foodcritic 10.0.0 → 10.1.0

data/lib/foodcritic/rules/fc018.rb

@@ -0,0 +1,9 @@
+rule "FC018", "LWRP uses deprecated notification syntax" do
+  tags %w{correctness lwrp deprecated}
+  provider do |ast|
+    ast.xpath("//assign/var_field/ivar[@value='@updated']").map do |class_var|
+      match(class_var)
+    end + ast.xpath(%q{//assign/field/*[self::vcall or self::var_ref/ident/
+                       @value='new_resource']/../ident[@value='updated']})
+  end
+end

data/lib/foodcritic/rules/fc019.rb

@@ -0,0 +1,34 @@
+rule "FC019", "Access node attributes in a consistent manner" do
+  tags %w{style attributes}
+  cookbook do |cookbook_dir|
+    asts = {}; files = Dir["#{cookbook_dir}/*/*.rb"].reject do |file|
+      relative_path = Pathname.new(file).relative_path_from(
+        Pathname.new(cookbook_dir))
+      relative_path.to_s.split(File::SEPARATOR).include?("spec")
+    end.map do |file|
+      { path: file, ast: read_ast(file) }
+    end
+    types = [:string, :symbol, :vivified].map do |type|
+      {
+        access_type: type, count: files.map do |file|
+          attribute_access(file[:ast], type: type, ignore_calls: true,
+                                       cookbook_dir: cookbook_dir, ignore: "run_state").tap do |ast|
+            unless ast.empty?
+              (asts[type] ||= []) << { ast: ast, path: file[:path] }
+            end
+          end.size
+        end.inject(:+)
+      }
+    end.reject { |type| type[:count] == 0 }
+    if asts.size > 1
+      least_used = asts[types.min do |a, b|
+        a[:count] <=> b[:count]
+      end[:access_type]]
+      least_used.map do |file|
+        file[:ast].map do |ast|
+          match(ast).merge(filename: file[:path])
+        end.flatten
+      end
+    end
+  end
+end

data/lib/foodcritic/rules/fc021.rb

@@ -0,0 +1,13 @@
+rule "FC021", "Resource condition in provider may not behave as expected" do
+  tags %w{correctness lwrp}
+  provider do |ast|
+    find_resources(ast).map do |resource|
+      condition = resource.xpath(%q{//method_add_block/
+        descendant::ident[@value='not_if' or @value='only_if']/
+        ancestor::*[self::method_add_block or self::command][1][descendant::
+        ident/@value='new_resource']/ancestor::stmts_add[2]/method_add_block/
+        command[count(descendant::string_embexpr) = 0]})
+      condition
+    end.compact
+  end
+end

data/lib/foodcritic/rules/fc022.rb

@@ -0,0 +1,33 @@
+rule "FC022", "Resource condition within loop may not behave as expected" do
+  tags %w{correctness}
+  recipe do |ast|
+    ast.xpath("//call[ident/@value='each']/../do_block[count(ancestor::
+              method_add_block/method_add_arg/fcall/ident[@value='only_if' or
+              @value = 'not_if']) = 0]").map do |lp|
+      block_vars = lp.xpath("block_var/params/child::*").map do |n|
+        n.name.sub(/^ident/, "")
+      end + lp.xpath("block_var/params/child::*/descendant::ident").map do |v|
+        v["value"]
+      end
+      find_resources(lp).map do |resource|
+        # if any of the parameters to the block are used in a condition then we
+        # have a match
+        unless (block_vars &
+          (resource.xpath(%q{descendant::ident[@value='not_if' or
+          @value='only_if']/ancestor::*[self::method_add_block or
+          self::command][1]/descendant::ident/@value}).map do |a|
+            a.value
+          end)).empty?
+          c = resource.xpath("command[count(descendant::string_embexpr) = 0]")
+          if resource.xpath("command/ident/@value").first.value == "define"
+            next
+          end
+          resource unless c.empty? || block_vars.any? do |var|
+            !resource.xpath(%Q{command/args_add_block/args_add/
+              var_ref/ident[@value='#{var}']}).empty?
+          end
+        end
+      end
+    end.flatten.compact
+  end
+end

data/lib/foodcritic/rules/fc024.rb

@@ -0,0 +1,31 @@
+rule "FC024", "Consider adding platform equivalents" do
+  tags %w{portability}
+  RHEL = %w{amazon centos redhat scientific oracle}
+  recipe do |ast, filename|
+    next if Pathname.new(filename).basename.to_s == "metadata.rb"
+    metadata_path = Pathname.new(
+      File.join(File.dirname(filename), "..", "metadata.rb")).cleanpath
+    md_platforms = if File.exist?(metadata_path)
+                     supported_platforms(read_ast(
+                       metadata_path)).map { |p| p[:platform] }
+                   else
+                     []
+                   end
+    md_platforms = RHEL if md_platforms.empty?
+
+    ['//method_add_arg[fcall/ident/@value="platform?"]/
+      arg_paren/args_add_block',
+     "//when"].map do |expr|
+      ast.xpath(expr).map do |whn|
+        platforms = whn.xpath('args_add/
+                               descendant::tstring_content').map do |p|
+          p["value"]
+        end.sort
+        unless platforms.size == 1 || (md_platforms & platforms).empty?
+          whn unless (platforms & RHEL).empty? ||
+              ((md_platforms & RHEL) - (platforms & RHEL)).empty?
+        end
+      end.compact
+    end.flatten
+  end
+end

data/lib/foodcritic/rules/fc025.rb

@@ -0,0 +1,17 @@
+rule "FC025", "Prefer chef_gem to compile-time gem install" do
+  tags %w{correctness deprecated}
+  recipe do |ast|
+    gem_install = ast.xpath("//stmts_add/assign[method_add_block[command/ident/
+      @value='gem_package'][do_block/stmts_add/command[ident/@value='action']
+      [descendant::ident/@value='nothing']]]")
+    gem_install.map do |install|
+      gem_var = install.xpath("var_field/ident/@value")
+      unless ast.xpath("//method_add_arg[call/
+        var_ref/ident/@value='#{gem_var}']
+        [arg_paren/descendant::ident/@value='install' or
+         arg_paren/descendant::ident/@value='upgrade']").empty?
+        gem_install
+      end
+    end
+  end
+end

data/lib/foodcritic/rules/fc026.rb

@@ -0,0 +1,14 @@
+rule "FC026", "Conditional execution block attribute contains only string" do
+  tags %w{correctness}
+  recipe do |ast|
+    find_resources(ast).map { |r| resource_attributes(r) }.map do |resource|
+      [resource["not_if"], resource["only_if"]]
+    end.flatten.compact.select do |condition|
+      condition.respond_to?(:xpath) &&
+        !condition.xpath("descendant::string_literal").empty? &&
+        !condition.xpath("stmts_add/string_literal").empty? &&
+        condition.xpath('descendant::stmts_add[count(ancestor::
+          string_literal) = 0]').size == 1
+    end
+  end
+end

data/lib/foodcritic/rules/fc027.rb

@@ -0,0 +1,9 @@
+rule "FC027", "Resource sets internal attribute" do
+  tags %w{correctness}
+  recipe do |ast|
+    find_resources(ast, type: :service).map do |service|
+      service unless (resource_attributes(service).keys &
+                        %w{enabled running}).empty?
+    end.compact
+  end
+end

data/lib/foodcritic/rules/fc028.rb

@@ -0,0 +1,8 @@
+rule "FC028", "Incorrect #platform? usage" do
+  tags %w{correctness}
+  recipe do |ast|
+    ast.xpath(%q{//*[self::call | self::command_call]
+      [(var_ref|vcall)/ident/@value='node']
+      [ident/@value="platform?"]})
+  end
+end

data/lib/foodcritic/rules/fc029.rb

@@ -0,0 +1,14 @@
+rule "FC029", "No leading cookbook name in recipe metadata" do
+  tags %w{correctness metadata}
+  metadata do |ast, filename|
+    ast.xpath('//command[ident/@value="recipe"]').map do |declared_recipe|
+      next unless declared_recipe.xpath("count(//vcall|//var_ref)").to_i == 0
+      recipe_name = declared_recipe.xpath('args_add_block/
+        descendant::tstring_content[1]/@value').to_s
+      unless recipe_name.empty? ||
+          recipe_name.split("::").first == cookbook_name(filename.to_s)
+        declared_recipe
+      end
+    end.compact
+  end
+end

data/lib/foodcritic/rules/fc030.rb

@@ -0,0 +1,11 @@
+rule "FC030", "Cookbook contains debugger breakpoints" do
+  tags %w{correctness}
+  def pry_bindings(ast)
+    ast.xpath('//call[(vcall|var_ref)/ident/@value="binding"]
+      [ident/@value="pry"]')
+  end
+  recipe { |ast| pry_bindings(ast) }
+  library { |ast| pry_bindings(ast) }
+  metadata { |ast| pry_bindings(ast) }
+  template { |ast| pry_bindings(ast) }
+end

data/lib/foodcritic/rules/fc031.rb

@@ -0,0 +1,8 @@
+rule "FC031", "Cookbook without metadata.rb file" do
+  tags %w{correctness metadata}
+  cookbook do |filename|
+    if !File.exist?(File.join(filename, "metadata.rb"))
+      [file_match(File.join(filename, "metadata.rb"))]
+    end
+  end
+end

data/lib/foodcritic/rules/fc032.rb

@@ -0,0 +1,15 @@
+rule "FC032", "Invalid notification timing" do
+  tags %w{correctness notifications}
+  recipe do |ast|
+    valid_timings = if resource_attribute?("file", "notifies_before")
+                      [:delayed, :immediate, :before]
+                    else
+                      [:delayed, :immediate]
+                    end
+    find_resources(ast).select do |resource|
+      notifications(resource).any? do |notification|
+        ! valid_timings.include? notification[:timing]
+      end
+    end
+  end
+end

data/lib/foodcritic/rules/fc033.rb

@@ -0,0 +1,26 @@
+rule "FC033", "Missing template" do
+  tags %w{correctness templates}
+  recipe do |ast, filename|
+    find_resources(ast, type: :template).reject do |resource|
+      resource_attributes(resource)["local"] ||
+        resource_attributes(resource)["cookbook"]
+    end.map do |resource|
+      file = template_file(resource_attributes(resource,
+                                               return_expressions: true))
+      { resource: resource, file: file }
+    end.reject do |resource|
+      resource[:file].respond_to?(:xpath)
+    end.select do |resource|
+      template_paths(filename).none? do |path|
+        relative_path = []
+        Pathname.new(path).ascend do |template_path|
+          relative_path << template_path.basename
+          break if gem_version(chef_version) >= gem_version("12.0.0") &&
+              template_path.dirname.basename.to_s == "templates"
+          break if template_path.dirname.dirname.basename.to_s == "templates"
+        end
+        File.join(relative_path.reverse) == resource[:file]
+      end
+    end.map { |resource| resource[:resource] }
+  end
+end

data/lib/foodcritic/rules/fc034.rb

@@ -0,0 +1,31 @@
+rule "FC034", "Unused template variables" do
+  tags %w{correctness templates}
+  recipe do |ast, filename|
+    Array(resource_attributes_by_type(ast)["template"]).select do |t|
+      t["variables"] && t["variables"].respond_to?(:xpath)
+    end.map do |resource|
+      all_templates = template_paths(filename)
+      template_paths = all_templates.select do |path|
+        File.basename(path) == template_file(resource)
+      end
+      next unless template_paths.any?
+      passed_vars = resource["variables"].xpath(
+        "symbol/ident/@value").map { |tv| tv.to_s }
+
+      unused_vars_exist = template_paths.all? do |template_path|
+        begin
+          template_vars = templates_included(
+            all_templates, template_path).map do |template|
+            read_ast(template).xpath("//var_ref/ivar/@value").map do |v|
+              v.to_s.sub(/^@/, "")
+            end
+          end.flatten
+          ! (passed_vars - template_vars).empty?
+        rescue RecursedTooFarError
+          false
+        end
+      end
+      file_match(template_paths.first) if unused_vars_exist
+    end.compact
+  end
+end

data/lib/foodcritic/rules/fc037.rb

@@ -0,0 +1,14 @@
+rule "FC037", "Invalid notification action" do
+  tags %w{correctness notifications}
+  recipe do |ast|
+    find_resources(ast).select do |resource|
+      notifications(resource).any? do |n|
+        type = case n[:type]
+               when :notifies then n[:resource_type]
+               when :subscribes then resource_type(resource).to_sym
+               end
+        n[:action].size > 0 && !resource_action?(type, n[:action])
+      end
+    end
+  end
+end

data/lib/foodcritic/rules/fc038.rb

@@ -0,0 +1,17 @@
+rule "FC038", "Invalid resource action" do
+  tags %w{correctness}
+  recipe do |ast|
+    find_resources(ast).select do |resource|
+      actions = resource_attributes(resource)["action"]
+      if actions.respond_to?(:xpath)
+        actions = actions.xpath('descendant::array/
+          descendant::symbol/ident/@value')
+      else
+        actions = Array(actions)
+      end
+      actions.reject { |a| a.to_s.empty? }.any? do |action|
+        !resource_action?(resource_type(resource), action)
+      end
+    end
+  end
+end

data/lib/foodcritic/rules/fc039.rb

@@ -0,0 +1,19 @@
+rule "FC039", "Node method cannot be accessed with key" do
+  tags %w{correctness}
+  recipe do |ast|
+    [{ type: :string, path: "@value" },
+     { type: :symbol, path: "ident/@value" }].map do |access_type|
+      attribute_access(ast, type: access_type[:type]).select do |att|
+        att_name = att.xpath(access_type[:path]).to_s.to_sym
+        att_name != :tags && chef_node_methods.include?(att_name)
+      end.select do |att|
+        !att.xpath('ancestor::args_add_block[position() = 1]
+          [preceding-sibling::vcall | preceding-sibling::var_ref]').empty?
+      end.select do |att|
+        att_type = att.xpath('ancestor::args_add_block[position() = 1]
+          /../var_ref/ident/@value').to_s
+        ast.xpath("//assign/var_field/ident[@value='#{att_type}']").empty?
+      end
+    end.flatten
+  end
+end

data/lib/foodcritic/rules/fc040.rb

@@ -0,0 +1,12 @@
+rule "FC040", "Execute resource used to run git commands" do
+  tags %w{style}
+  recipe do |ast|
+    possible_git_commands = %w{ clone fetch pull checkout reset }
+    find_resources(ast, type: "execute").select do |cmd|
+      cmd_str = (resource_attribute(cmd, "command") || resource_name(cmd)).to_s
+
+      actual_git_commands = cmd_str.scan(/git ([a-z]+)/).map { |c| c.first }
+      (possible_git_commands & actual_git_commands).any?
+    end
+  end
+end

data/lib/foodcritic/rules/fc041.rb

@@ -0,0 +1,9 @@
+rule "FC041", "Execute resource used to run curl or wget commands" do
+  tags %w{style portability}
+  recipe do |ast|
+    find_resources(ast, type: "execute").select do |cmd|
+      cmd_str = (resource_attribute(cmd, "command") || resource_name(cmd)).to_s
+      (cmd_str.match(/^curl.*(-o|>|--output).*$/) || cmd_str.include?("wget "))
+    end
+  end
+end

data/lib/foodcritic/rules/fc042.rb

@@ -0,0 +1,6 @@
+rule "FC042", "Prefer include_recipe to require_recipe" do
+  tags %w{correctness deprecated}
+  recipe do |ast|
+    ast.xpath('//command[ident/@value="require_recipe"]')
+  end
+end

data/lib/foodcritic/rules/fc043.rb

@@ -0,0 +1,8 @@
+rule "FC043", "Prefer new notification syntax" do
+  tags %w{correctness notifications deprecated}
+  recipe do |ast|
+    find_resources(ast).select do |resource|
+      notifications(resource).any? { |notify| notify[:style] == :old }
+    end
+  end
+end

data/lib/foodcritic/rules/fc044.rb

@@ -0,0 +1,22 @@
+rule "FC044", "Avoid bare attribute keys" do
+  tags %w{style}
+  attributes do |ast|
+    declared = ast.xpath("//descendant::var_field/ident/@value").map do |v|
+      v.to_s
+    end
+
+    ast.xpath('//assign/*[self::vcall or self::var_ref]
+              [count(child::kw) = 0]/ident').select do |v|
+
+      local_declared = v.xpath("ancestor::*[self::brace_block or self::do_block]
+                                /block_var/descendant::ident/@value").map do |v|
+        v.to_s
+      end
+
+      (v["value"] != "secure_password") &&
+        !(declared + local_declared).uniq.include?(v["value"]) &&
+        !v.xpath("ancestor::*[self::brace_block or self::do_block]/block_var/
+                  descendant::ident/@value='#{v['value']}'")
+    end
+  end
+end

data/lib/foodcritic/rules/fc045.rb

@@ -0,0 +1,13 @@
+rule "FC045", "Metadata does not contain cookbook name" do
+  tags %w{correctness metadata chef12}
+  metadata do |ast, filename|
+    unless ast.xpath('descendant::stmts_add/command/ident/@value="name"')
+      [file_match(filename)]
+    end
+  end
+  cookbook do |filename|
+    if !File.exist?(File.join(filename, "metadata.rb"))
+      [file_match(File.join(filename, "metadata.rb"))]
+    end
+  end
+end

data/lib/foodcritic/rules/fc046.rb

@@ -0,0 +1,8 @@
+rule "FC046", "Attribute assignment uses assign unless nil" do
+  tags %w{attributes correctness}
+  attributes do |ast|
+    attribute_access(ast).map do |a|
+      a.xpath('ancestor::opassign/op[@value="||="]')
+    end
+  end
+end