foodcritic 12.3.0 → 13.0.0

data/features/step_definitions/cookbook_steps.rb

@@ -409,20 +409,6 @@ Given 'a cookbook recipe that has a confusingly named local variable "default"'
   }
 end
 
-Given /a cookbook recipe that (install|upgrade)s (a gem|multiple gems)(.*)$/ do |action, arity, approach|
-  if arity == "a gem"
-    if approach.empty?
-      recipe_installs_gem(:simple, action.to_sym)
-    else
-      recipe_installs_gem(:compile_time, action.to_sym)
-    end
-  elsif approach.include? "array"
-    recipe_installs_gem(:compile_time_from_array, action.to_sym)
-  else
-    recipe_installs_gem(:compile_time_from_word_list, action.to_sym)
-  end
-end
-
 Given "a cookbook recipe that refers to a hidden template" do
   write_recipe %q{
     template '/etc/.s3cfg' do
@@ -1779,10 +1765,6 @@ Then "the node access warning 001 should warn on lines 2 and 10 in that order" d
   expect_output(expected_warnings.join("\n"))
 end
 
-Then "the prefer chef_gem to manual install warning 025 should be shown" do
-  expect_warning("FC025", :line => nil)
-end
-
 Then "the recipe filename should be displayed" do
   expect_output "cookbooks/example/recipes/default.rb"
 end

data/features/support/command_helpers.rb

@@ -35,8 +35,6 @@ module FoodCritic
       "FC021" => "Resource condition in provider may not behave as expected",
       "FC022" => "Resource condition within loop may not behave as expected",
       "FC024" => "Consider adding platform equivalents",
-      "FC025" => "Prefer chef_gem to compile-time gem install",
-      "FC026" => "Conditional execution block attribute contains only string",
       "FC027" => "Resource sets internal attribute",
       "FC028" => "Incorrect #platform? usage",
       "FC029" => "No leading cookbook name in recipe metadata",

data/foodcritic.gemspec

@@ -10,7 +10,7 @@ Gem::Specification.new do |s|
   s.homepage = "http://foodcritic.io"
   s.license = "MIT"
   s.executables << "foodcritic"
-  s.required_ruby_version = ">= 2.2.2"
+  s.required_ruby_version = ">= 2.3"
 
   s.files = Dir["chef_dsl_metadata/*.json"] +
     Dir["lib/**/*.rb"] +

data/lib/foodcritic/chef.rb

@@ -52,8 +52,8 @@ module FoodCritic
                   Linter::DEFAULT_CHEF_VERSION
                 end
       metadata_path = [version, version.sub(/\.[a-z].*/, ""),
-        Linter::DEFAULT_CHEF_VERSION].map do |version|
-          metadata_path(version)
+        Linter::DEFAULT_CHEF_VERSION].map do |ver|
+          metadata_path(ver)
         end.find { |m| File.exist?(m) }
       @dsl_metadata ||= FFI_Yajl::Parser.parse(IO.read(metadata_path),
                                            symbolize_keys: true)

data/lib/foodcritic/linter.rb

@@ -9,7 +9,7 @@ module FoodCritic
 
     # The default version that will be used to determine relevant rules. This
     # can be over-ridden at the command line with the `--chef-version` option.
-    DEFAULT_CHEF_VERSION = "13.6.0"
+    DEFAULT_CHEF_VERSION = "13.7.16"
     attr_reader :chef_version
 
     # Perform a lint check. This method is intended for use by the command-line
@@ -285,7 +285,7 @@ module FoodCritic
         if m.respond_to?(:node_name)
           match(m)
         elsif m.respond_to?(:xpath)
-          m.to_a.map { |m| match(m) }
+          m.to_a.map { |n| match(n) }
         else
           m
         end

data/lib/foodcritic/notifications.rb

@@ -126,10 +126,21 @@ module FoodCritic
       resource_hash_references(notify).empty?
     end
 
+    # return the notification action as either a symbol or string or nil if it's a variable.
+    # Yes you can notify an action as a string but it's wrong and we want to return it as
+    # a string so we can tell people not to do that.
     def notification_action(notify)
-      notify.xpath('descendant::symbol[1]/ident/@value |
-        descendant::dyna_symbol[1]/xstring_add/
-        tstring_content/@value').first.to_s.to_sym
+      is_variable = true unless notify.xpath("args_add_block/args_add//args_add[aref or vcall or call or var_ref]").empty?
+      string_val = notify.xpath("descendant::args_add/string_literal/string_add/tstring_content/@value").first
+      symbol_val = notify.xpath('descendant::args_add/args_add//symbol/ident/@value |
+        descendant::dyna_symbol[1]/xstring_add/tstring_content/@value').first
+
+      # 1) return a nil if the action is a variable like node['foo']['bar']
+      # 2) return the symbol if it exists
+      # 3) return the string since we're positive that we're not a symbol or variable
+      return nil if is_variable
+      return symbol_val.value.to_sym unless symbol_val.nil?
+      string_val.value
     end
 
     def notification_nodes(ast, &block)

data/lib/foodcritic/rules/fc025.rb

@@ -1,8 +1,10 @@
 rule "FC025", "Prefer chef_gem to compile-time gem install" do
   tags %w{correctness deprecated}
   recipe do |ast|
+    # when Ruby 2.4 support goes away this can be simplified to remove the
+    # do_block/stmts_add/command case which is Ruby 2.4
     gem_install = ast.xpath("//stmts_add/assign[method_add_block[command/ident/
-      @value='gem_package'][do_block/stmts_add/command[ident/@value='action']
+      @value='gem_package'][do_block/bodystmt/stmts_add/command[ident/@value='action'] | do_block/stmts_add/command[ident/@value='action']
       [descendant::ident/@value='nothing']]]")
     gem_install.map do |install|
       gem_var = install.xpath("var_field/ident/@value")

data/lib/foodcritic/rules/fc026.rb

@@ -6,7 +6,7 @@ rule "FC026", "Conditional execution block attribute contains only string" do
     end.flatten.compact.select do |condition|
       condition.respond_to?(:xpath) &&
         !condition.xpath("descendant::string_literal").empty? &&
-        !condition.xpath("stmts_add/string_literal").empty? &&
+        !condition.xpath("(stmts_add|bodystmt/stmts_add)/string_literal").empty? && # stmts_add can go away with Ruby 2.4
         condition.xpath('descendant::stmts_add[count(ancestor::
           string_literal) = 0]').size == 1
     end

data/lib/foodcritic/rules/fc037.rb

@@ -7,7 +7,8 @@ rule "FC037", "Invalid notification action" do
                when :notifies then n[:resource_type]
                when :subscribes then resource_type(resource).to_sym
                end
-        n[:action].size > 0 && !resource_action?(type, n[:action])
+        # either the action is a string or it's not nil (means it was a variable) and not valid
+        n[:action].is_a?(String) || (!n[:action].nil? && !resource_action?(type, n[:action]))
       end
     end
   end

data/lib/foodcritic/rules/fc044.rb

@@ -9,8 +9,8 @@ rule "FC044", "Avoid bare attribute keys" do
               [count(child::kw) = 0]/ident').select do |v|
 
       local_declared = v.xpath("ancestor::*[self::brace_block or self::do_block]
-                                /block_var/descendant::ident/@value").map do |v|
-        v.to_s
+                                /block_var/descendant::ident/@value").map do |val|
+        val.to_s
       end
 
       (v["value"] != "secure_password") &&

data/lib/foodcritic/rules/fc064.rb

@@ -1,5 +1,5 @@
 rule "FC064", "Ensure issues_url is set in metadata" do
-  tags %w{metadata supermarket chef12}
+  tags %w{metadata supermarket}
   metadata do |ast, filename|
     [file_match(filename)] unless field(ast, "issues_url").any?
   end

data/lib/foodcritic/rules/fc065.rb

@@ -1,5 +1,5 @@
 rule "FC065", "Ensure source_url is set in metadata" do
-  tags %w{metadata supermarket chef12}
+  tags %w{metadata supermarket}
   metadata do |ast, filename|
     [file_match(filename)] unless field(ast, "source_url").any?
   end

data/lib/foodcritic/rules/fc115.rb

@@ -0,0 +1,9 @@
+rule "FC115", "Custom resource contains a name_property that is required" do
+  tags %w{correctness}
+  recipe do |ast|
+    ast.xpath("//command[ident/@value='property'
+      and descendant::bare_assoc_hash/assoc_new[label/@value='name_property:' and kw/@value='true']
+      and descendant::bare_assoc_hash/assoc_new[label/@value='required:' and kw/@value='true']
+      and descendant::symbol_literal/symbol/ident/@value!='name']")
+  end
+end

data/lib/foodcritic/rules/fc117.rb

@@ -0,0 +1,9 @@
+rule "FC117", "Do not use kind_of in custom resource properties" do
+  tags %w{correctness}
+  resource do |ast|
+    # Make sure we're in a custom resource not an LWRP
+    if ast.xpath("//command/ident/@value='action'")
+      ast.xpath("//command[ident/@value='property'][args_add_block//label/@value='kind_of:']")
+    end
+  end
+end

data/lib/foodcritic/rules/fc118.rb

@@ -0,0 +1,7 @@
+rule "FC118", "Resource property setting name_attribute vs. name_property" do
+  tags %w{correctness}
+  recipe do |ast|
+    ast.xpath("//command[ident/@value='property'
+      and descendant::bare_assoc_hash/assoc_new/label/@value='name_attribute:']")
+  end
+end

data/lib/foodcritic/rules/fc119.rb

@@ -0,0 +1,16 @@
+rule "FC119", "windows_task :change action no longer exists in Chef 13" do
+  tags %w{deprecation chef13}
+  recipe do |ast|
+    matches = []
+    find_resources(ast).each do |resource|
+      # if it's a ruby_block check for the :create action
+      matches << resource if resource_attribute(resource, "action") == :change && resource_type(resource) == "windows_task"
+
+      # no matter what check notification
+      notifications(resource).any? do |notification|
+        matches << resource if notification[:resource_type] == :windows_task && notification[:action] == :change
+      end
+    end
+    matches
+  end
+end

data/lib/foodcritic/template.rb

@@ -38,8 +38,8 @@ module FoodCritic
       def expressions(template_code)
         expr_lines = expressions_with_lines(template_code)
         expr_lines.map do |expr, line|
-          e = @expressions.find { |e| e[:code] == expr }
-          { code: expr, type: e[:type], line: line } if e
+          ex = @expressions.find { |e| e[:code] == expr }
+          { code: expr, type: ex[:type], line: line } if ex
         end.compact
       end
 

data/lib/foodcritic/version.rb

@@ -1,4 +1,4 @@
 module FoodCritic
   # The current version of foodcritic
-  VERSION = "12.3.0"
+  VERSION = "13.0.0"
 end

data/spec/functional/fc007_spec.rb

@@ -76,7 +76,7 @@ describe "FC007" do
   end
 
   context "with an include from the same cookbook" do
-    recipe_file 'incldue_recipe "test::other"'
+    recipe_file 'include_recipe "test::other"'
     it { is_expected.to_not violate_rule }
 
     context "with the shorthand syntax" do

data/spec/functional/fc009_spec.rb

@@ -1,32 +1,27 @@
 require "spec_helper"
 
 describe "FC009" do
-  context "on chef 13.0.133 with a cookbook that new dsc_resource attributes" do
-    foodcritic_command("--chef-version", "13.0.133", "--no-progress", ".")
+  context "on chef 13.6.4 with a cookbook that new dsc_resource attributes" do
+    foodcritic_command("--chef-version", "13.6.4", "--no-progress", ".")
     recipe_file <<-EOH
-      dsc_resource 'foo' do
-        resource :something
-        module_name 'foo'
-        module_version '1.0.0.0'
+      ifconfig 'foo' do
+        ethtool_opts 'something'
       end
     EOH
     it { is_expected.not_to violate_rule }
   end
 
-  context "on chef 12.18.31 with a cookbook that new dsc_resource attributes" do
-    foodcritic_command("--chef-version", "12.18.31", "--no-progress", ".")
+  context "on chef 13.0.113 with a cookbook that new dsc_resource attributes" do
+    foodcritic_command("--chef-version", "13.0.113", "--no-progress", ".")
     recipe_file <<-EOH
-      dsc_resource 'foo' do
-        resource :something
-        module_name 'foo'
-        module_version '1.0.0.0'
+      ifconfig 'foo' do
+        ethtool_opts 'something'
       end
     EOH
     it { is_expected.to violate_rule }
   end
 
   context "when the resource attribute is actually a raise" do
-    foodcritic_command("--chef-version", "12.18.31", "--no-progress", ".")
     recipe_file <<-EOH
       package package_name do
         provider case node["platform_family"]

data/spec/functional/fc025_spec.rb

@@ -0,0 +1,60 @@
+require "spec_helper"
+
+describe "FC025" do
+  context "with a recipe that does a blockless gem_package install" do
+    recipe_file <<-EOH
+      gem_package 'foo'
+    EOH
+    it { is_expected.not_to violate_rule }
+  end
+
+  context "with a recipe that does a gem_package install" do
+    recipe_file <<-EOH
+      gem_package 'foo' do
+        action :install
+    EOH
+    it { is_expected.not_to violate_rule }
+  end
+
+  context "with a recipe that does a gem_package install with a nothing action" do
+    recipe_file <<-EOH
+      gem_package 'foo' do
+        action :nothing
+    EOH
+    it { is_expected.not_to violate_rule }
+  end
+
+  context "with a recipe that does a compile_time gem install from an array" do
+    recipe_file <<-EOH
+    %w{bencode i18n transmission-simple}.each do |pkg|
+      r = gem_package pkg do
+        action :nothing
+      end
+      r.run_action(:install)
+    end
+    EOH
+    it { is_expected.to violate_rule }
+  end
+
+  context "with a recipe that does a compile_time gem install" do
+    recipe_file <<-EOH
+    r = gem_package "activesupport" do
+      version '2.3.11'
+      action :nothing
+    end
+    r.run_action(:install)
+    EOH
+    it { is_expected.to violate_rule }
+  end
+
+  context "with a recipe that does a compile_time gem upgrade" do
+    recipe_file <<-EOH
+    r = gem_package "activesupport" do
+      version '2.3.11'
+      action :nothing
+    end
+    r.run_action(:upgrade)
+    EOH
+    it { is_expected.to violate_rule }
+  end
+end

data/spec/functional/fc026_spec.rb

@@ -0,0 +1,66 @@
+require "spec_helper"
+
+describe "FC026" do
+  context "with a recipe that has a bracketed conditional that shouldn't be in a block" do
+    recipe_file <<-EOH
+      file 'foo' do
+        not_if { "ls foo" }
+      end
+    EOH
+    it { is_expected.to violate_rule }
+  end
+
+  context "with a recipe that has a conditional that shouldn't be in a block" do
+    recipe_file <<-EOH
+      file 'foo' do
+        not_if do "ls foo" end
+      end
+    EOH
+    it { is_expected.to violate_rule }
+  end
+
+  context "with a recipe that has a conditional with a variable that shouldn't be in a block" do
+    recipe_file <<-EOH
+      file 'foo' do
+        only_if { "ls \#{node['foo']['path']}" }
+      end
+    EOH
+    it { is_expected.to violate_rule }
+  end
+
+  context "with a recipe that has a conditional with a method that shouldn't be in a block" do
+    recipe_file <<-EOH
+      file 'foo' do
+        not_if { "ls \#{foo.method()}" }
+      end
+    EOH
+    it { is_expected.to violate_rule }
+  end
+
+  context "with a recipe that has a conditional of foo.bar" do
+    recipe_file <<-EOH
+      file 'foo' do
+        only_if { foo.bar }
+      end
+    EOH
+    it { is_expected.not_to violate_rule }
+  end
+
+  context "with a recipe that has a conditional of foo.to_s" do
+    recipe_file <<-EOH
+      file 'foo' do
+        not_if { foo.to_s }
+      end
+    EOH
+    it { is_expected.not_to violate_rule }
+  end
+
+  context "with a recipe that has a conditional of File.exists?('/etc/foo')" do
+    recipe_file <<-EOH
+      file 'foo' do
+        not_if { File.exists?("/etc/foo") }
+      end
+    EOH
+    it { is_expected.not_to violate_rule }
+  end
+end

data/spec/functional/fc037_spec.rb

@@ -0,0 +1,75 @@
+require "spec_helper"
+
+describe "FC037" do
+  context "with a resource that notifies using an action that is a string" do
+    recipe_file <<-EOF
+    file '/tmp/b.txt' do
+      content 'content'
+      notifies 'restart', 'service[httpd]', :delayed
+    end
+    EOF
+    it { is_expected.to violate_rule }
+  end
+
+  context "with a resource that notifies using an action as a symbol" do
+    recipe_file <<-EOF
+    file '/tmp/a.txt' do
+      content 'content'
+      notifies :restart, 'service[httpd]', :delayed
+    end
+    EOF
+    it { is_expected.not_to violate_rule }
+  end
+
+  context "with a resource that notifies using an action as a :'symbol'" do
+    recipe_file <<-EOF
+    file '/tmp/a.txt' do
+      content 'content'
+      notifies :'restart', 'service[httpd]', :delayed
+    end
+    EOF
+    it { is_expected.not_to violate_rule }
+  end
+
+  context "with a resource that notifies using an action that is an attribute" do
+    recipe_file <<-EOF
+    file '/tmp/a.txt' do
+      content 'content'
+      notifies node['foo']['bar'], 'service[httpd]', :delayed
+    end
+    EOF
+    it { is_expected.not_to violate_rule }
+  end
+
+  context "with a resource that notifies using an action that is a resource property" do
+    recipe_file <<-EOF
+    file '/tmp/a.txt' do
+      content 'content'
+      notifies new_resource.bob, 'service[httpd]', :delayed
+    end
+    EOF
+    it { is_expected.not_to violate_rule }
+  end
+
+  context "with a resource that notifies using an action that is a variable" do
+    recipe_file <<-EOF
+      file '/tmp/a.txt' do
+        content 'content'
+        notifies foo, 'service[httpd]', :delayed
+      end
+      EOF
+    it { is_expected.not_to violate_rule }
+  end
+
+  context "with a resource that notifies with a variable in a loop" do
+    recipe_file <<-EOF
+      file '/tmp/a.txt' do
+        content 'content'
+        Array(node['foo']['bar']).each do |action|
+          notifies action, 'service[httpd]', :delayed
+        end
+      end
+      EOF
+    it { is_expected.not_to violate_rule }
+  end
+end