RubyGems - cookstyle - Versions diffs - 7.10.0 → 7.12.3 - Mend

cookstyle 7.10.0 → 7.12.3

Files changed (101) hide show

data/lib/rubocop/cop/chef/deprecation/epic_fail.rb CHANGED Viewed

@@ -15,12 +15,11 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef
       module Deprecations
-        # Make sure ignore_failure is used instead of epic_fail
+        # Use `ignore_failure` in resources to continue when failures occur instead of the deprecated `epic_fail` property.
         #
         # @example
         #
@@ -37,7 +36,7 @@ module RuboCop
         class EpicFail < Base
           extend AutoCorrector
-          MSG = 'Use ignore_failure method instead of the deprecated epic_fail method'
+          MSG = 'Use `ignore_failure` in resources to continue when failures occur instead of the deprecated `epic_fail` property'
           RESTRICT_ON_SEND = [:epic_fail].freeze
           def on_send(node)

data/lib/rubocop/cop/chef/deprecation/erl_call.rb CHANGED Viewed

@@ -15,12 +15,11 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef
       module Deprecations
-        # Don't use the deprecated erl_call resource
+        # Don't use the deprecated `erl_call` resource removed in Chef Infra Client 13."
         #
         # @example
         #

data/lib/rubocop/cop/chef/deprecation/execute_path_property.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/deprecation/execute_relative_creates_without_cwd.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/deprecation/hwrp_without_provides.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/deprecation/hwrp_without_unified_mode_true.rb ADDED Viewed

@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+#
+# Copyright:: Copyright (c) Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+module RuboCop
+  module Cop
+    module Chef
+      module Deprecations
+        # Chef Infra Client 15.3 and later include a new Unified Mode that simplies the execution of resoures by replace the traditional compile and converge phases with a single phase. Unified mode simplies writing advanced resources and avoids confusing errors that often occur when mixing ruby and Chef Infra resources. Chef Infra Client 17.0 and later will beging warning that `unified_mode true` should be set in all resources to validate that they will continue to function in Chef Infra Client 18.0 (April 2022) when Unified Mode becomes the default.
+        #
+        # @example
+        #
+        #  #### incorrect
+        #   class Chef
+        #     class Resource
+        #       class UlimitRule < Chef::Resource
+        #         provides :ulimit_rule
+        #
+        #         property :type, [Symbol, String], required: true
+        #         property :item, [Symbol, String], required: true
+        #
+        #         # additional resource code
+        #       end
+        #     end
+        #   end
+        #
+        #  #### correct
+        #   class Chef
+        #     class Resource
+        #       class UlimitRule < Chef::Resource
+        #         provides :ulimit_rule
+        #         unified_mode true
+        #
+        #         property :type, [Symbol, String], required: true
+        #         property :item, [Symbol, String], required: true
+        #
+        #         # additional resource code
+        #       end
+        #     end
+        #   end
+        #
+        class HWRPWithoutUnifiedTrue < Base
+          extend TargetChefVersion
+          minimum_target_chef_version '15.3'
+          MSG = 'Set `unified_mode true` in Chef Infra Client 15.3+ HWRP style custom resources to ensure they work correctly in Chef Infra Client 18 (April 2022) when Unified Mode becomes the default.'
+          def_node_matcher :HWRP?, <<-PATTERN
+          (class
+            (const nil? :Chef) nil?
+            (class
+              (const nil? :Resource) nil?
+              $(class
+                (const nil? ... )
+                (const
+                  (const nil? :Chef) :Resource)
+                  (begin ... ))))
+          PATTERN
+          def_node_search :unified_mode?, '(send nil? :unified_mode ...)'
+          def on_class(node)
+            return if unified_mode?(processed_source.ast)
+            HWRP?(node) do |inherit|
+              add_offense(inherit, message: MSG, severity: :warning)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/deprecation/inherits_compat_resource.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/deprecation/log_resource_notifications.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/deprecation/macos_userdefaults_global_property.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/deprecation/require_recipe.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/deprecation/resource_without_unified_mode_true.rb ADDED Viewed

@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+#
+# Copyright:: Copyright (c) Chef Software Inc.
+# Author:: Tim Smith (<tsmith@chef.io>)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+module RuboCop
+  module Cop
+    module Chef
+      module Deprecations
+        # Chef Infra Client 15.3 and later include a new Unified Mode that simplies the execution of resoures by replace the traditional compile and converge phases with a single phase. Unified mode simplies writing advanced resources and avoids confusing errors that often occur when mixing ruby and Chef Infra resources. Chef Infra Client 17.0 and later will beging warning that `unified_mode true` should be set in all resources to validate that they will continue to function in Chef Infra Client 18.0 (April 2022) when Unified Mode becomes the default.
+        #
+        # @example
+        #
+        #  #### incorrect
+        #   resource_name :foo
+        #   provides :foo
+        #
+        #   action :create do
+        #     # some action code
+        #   end
+        #
+        #  #### correct
+        #   resource_name :foo
+        #   provides :foo
+        #   unified_mode true
+        #
+        #   action :create do
+        #     # some action code
+        #   end
+        #
+        class ResourceWithoutUnifiedTrue < Base
+          include RangeHelp
+          extend AutoCorrector
+          extend TargetChefVersion
+          minimum_target_chef_version '15.3'
+          MSG = 'Set `unified_mode true` in Chef Infra Client 15.3+ custom resources to ensure they work correctly in Chef Infra Client 18 (April 2022) when Unified Mode becomes the default.'
+          def_node_search :unified_mode?, '(send nil? :unified_mode ...)'
+          def_node_search :resource_name, '(send nil? :resource_name ...)'
+          def_node_search :provides, '(send nil? :provides ...)'
+          def on_new_investigation
+            # Using range similar to RuboCop::Cop::Naming::Filename (file_name.rb)
+            return if unified_mode?(processed_source.ast)
+            range = source_range(processed_source.buffer, 1, 0)
+            add_offense(range, message: MSG, severity: :refactor) do |corrector|
+              insert_below_provides(corrector) || insert_below_resource_name(corrector)
+            end
+          end
+          def insert_below_provides(corrector)
+            provides_ast = provides(processed_source.ast).first
+            if provides_ast
+              corrector.insert_after(provides_ast, "\nunified_mode true")
+              true
+            end
+          end
+          def insert_below_resource_name(corrector)
+            resource_name_ast = resource_name(processed_source.ast).first
+            if resource_name_ast
+              corrector.insert_after(resource_name_ast, "\nunified_mode true")
+              true
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/chef/deprecation/ruby_27_keyword_argument_warnings.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/deprecation/ruby_block_create_action.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/deprecation/{ use_automatic_resource_name.rb → use_automatic_resource_name.rb} RENAMED Viewed

File without changes

data/lib/rubocop/cop/chef/deprecation/windows_package_installer_type_string.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/effortless/berksfile.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/effortless/chef_vault_used.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef
@@ -42,7 +41,6 @@ module RuboCop
         #   #### incorrect
         #   chef_vault_item(arg, arg1)
         #
         class ChefVaultUsed < Base
           MSG = 'Chef Vault usage is not supported in the Effortless pattern'
           RESTRICT_ON_SEND = [:chef_vault_item,

data/lib/rubocop/cop/chef/effortless/depends_chef_vault.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef
@@ -27,7 +26,6 @@ module RuboCop
         #   #### incorrect
         #   depends 'chef-vault'
         #
         class DependsChefVault < Base
           MSG = 'Chef Vault usage is not supported in the Effortless pattern'
           RESTRICT_ON_SEND = [:depends].freeze

data/lib/rubocop/cop/chef/modernize/chef_gem_nokogiri.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/modernize/foodcritic_comments.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/modernize/includes_mixin_shellout.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/modernize/libarchive_file.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/modernize/resource_set_or_return.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/modernize/resource_with_attributes.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/modernize/seven_zip_archive.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/modernize/shell_out_helper.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/modernize/simplify_apt_ppa_setup.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/modernize/unnecessary_mixlib_shellout_require.rb CHANGED Viewed

@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 module RuboCop
   module Cop
     module Chef

data/lib/rubocop/cop/chef/modernize/windows_registry_uac.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 #
-# Copyright:: 2020, Chef Software, Inc.
+# Copyright:: 2020-2021, Chef Software, Inc.
 # Author:: Tim Smith (<tsmith@chef.io>)
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -47,24 +47,43 @@ module RuboCop
           MSG = 'Chef Infra Client 15.0 and later includes a windows_uac resource that should be used to set Windows UAC values instead of setting registry keys directly.'
           RESTRICT_ON_SEND = [:registry_key].freeze
+          VALID_VALUES = %w(EnableLUA ValidateAdminCodeSignatures PromptOnSecureDesktop ConsentPromptBehaviorAdmin ConsentPromptBehaviorUser EnableInstallerDetection).freeze
-          # non block execute resources
-          def on_send(node)
-            return unless node&.arguments.first&.source.match?(/(HKLM|HKEY_LOCAL_MACHINE)\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System/i) &&
-                          node.parent&.method_name != :describe
-            # use source instead of .value in case there's string interpolation which adds a complex dstr type
-            # with a nested string and a begin. Source allows us to avoid a lot of defensive programming here
+          # block registry_key resources
+          def on_block(node)
+            return unless node.method_name == :registry_key
+            return unless correct_key?(node)
+            return unless uac_supported_values?(node)
             add_offense(node, message: MSG, severity: :refactor)
           end
-          # block execute resources
-          def on_block(node)
+          # make sure the values passed are all the ones in the uac resource
+          # this key has other values we don't support in the windows_uac resource
+          def uac_supported_values?(node)
+            match_property_in_resource?(:registry_key, 'values', node) do |val_prop|
+              return false unless val_prop&.arguments[0].array_type? # make sure values isn't being passed a variable or method
+              val_prop.arguments[0].each_value do |array|
+                array.each_pair do |key, value|
+                  if key == s(:sym, :name)
+                    return false unless value.str_type? # make sure it isn't being a variable or method that we can't parse
+                    return false unless VALID_VALUES.include?(value.value)
+                  end
+                end
+              end
+            end
+            true
+          end
+          # make sure the registry_key resource is running against the correct key
+          # check the block name and the key property (registry_key's name property)
+          def correct_key?(node)
+            return true if node.send_node.arguments.first.source.match?(/(HKLM|HKEY_LOCAL_MACHINE)\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System/i)
             match_property_in_resource?(:registry_key, 'key', node) do |key_prop|
               property_data = method_arg_ast_to_string(key_prop)
-              return unless property_data && property_data.match?(/(HKLM|HKEY_LOCAL_MACHINE)\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System/i)
-              add_offense(node, message: MSG, severity: :refactor)
+              return true if property_data && property_data.match?(/(HKLM|HKEY_LOCAL_MACHINE)\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System/i)
             end
+            false
           end
         end
       end