cookstyle 6.2.5 → 6.6.9

data/lib/rubocop/cop/chef/correctness/lazy_eval_node_attribute_defaults.rb

@@ -0,0 +1,56 @@
+#
+# Copyright:: 2020, Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+module RuboCop
+  module Cop
+    module Chef
+      module ChefCorrectness
+        # When setting a node attribute as a default value for a custom resource property, make sure to wrap the node attribute in `lazy {}` so that the node attribute is available when the resource executes.
+        #
+        # @example
+        #
+        #   # bad
+        #   property :Something, String, default: node['hostname']
+        #
+        #   # good
+        #   property :Something, String, default: lazy { node['hostname'] }
+        #
+        class LazyEvalNodeAttributeDefaults < Cop
+          include RuboCop::Chef::CookbookHelpers
+
+          MSG = 'When setting a node attribute as a default value for a custom resource property, make sure to wrap the node attribute in `lazy {}` so that the node attribute is available when the resource executes.'.freeze
+
+          def_node_matcher :non_lazy_node_attribute_default?, <<-PATTERN
+           (send nil? :property (sym _) ... (hash <(pair (sym :default) $(send (send _ :node) :[] _) ) ...>))
+          PATTERN
+
+          def on_send(node)
+            non_lazy_node_attribute_default?(node) do |default|
+              add_offense(default, location: :expression, message: MSG, severity: :refactor)
+            end
+          end
+
+          def autocorrect(node)
+            lambda do |corrector|
+              corrector.replace(node.loc.expression, "lazy { #{node.loc.expression.source} }")
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/correctness/node_normal.rb

@@ -18,7 +18,7 @@ module RuboCop
     module Chef
       module ChefCorrectness
         # Normal attributes are discouraged since their semantics differ importantly from the
-        # default and override levels.  Their values persist in the node object even after
+        # default and override levels. Their values persist in the node object even after
         # all code referencing them has been deleted, unlike default and override.
         #
         # Code should be updated to use default or override levels, but this will change

data/lib/rubocop/cop/chef/correctness/node_normal_unless.rb

@@ -18,7 +18,7 @@ module RuboCop
     module Chef
       module ChefCorrectness
         # Normal attributes are discouraged since their semantics differ importantly from the
-        # default and override levels.  Their values persist in the node object even after
+        # default and override levels. Their values persist in the node object even after
         # all code referencing them has been deleted, unlike default and override.
         #
         # Code should be updated to use default or override levels, but this will change

data/lib/rubocop/cop/chef/correctness/openssl_password_helpers.rb

@@ -0,0 +1,45 @@
+
+#
+# Copyright:: Copyright 2020, Chef Software Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+module RuboCop
+  module Cop
+    module Chef
+      module ChefCorrectness
+        # The openSSL cookbook provides a deprecated `secure_password` helper in the `Opscode::OpenSSL::Password` class, which should not longer be used. This helper would generate a random password that would be used when a data bag or attribute was no present. The practice of generating passwords to be stored on the node is bad security as it exposes the password to anyone that can view the nodes, and deleting a node deletes the password. Passwords should be retrieved from a secure source for use in cookbooks.
+        #
+        #   # bad
+        #   ::Chef::Recipe.send(:include, Opscode::OpenSSL::Password)
+        #   basic_auth_password = secure_password
+        #
+        class OpenSSLPasswordHelpers < Cop
+          MSG = 'The `secure_password` helper from the openssl cookbooks `Opscode::OpenSSL::Password` class should not be used to generate passwords.'.freeze
+
+          def_node_matcher :openssl_helper?, <<~PATTERN
+            (const
+              (const
+                (const nil? :Opscode) :OpenSSL) :Password)
+          PATTERN
+
+          def on_const(node)
+            openssl_helper?(node) do
+              add_offense(node, location: :expression, message: MSG, severity: :warning)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/deprecation/depends_compat_resource.rb

@@ -18,7 +18,7 @@ module RuboCop
   module Cop
     module Chef
       module ChefDeprecations
-        # Don't depend on the deprecated compat_resource cookbook made obsolete by Chef 12.19+
+        # Don't depend on the deprecated compat_resource cookbook made obsolete by Chef Infra Client 12.19+
         #
         # @example
         #

data/lib/rubocop/cop/chef/deprecation/depends_partial_search.rb

@@ -18,7 +18,7 @@ module RuboCop
   module Cop
     module Chef
       module ChefDeprecations
-        # Don't depend on the partial_search cookbook made obsolete by Chef 13
+        # Don't depend on the partial_search cookbook made obsolete by Chef Infra Client 13
         #
         # @example
         #

data/lib/rubocop/cop/chef/deprecation/deprecated_chefspec_platform.rb

@@ -47,22 +47,28 @@ module RuboCop
               '> 16.04, < 18.04' => true,
             },
             'fedora' => {
-              '< 30' => '30',
+              '< 31' => '31',
             },
             'freebsd' => {
-              '< 11' => '12',
+              '~> 11.0, < 11.2' => '11',
+              '= 12.0' => '12',
+              '< 11' => true,
             },
             'mac_os_x' => {
               '< 10.12' => '10.15',
             },
+            'suse' => {
+              '~> 12.0, < 12.4' => '12',
+              '< 12' => true,
+            },
             'opensuse' => {
               '< 14' => true,
               '~> 42.0' => true,
             },
             'debian' => {
               '< 8' => true,
-              '> 8.0, < 8.9' => '8',
-              '> 9.0, < 9.8' => '9',
+              '> 8.0, < 8.10' => '8',
+              '> 9.0, < 9.9' => '9',
             },
             'centos' => {
               '< 6.0' => true,

data/lib/rubocop/cop/chef/deprecation/deprecated_shellout_methods.rb

@@ -0,0 +1,65 @@
+#
+# Copyright:: 2020, Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+module RuboCop
+  module Cop
+    module Chef
+      module ChefDeprecations
+        # The large number of shell_out helper methods in Chef Infra Client has been reduced to just shell_out and shell_out! methods. The legacy methods were removed in Chef Infra Client and cookbooks using these legacy helpers will need to be updated.
+        #
+        # @example
+        #
+        #   # bad
+        #   shell_out_compact('foo')
+        #   shell_out_compact!('foo')
+        #   shell_out_with_timeout('foo')
+        #   shell_out_with_timeout!('foo')
+        #   shell_out_with_systems_locale('foo')
+        #   shell_out_with_systems_locale!('foo')
+        #   shell_out_compact_timeout('foo')
+        #   shell_out_compact_timeout!('foo')
+        #
+        #   # good
+        #   shell_out('foo')
+        #   shell_out!('foo')
+        #   shell_out!('foo', default_env: false) # replaces shell_out_with_systems_locale
+        #
+        class DeprecatedShelloutMethods < Cop
+          extend TargetChefVersion
+
+          minimum_target_chef_version '14.3'
+
+          DEPRECATED_SHELLOUT_METHODS = %i( shell_out_compact
+                                            shell_out_compact!
+                                            shell_out_compact_timeout
+                                            shell_out_compact_timeout!
+                                            shell_out_with_timeout
+                                            shell_out_with_timeout!
+                                            shell_out_with_systems_locale
+                                            shell_out_with_systems_locale!
+                                          ).freeze
+
+          MSG = 'Many legacy specialized shell_out methods were replaced in Chef Infra Client 14.3 and removed in Chef Infra Client 15. Use shell_out and any additional options if necessary.'.freeze
+
+          def on_send(node)
+            add_offense(node, location: :expression, message: MSG, severity: :warning) if DEPRECATED_SHELLOUT_METHODS.include?(node.method_name)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/deprecation/easy_install.rb

@@ -19,7 +19,7 @@ module RuboCop
   module Cop
     module Chef
       module ChefDeprecations
-        # Don't use the deprecated easy_install resource removed in Chef 13
+        # Don't use the deprecated easy_install resource removed in Chef Infra Client 13
         #
         # @example
         #
@@ -29,7 +29,7 @@ module RuboCop
         #   end
         #
         class EasyInstallResource < Cop
-          MSG = "Don't use the deprecated easy_install resource removed in Chef 13".freeze
+          MSG = "Don't use the deprecated easy_install resource removed in Chef Infra Client 13".freeze
 
           def on_send(node)
             add_offense(node, location: :expression, message: MSG, severity: :warning) if node.method_name == :easy_install

data/lib/rubocop/cop/chef/deprecation/erl_call.rb

@@ -29,7 +29,7 @@ module RuboCop
         #   end
         #
         class ErlCallResource < Cop
-          MSG = "Don't use the deprecated erl_call resource removed in Chef 13".freeze
+          MSG = "Don't use the deprecated erl_call resource removed in Chef Infra Client 13".freeze
 
           def on_send(node)
             add_offense(node, location: :expression, message: MSG, severity: :warning) if node.method_name == :erl_call

data/lib/rubocop/cop/chef/deprecation/locale_lc_all_property.rb

@@ -18,7 +18,7 @@ module RuboCop
   module Cop
     module Chef
       module ChefDeprecations
-        # The local resource's lc_all property has been deprecated and will be removed in Chef Infra Client 16
+        # The local resource's lc_all property has been deprecated and will be removed in Chef Infra Client 17
         #
         # @example
         #
@@ -31,7 +31,7 @@ module RuboCop
         class LocaleDeprecatedLcAllProperty < Cop
           include RuboCop::Chef::CookbookHelpers
 
-          MSG = "The local resource's lc_all property has been deprecated and will be removed in Chef Infra Client 16".freeze
+          MSG = "The local resource's lc_all property has been deprecated and will be removed in Chef Infra Client 17".freeze
 
           def on_block(node)
             match_property_in_resource?(:locale, 'lc_all', node) do |property|

data/lib/rubocop/cop/chef/deprecation/log_resource_notifications.rb

@@ -19,7 +19,7 @@ module RuboCop
   module Cop
     module Chef
       module ChefDeprecations
-        # In Chef Infra Client 16 the log resource no longer notifies when logging so notifications should not be triggered from log resources. See the notify_group functionality for a potential replacement.
+        # In Chef Infra Client 16 the log resource no longer notifies when logging so notifications should not be triggered from log resources. Use the notify_group resource introduced in Chef Infra Client 15.8 instead to aggregate notifications.
         #
         # @example
         #
@@ -45,8 +45,11 @@ module RuboCop
         #
         class LogResourceNotifications < Cop
           include RuboCop::Chef::CookbookHelpers
+          extend TargetChefVersion
 
-          MSG = 'In Chef Infra Client 16 the log resource no longer notifies when logging so notifications should not be triggered from log resources. Use the notify_group resource instead to aggregate notifications.'.freeze
+          minimum_target_chef_version '15.8'
+
+          MSG = 'In Chef Infra Client 16 the log resource no longer notifies when logging so notifications should not be triggered from log resources. Use the notify_group resource introduced in Chef Infra Client 15.8 instead to aggregate notifications.'.freeze
 
           def on_block(node)
             match_property_in_resource?(:log, 'notifies', node) do |prop_node|

data/lib/rubocop/cop/chef/deprecation/node_methods_not_attributes.rb

@@ -18,7 +18,7 @@ module RuboCop
   module Cop
     module Chef
       module ChefDeprecations
-        # Incorrectly using node methods for Ohai data when you really want node attributes
+        # Use node attributes to access data provided by Ohai instead of using node methods to access that data.
         #
         # @example
         #

data/lib/rubocop/cop/chef/deprecation/node_set.rb

@@ -17,10 +17,9 @@ module RuboCop
   module Cop
     module Chef
       module ChefDeprecations
-        # The node.set method has been removed in Chef-13 and must be replaced by node.normal.
+        # The `node.set` method has been removed in Chef Infra Client 13 and usage must be replaced with `node.normal`.
         #
-        # Note that node.normal keeps the semantics identical, but the use of node.normal is
-        # also discouraged.
+        # This cop will autocorrect code to use node.normal, which is functionally identical to node.set, but we also discourage the use of that method as normal level attributes persist on the node even if the code setting the attribute is later removed.
         #
         # @example
         #

data/lib/rubocop/cop/chef/deprecation/node_set_unless.rb

@@ -17,10 +17,9 @@ module RuboCop
   module Cop
     module Chef
       module ChefDeprecations
-        # The node.set_unless method has been removed in Chef-13 and must be replaced by node.normal_unless.
+        # The node.set_unless method has been removed in Chef Infra Client 13 and usage must be replaced with node.normal_unless.
         #
-        # Note that node.normal_unless keeps the semantics identical, but the use of node.normal is
-        # also discouraged.
+        # This cop will autocorrect code to use node.normal_unless, which is functionally identical to node.set_unless, but we also discourage the use of that method as normal level attributes persist on the node even if the code setting the attribute is later removed.
         #
         # @example
         #

data/lib/rubocop/cop/chef/deprecation/powershell_cookbook_helpers.rb

@@ -18,7 +18,7 @@ module RuboCop
   module Cop
     module Chef
       module ChefDeprecations
-        # Use node['powershell']['version'] or the new powershell_version helper available in Chef Infra Client 16+ instead of the deprecated PowerShell cookbook helpers
+        # Use `node['powershell']['version']` or the new `powershell_version` helper available in Chef Infra Client 15.8+ instead of the deprecated PowerShell cookbook helpers
         #
         # @example
         #
@@ -28,11 +28,11 @@ module RuboCop
         #   # good
         #   node['powershell']['version'].to_f == 4.0
         #
-        #   # good (Chef Infra Client 16+)
+        #   # better (Chef Infra Client 15.8+)
         #   powershell_version == 4.0
         #
         class PowershellCookbookHelpers < Cop
-          MSG = "Use node['powershell']['version'] or the new powershell_version helper available in Chef Infra Client 16+ instead of the deprecated PowerShell cookbook helpers.".freeze
+          MSG = "Use node['powershell']['version'] or the new powershell_version helper available in Chef Infra Client 15.8+ instead of the deprecated PowerShell cookbook helpers.".freeze
 
           def_node_matcher :ps_cb_helper?, <<-PATTERN
           (send

data/lib/rubocop/cop/chef/deprecation/ruby_27_keyword_argument_warnings.rb

@@ -0,0 +1,59 @@
+#
+# Copyright:: 2020, Chef Software, Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+module RuboCop
+  module Cop
+    module Chef
+      module ChefDeprecations
+        # Pass options to shell_out helpers without the brackets to avoid Ruby 2.7 deprecation warnings.
+        #
+        # @example
+        #
+        #   # bad
+        #   shell_out!('hostnamectl status', { returns: [0, 1] })
+        #   shell_out('hostnamectl status', { returns: [0, 1] })
+        #
+        #   # good
+        #   shell_out!('hostnamectl status', returns: [0, 1])
+        #   shell_out('hostnamectl status', returns: [0, 1])
+        #
+        class Ruby27KeywordArgumentWarnings < Cop
+          include RuboCop::Chef::CookbookHelpers
+
+          MSG = 'Pass options to shell_out helpers without the brackets to avoid Ruby 2.7 deprecation warnings.'.freeze
+
+          def_node_matcher :positional_shellout?, <<-PATTERN
+            (send nil? {:shell_out :shell_out!} ... $(hash ... ))
+          PATTERN
+
+          def on_send(node)
+            positional_shellout?(node) do |h|
+              add_offense(h, location: :expression, message: MSG, severity: :refactor) if h.braces?
+            end
+          end
+
+          def autocorrect(node)
+            lambda do |corrector|
+              # @todo when we drop ruby 2.4 support we can convert to to just delete_prefix delete_suffix
+              corrector.replace(node.loc.expression, node.loc.expression.source.gsub(/^{/, '').gsub(/}$/, ''))
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/deprecation/user_supports_property.rb

@@ -54,8 +54,13 @@ module RuboCop
           def autocorrect(node)
             lambda do |corrector|
               new_text = []
+
               node.arguments.first.each_pair do |k, v|
-                new_text << "#{k.value} #{v.source}"
+                # account for a strange edge case where the person incorrectly makes "manage_home a method
+                # the code would be broken, but without this handling cookstyle would explode
+                key_value = (k.send_type? && k.method_name == :manage_home) ? 'manage_home' : k.value
+
+                new_text << "#{key_value} #{v.source}"
               end
 
               corrector.replace(node.loc.expression, new_text.join("\n  "))