expression.source.gsub('%{file}', '%{path}'))
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/effortless/node_environment.rb

@@ -0,0 +1,41 @@
+#
+# Copyright:: Copyright 2019, Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+module RuboCop
+  module Cop
+    module Chef
+      module ChefEffortless
+        # Neither Policyfiles or Effortless Infra which is based on Policyfiles supports Chef Environments
+        #
+        # @example
+        #
+        #   # bad
+        #   node.environment == "production"
+        #   node.chef_environment == "production"
+        #
+        class CookbookUsesEnvironmments < Cop
+          MSG = 'Cookbook uses environments, which cannot be used in Policyfiles or Effortless Infra'.freeze
+
+          def on_send(node)
+            if %i(environment chef_environment).include?(node.method_name) && node.receiver && node.receiver.send_type? && node.receiver.method_name == :node
+              add_offense(node, location: :expression, message: MSG, severity: :refactor)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/effortless/node_policygroup.rb

@@ -0,0 +1,40 @@
+#
+# Copyright:: Copyright 2019, Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+module RuboCop
+  module Cop
+    module Chef
+      module ChefEffortless
+        # Effortless Infra does not support Policyfile's Policygroup feature
+        #
+        # @example
+        #
+        #   # bad
+        #   node.policy_group == "foo"
+        #
+        class CookbookUsesPolicygroups < Cop
+          MSG = 'Cookbook uses Policy Groups, which cannot be used with Effortless Infra'.freeze
+
+          def on_send(node)
+            if node.method_name == :policy_group && node.receiver && node.receiver.send_type? && node.receiver.method_name == :node
+              add_offense(node, location: :expression, message: MSG, severity: :refactor)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/effortless/node_roles.rb

@@ -0,0 +1,41 @@
+#
+# Copyright:: Copyright 2019, Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+module RuboCop
+  module Cop
+    module Chef
+      module ChefEffortless
+        # Neither Policyfiles or Effortless Infra which is based on Policyfiles supports Chef Roles
+        #
+        # @example
+        #
+        #   # bad
+        #   node.role?('webserver')
+        #   node.roles.include?('webserver')
+        #
+        class CookbookUsesRoles < Cop
+          MSG = 'Cookbook uses roles, which cannot be used in Policyfiles or Effortless Infra'.freeze
+
+          def on_send(node)
+            if %i(role? roles).include?(node.method_name) && node.receiver && node.receiver.send_type? && node.receiver.method_name == :node
+              add_offense(node, location: :expression, message: MSG, severity: :refactor)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/modernize/default_action_initializer.rb

@@ -0,0 +1,66 @@
+#
+# Copyright:: 2019, Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+module RuboCop
+  module Cop
+    module Chef
+      module ChefModernize
+        # The default actions can now be specified using the `default_action` helper instead of using the @action variable in the resource provider initialize method. In general we recommend against writing HWRPs, but if HWRPs are necessary you should utilize as much of the resource DSL as possible.
+        #
+        # @example
+        #
+        #   # bad
+        #   def initialize(*args)
+        #     super
+        #     @action = :create
+        #   end
+        #
+        #  # good
+        #  default_action :create
+
+        class DefaultActionFromInitialize < Cop
+          include RangeHelp
+
+          MSG = 'The default action of a resource can be set with the "default_action" helper instead of using the initialize method.'.freeze
+
+          def on_def(node)
+            return unless node.method_name == :initialize
+            return if node.body.nil? # nil body is an empty initialize method
+
+            node.body.each_node do |x|
+              if x.assignment? && !x.node_parts.empty? && x.node_parts.first == :@action
+                add_offense(x, location: :expression, message: MSG, severity: :refactor)
+              end
+            end
+          end
+
+          def_node_search :intialize_method, '(def :initialize ... )'
+
+          def autocorrect(node)
+            lambda do |corrector|
+              # insert the new default_action call above the initialize method
+              initialize_node = intialize_method(processed_source.ast).first
+              corrector.insert_before(initialize_node.source_range, "default_action #{node.asgn_rhs.source}\n\n")
+
+              # remove the variable from the initialize method
+              corrector.remove(range_with_surrounding_space(range: node.loc.expression, side: :left))
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/modernize/resource_name_initializer.rb

@@ -0,0 +1,66 @@
+#
+# Copyright:: 2019, Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+module RuboCop
+  module Cop
+    module Chef
+      module ChefModernize
+        # The resource name can now be specified using the `resource_name` helper instead of using the @resource_name variable in the resource provider initialize method. In general we recommend against writing HWRPs, but if HWRPs are necessary you should utilize as much of the resource DSL as possible.
+        #
+        # @example
+        #
+        #   # bad
+        #   def initialize(*args)
+        #     super
+        #     @resource_name = :foo
+        #   end
+        #
+        #  # good
+        #  resource_name :create
+
+        class ResourceNameFromInitialize < Cop
+          include RangeHelp
+
+          MSG = 'The name of a resource can be set with the "resource_name" helper instead of using the initialize method.'.freeze
+
+          def on_def(node)
+            return unless node.method_name == :initialize
+            return if node.body.nil? # nil body is an empty initialize method
+
+            node.body.each_node do |x|
+              if x.assignment? && !x.node_parts.empty? && x.node_parts.first == :@resource_name
+                add_offense(x, location: :expression, message: MSG, severity: :refactor)
+              end
+            end
+          end
+
+          def_node_search :intialize_method, '(def :initialize ... )'
+
+          def autocorrect(node)
+            lambda do |corrector|
+              # insert the new resource_name call above the initialize method
+              initialize_node = intialize_method(processed_source.ast).first
+              corrector.insert_before(initialize_node.source_range, "resource_name #{node.asgn_rhs.source}\n\n")
+
+              # remove the variable from the initialize method
+              corrector.remove(range_with_surrounding_space(range: node.loc.expression, side: :left))
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/modernize/resource_with_allowed_actions.rb

@@ -19,25 +19,26 @@ module RuboCop
   module Cop
     module Chef
       module ChefModernize
-        # In Chef Infra Client releases after 12.5 it is no longer necessary to set `actions` or `allowed_actions` as Chef Infra Client determines these automatically from the set of all actions defined in the resource.
+        # In Chef Infra Client 12.5 and later it is no longer necessary to set `actions` or `allowed_actions` as Chef Infra Client determines these automatically from the set of all actions defined in the resource.
         #
         # @example
         #
         #   # bad
-        #   property :something, String
-        #
         #   allowed_actions [:create, :remove]
         #
         #   # also bad
-        #   property :something, String
-        #
         #   actions [:create, :remove]
         #
-        #   # good
-        #   property :something, String
+        #   # don't do this either
+        #   def initialize(*args)
+        #     super
+        #     @allowed_actions = [:create, :remove]
+        #   end
         #
         class CustomResourceWithAllowedActions < Cop
-          MSG = 'Resources no longer need to define the allowed actions with allowed_actions or actions methods.'.freeze
+          include RangeHelp
+
+          MSG = 'Resources no longer need to define the allowed actions using the allowed_actions / actions helper methods or within an initialize method.'.freeze
 
           def_node_matcher :allowed_actions?, <<-PATTERN
             (send nil? {:allowed_actions :actions} ... )
@@ -49,9 +50,28 @@ module RuboCop
             end
           end
 
+          def on_def(node)
+            return unless node.method_name == :initialize
+            return if node.body.nil? # empty initialize methods
+
+            node.body.each_node do |x|
+              if allowed_actions_assignment?(x) || allowed_action_send?(x)
+                add_offense(x, location: :expression, message: MSG, severity: :refactor)
+              end
+            end
+          end
+
+          def allowed_actions_assignment?(node)
+            node.assignment? && node.node_parts.first == :@allowed_actions
+          end
+
+          def allowed_action_send?(node)
+            node.send_type? && node.receiver == s(:ivar, :@allowed_actions)
+          end
+
           def autocorrect(node)
             lambda do |corrector|
-              corrector.remove(node.loc.expression)
+              corrector.remove(range_with_surrounding_space(range: node.loc.expression, side: :left))
             end
           end
         end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cookstyle
 version: !ruby/object:Gem::Version
-  version: 5.9.3
+  version: 5.10.11
 platform: ruby
 authors:
 - Thom May
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-10-14 00:00:00.000000000 Z
+date: 2019-10-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rubocop
@@ -51,6 +51,7 @@ files:
 - lib/rubocop/cop/chef/correctness/cb_depends_on_self.rb
 - lib/rubocop/cop/chef/correctness/default_maintainer_metadata.rb
 - lib/rubocop/cop/chef/correctness/empty_metadata_field.rb
+- lib/rubocop/cop/chef/correctness/incorrect_library_injection.rb
 - lib/rubocop/cop/chef/correctness/insecure_cookbook_url.rb
 - lib/rubocop/cop/chef/correctness/invalid_license_string.rb
 - lib/rubocop/cop/chef/correctness/invalid_platform_metadata.rb
@@ -60,6 +61,7 @@ files:
 - lib/rubocop/cop/chef/correctness/node_normal.rb
 - lib/rubocop/cop/chef/correctness/node_normal_unless.rb
 - lib/rubocop/cop/chef/correctness/node_save.rb
+- lib/rubocop/cop/chef/correctness/notifies_action_not_symbol.rb
 - lib/rubocop/cop/chef/correctness/ohai_default_recipe.rb
 - lib/rubocop/cop/chef/correctness/property_with_default_and_required.rb
 - lib/rubocop/cop/chef/correctness/property_with_name_attribute.rb
@@ -80,9 +82,12 @@ files:
 - lib/rubocop/cop/chef/deprecation/depends_partial_search.rb
 - lib/rubocop/cop/chef/deprecation/depends_poise.rb
 - lib/rubocop/cop/chef/deprecation/deprecated_mixins.rb
+- lib/rubocop/cop/chef/deprecation/deprecated_yum_repository_properties.rb
 - lib/rubocop/cop/chef/deprecation/easy_install.rb
+- lib/rubocop/cop/chef/deprecation/eol_audit_mode.rb
 - lib/rubocop/cop/chef/deprecation/epic_fail.rb
 - lib/rubocop/cop/chef/deprecation/erl_call.rb
+- lib/rubocop/cop/chef/deprecation/inherits_compat_resource.rb
 - lib/rubocop/cop/chef/deprecation/launchd_deprecated_hash_property.rb
 - lib/rubocop/cop/chef/deprecation/legacy_yum_cookbook_recipes.rb
 - lib/rubocop/cop/chef/deprecation/locale_lc_all_property.rb
@@ -103,16 +108,21 @@ files:
 - lib/rubocop/cop/chef/deprecation/suggests_metadata.rb
 - lib/rubocop/cop/chef/deprecation/use_inline_resources.rb
 - lib/rubocop/cop/chef/deprecation/user_supports_property.rb
+- lib/rubocop/cop/chef/deprecation/verify_property_file_expansion.rb
 - lib/rubocop/cop/chef/deprecation/windows_task_change_action.rb
 - lib/rubocop/cop/chef/deprecation/xml_ruby_recipe.rb
 - lib/rubocop/cop/chef/deprecation/yum_dnf_compat_recipe.rb
 - lib/rubocop/cop/chef/effortless/data_bags.rb
+- lib/rubocop/cop/chef/effortless/node_environment.rb
+- lib/rubocop/cop/chef/effortless/node_policygroup.rb
+- lib/rubocop/cop/chef/effortless/node_roles.rb
 - lib/rubocop/cop/chef/effortless/search_used.rb
 - lib/rubocop/cop/chef/modernize/apt_default_recipe.rb
 - lib/rubocop/cop/chef/modernize/berksfile_source.rb
 - lib/rubocop/cop/chef/modernize/build_essential.rb
 - lib/rubocop/cop/chef/modernize/chef_14_resources.rb
 - lib/rubocop/cop/chef/modernize/cron_manage_resource.rb
+- lib/rubocop/cop/chef/modernize/default_action_initializer.rb
 - lib/rubocop/cop/chef/modernize/defines_chefspec_matchers.rb
 - lib/rubocop/cop/chef/modernize/depends_zypper_cookbook.rb
 - lib/rubocop/cop/chef/modernize/execute_apt_update.rb
@@ -128,6 +138,7 @@ files:
 - lib/rubocop/cop/chef/modernize/powershell_guard_interpreter.rb
 - lib/rubocop/cop/chef/modernize/powershell_install_package.rb
 - lib/rubocop/cop/chef/modernize/powershell_install_windowsfeature.rb
+- lib/rubocop/cop/chef/modernize/resource_name_initializer.rb
 - lib/rubocop/cop/chef/modernize/resource_set_or_return.rb
 - lib/rubocop/cop/chef/modernize/resource_with_allowed_actions.rb
 - lib/rubocop/cop/chef/modernize/resource_with_attributes.rb