puppet-check 1.0.0

data/lib/puppet-check/cli.rb

@@ -0,0 +1,33 @@
+require 'optparse'
+require_relative '../puppet-check'
+
+# the command line interface for PuppetCheck
+class PuppetCheck::CLI
+  # run method for the cli
+  def self.run(args)
+    parse(args)
+    raise 'puppet-check: no paths specified' if args.empty?
+
+    # run PuppetCheck
+    PuppetCheck.new.run(args)
+  end
+
+  # parse the user arguments
+  def self.parse(args)
+    opt_parser = OptionParser.new do |opts|
+      # usage
+      opts.banner = 'usage: puppet-check [options] paths'
+
+      # bool options
+      opts.on('-f', '--future', 'Enable future parser') { PuppetCheck.future_parser = true }
+      opts.on('-s', '--style', 'Enable style checks') { PuppetCheck.style_check = true }
+      # arguments to style checkers
+      opts.on('--puppet-lint arg_one,arg_two', Array, 'Arguments for PuppetLint ignored checks') do |puppetlint_args|
+        PuppetCheck.puppetlint_args = puppetlint_args.map { |arg| "--#{arg}" }
+      end
+      opts.on('--rubocop arg_one,arg_two', String, 'Arguments for Rubocop disabled cops') { |arg| PuppetCheck.rubocop_args = ['--except', arg] }
+    end
+
+    opt_parser.parse!(args)
+  end
+end

data/lib/puppet-check/data_parser.rb

@@ -0,0 +1,95 @@
+require_relative '../puppet-check'
+
+# executes diagnostics on data files
+class DataParser
+  # checks yaml (.yaml/.yml)
+  def self.yaml(files)
+    require 'yaml'
+
+    files.each do |file|
+      # check yaml syntax
+      begin
+        parsed = YAML.load_file(file)
+      rescue Psych::SyntaxError, StandardError => err
+        PuppetCheck.error_files.push("-- #{file}:\n#{err.to_s.gsub("(#{file}): ", '')}")
+      else
+        warnings = hiera(parsed)
+        next PuppetCheck.warning_files.push("-- #{file}:\n#{warnings.join("\n")}") unless warnings.empty?
+        PuppetCheck.clean_files.push("-- #{file}")
+      end
+    end
+  end
+
+  # checks json (.json)
+  def self.json(files)
+    require 'json'
+
+    files.each do |file|
+      # check json syntax
+      begin
+        parsed = JSON.parse(File.read(file))
+      rescue JSON::ParserError => err
+        PuppetCheck.error_files.push("-- #{file}:\n#{err.to_s.lines.first.strip}")
+      else
+        # check metadata.json
+        if file =~ /.*metadata\.json$/
+          # metadata-json-lint has issues and is essentially no longer maintained so here is an improved and leaner version of it
+          require 'spdx-licenses'
+
+          # check for errors
+          errors = []
+
+          # check for required keys
+          %w(name version author license summary source dependencies).each do |key|
+            errors.push("Required field '#{key}' not found in metadata.json.") unless parsed.key?(key)
+          end
+
+          # check for duplicate dependencies and requirements
+          %w(requirements dependencies).each do |key|
+            next unless parsed.key?(key)
+            names = []
+            parsed[key].each do |req_dep|
+              name = req_dep['name']
+              errors.push("Duplicate #{key} on #{name}.") if names.include?(name)
+              names << name
+            end
+          end
+
+          # check for deprecated fields
+          %w(types checksum).each do |key|
+            errors.push("Deprecated field '#{key}' found.") if parsed.key?(key)
+          end
+
+          # check for summary under 144 character
+          errors.push('Summary exceeds 144 characters.') if parsed.key?('summary') && parsed['summary'].size > 144
+
+          next PuppetCheck.error_files.push("-- #{file}:\n#{errors.join("\n")}") unless errors.empty?
+
+          # check for warnings
+          warnings = []
+
+          # check for spdx license (rubygems/util/licenses for rubygems >= 2.5 in the far future)
+          if parsed.key?('license') && !SpdxLicenses.exist?(parsed['license']) && parsed['license'] !~ /[pP]roprietary/
+            warnings.push("License identifier '#{parsed['license']}' is not in the SPDX list: http://spdx.org/licenses/")
+          end
+
+          next PuppetCheck.warning_files.push("-- #{file}:\n#{warnings.join("\n")}") unless warnings.empty?
+        else
+          # check for questionable hieradata
+          warnings = hiera(parsed)
+          next PuppetCheck.warning_files.push("-- #{file}:\n#{warnings.join("\n")}") unless warnings.empty?
+        end
+        PuppetCheck.clean_files.push("-- #{file}")
+      end
+    end
+  end
+
+  # checks hieradata
+  def self.hiera(data)
+    warnings = []
+    data.each do |key, value|
+      warnings.push("Values missing in key '#{key}'.") if value.class.to_s == 'NilClass'
+    end
+    warnings
+  end
+end

data/lib/puppet-check/puppet_parser.rb

@@ -0,0 +1,77 @@
+require 'puppet'
+require_relative '../puppet-check'
+
+# executes diagnostics on puppet files
+class PuppetParser
+  # checks puppet (.pp)
+  def self.manifest(files)
+    require 'puppet/face'
+
+    # prepare the Puppet settings for the error checking
+    Puppet.initialize_settings unless Puppet.settings.app_defaults_initialized?
+    Puppet[:parser] = 'future' if PuppetCheck.future_parser && (Puppet::PUPPETVERSION.to_i < 4)
+
+    files.each do |file|
+      # setup error logging and collection
+      errors = []
+      Puppet::Util::Log.newdestination(Puppet::Test::LogCollector.new(errors))
+
+      # check puppet syntax
+      begin
+        Puppet::Face[:parser, :current].validate(file)
+      # this is the actual error that we need to rescue Puppet::Face from
+      rescue SystemExit
+        next PuppetCheck.error_files.push("-- #{file}:\n#{errors.map(&:to_s).join("\n").gsub("#{File.absolute_path(file)}:", '')}")
+      end
+
+      # initialize warnings with output from the parser if it exists since they are warnings if they did not trigger a SystemExit
+      warnings = errors.empty? ? "-- #{file}:" : "-- #{file}:\n#{errors.map(&:to_s).join("\n").gsub("#{File.absolute_path(file)}:", '')}"
+      Puppet::Util::Log.close_all
+
+      # check puppet style
+      if PuppetCheck.style_check
+        require 'puppet-lint'
+        require 'puppet-lint/optparser'
+
+        # check for invalid arguments to PuppetLint
+        begin
+          PuppetLint::OptParser.build.parse!(PuppetCheck.puppetlint_args)
+        rescue OptionParser::InvalidOption
+          raise 'puppet-lint: invalid option'
+        end
+
+        # prepare the PuppetLint object for style checks
+        puppet_lint = PuppetLint.new
+        puppet_lint.file = file
+        puppet_lint.run
+
+        # collect the warnings
+        if puppet_lint.warnings?
+          puppet_lint.problems.each { |values| warnings += "\n#{values[:message]} at line #{values[:line]}, column #{values[:column]}" }
+        end
+      end
+      next PuppetCheck.warning_files.push(warnings) unless warnings == "-- #{file}:"
+      PuppetCheck.clean_files.push("-- #{file}")
+    end
+  end
+
+  # checks puppet template (.epp)
+  def self.template(files)
+    require 'puppet/pops'
+
+    files.each do |file|
+      # puppet before version 4 cannot check template syntax
+      next PuppetCheck.ignored_files.push("-- #{file}: ignored due to Puppet Agent < 4.0.0") if Puppet::PUPPETVERSION.to_i < 4
+
+      # check puppet template syntax
+      begin
+        # credits to gds-operations/puppet-syntax for the parser function call
+        Puppet::Pops::Parser::EvaluatingParser::EvaluatingEppParser.new.parse_file(file)
+      rescue StandardError => err
+        PuppetCheck.error_files.push("-- #{file}:\n#{err.to_s.gsub("#{file}:", '')}")
+      else
+        PuppetCheck.clean_files.push("-- #{file}")
+      end
+    end
+  end
+end

data/lib/puppet-check/ruby_parser.rb

@@ -0,0 +1,93 @@
+require_relative '../puppet-check'
+require_relative 'utils'
+
+# executes diagnostics on ruby files
+class RubyParser
+  # checks ruby (.rb)
+  def self.ruby(files)
+    files.each do |file|
+      # check ruby syntax
+      begin
+        catch(:good) { instance_eval("BEGIN {throw :good}; #{File.read(file)}") }
+      rescue ScriptError, StandardError => err
+        PuppetCheck.error_files.push("-- #{file}:\n#{err}")
+      else
+        # check ruby style
+        if PuppetCheck.style_check
+          require 'rubocop'
+
+          # check RuboCop and collect warnings
+          rubocop_warnings = Utils.capture_stdout { RuboCop::CLI.new.run(PuppetCheck.rubocop_args + ['--format', 'emacs', file]) }
+          warnings = rubocop_warnings == '' ? '' : rubocop_warnings.split("#{File.absolute_path(file)}:").join('')
+
+          # check Reek
+          if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0')
+            require 'reek'
+            require 'reek/cli/application'
+            reek_warnings = Utils.capture_stdout { Reek::CLI::Application.new([file]).execute }
+            warnings += reek_warnings.split("\n")[1..-1].map(&:strip).join("\n") unless reek_warnings == ''
+          end
+
+          # return warnings
+          next PuppetCheck.warning_files.push("-- #{file}:\n#{warnings.strip}") unless warnings == ''
+        end
+        PuppetCheck.clean_files.push("-- #{file}")
+      end
+    end
+  end
+
+  # checks ruby template (.erb)
+  def self.template(files)
+    require 'erb'
+
+    files.each do |file|
+      # check ruby template syntax
+      begin
+        # need to eventually have this associated with a different binding during each iteration
+        # warnings = Util.capture_stderr { ERB.new(File.read(file), nil, '-').result(RubyParser.new.binding) }
+        warnings = Utils.capture_stderr { ERB.new(File.read(file), nil, '-').result }
+      # credits to gds-operations/puppet-syntax for errors to ignore
+      rescue NameError, TypeError
+        # empty out warnings since it would contain an error if this pass triggers
+        warnings = ''
+      rescue ScriptError => err
+        next PuppetCheck.error_files.push("-- #{file}:\n#{err}")
+      end
+      # return warnings from the check if there were any
+      next PuppetCheck.warning_files.push("-- #{file}:\n#{warnings.gsub('warning: ', '').split('(erb):').join('').strip}") unless warnings == ''
+      PuppetCheck.clean_files.push("-- #{file}")
+    end
+  end
+
+  # checks librarian puppet (Puppetfile/Modulefile) and misc ruby (Rakefile/Gemfile)
+  def self.librarian(files)
+    files.each do |file|
+      begin
+        # check librarian puppet syntax
+        catch(:good) { instance_eval("BEGIN {throw :good}; #{File.read(file)}") }
+      rescue SyntaxError, LoadError, ArgumentError => err
+        PuppetCheck.error_files.push("-- #{file}:\n#{err}")
+      else
+        # check librarian puppet style
+        if PuppetCheck.style_check
+          require 'rubocop'
+
+          # check Rubocop
+          rubocop_args = PuppetCheck.rubocop_args.clone
+          # RuboCop is confused about the first 'mod' argument in librarian puppet (and Rakefiles and Gemfiles) so disable the Style/FileName check
+          rubocop_args.include?('--except') ? rubocop_args[rubocop_args.index('--except') + 1] = "#{rubocop_args[rubocop_args.index('--except') + 1]},Style/FileName" : rubocop_args.concat(['--except', 'Style/FileName'])
+          warnings = Utils.capture_stdout { RuboCop::CLI.new.run(rubocop_args + ['--format', 'emacs', file]) }
+
+          # collect style warnings
+          next PuppetCheck.warning_files.push("-- #{file}:\n#{warnings.split("#{File.absolute_path(file)}:").join('')}") unless warnings.empty?
+        end
+        PuppetCheck.clean_files.push("-- #{file}")
+      end
+    end
+  end
+
+  # potentially for unique erb bindings
+  def binding
+    binding
+  end
+end

data/lib/puppet-check/tasks.rb

@@ -0,0 +1,15 @@
+require 'rake'
+require 'rake/tasklib'
+require_relative '../puppet-check'
+
+# the rake interface for PuppetCheck
+class PuppetCheck::Tasks < ::Rake::TaskLib
+  def initialize
+    desc 'Execute Puppet-Check file checks'
+    task 'puppetcheck:file' do
+      exit PuppetCheck.new.run(Dir.glob('*'))
+    end
+  end
+end
+
+PuppetCheck::Tasks.new

data/lib/puppet-check/utils.rb

@@ -0,0 +1,22 @@
+# utility methods totally not edited from StackOverflow
+class Utils
+  # captures stdout from a block: out = capture_stdout { code }
+  def self.capture_stdout
+    old_stdout = $stdout
+    $stdout = StringIO.new
+    yield
+    $stdout.string
+  ensure
+    $stdout = old_stdout
+  end
+
+  # captures stderr from a block: err = capture_stderr { code }
+  def self.capture_stderr
+    old_stderr = $stderr
+    $stderr = StringIO.new
+    yield
+    $stderr.string
+  ensure
+    $stderr = old_stderr
+  end
+end

data/puppet-check.gemspec

@@ -0,0 +1,25 @@
+Gem::Specification.new do |spec|
+  spec.name          = 'puppet-check'
+  spec.version       = '1.0.0'
+  spec.authors       = ['Matt Schuchard']
+  spec.description   = 'Puppet Check is a gem that provides a comprehensive, streamlined, and efficient analysis of the syntax, style, and validity of your entire Puppet code and data.'
+  spec.summary       = 'A streamlined comprehensive set of checks for your entire Puppet code and data'
+  spec.homepage      = 'https://www.github.com/mschuchard/puppet-check'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |file| File.basename(file) }
+  spec.test_files    = spec.files.grep(%r{^spec/})
+  spec.require_paths = Dir['lib']
+
+  spec.required_ruby_version = Gem::Requirement.new('>= 1.9.3')
+  spec.add_dependency 'puppet', '>= 3.2', '< 5'
+  # spec.add_dependency 'rspec', '~> 3.0'
+  spec.add_dependency 'rake', '>= 9', '< 13'
+  spec.add_dependency 'rubocop', '~> 0'
+  spec.add_dependency 'puppet-lint', '~> 1.1'
+  # spec.add_dependency 'rspec-puppet', '~> 2.0'
+  # spec.add_dependency 'beaker.' '~> 2.0'
+  spec.add_dependency 'spdx-licenses', '~> 1.0'
+  spec.add_development_dependency 'rspec', '~> 3.0'
+end

data/spec/fixtures/foobarbaz

@@ -0,0 +1 @@
+foobarbaz

data/spec/fixtures/hieradata/good.json

@@ -0,0 +1,7 @@
+{
+  "i": "am",
+  "a": {
+    "good": "json"
+  },
+  "file": "."
+}

data/spec/fixtures/hieradata/good.yaml

@@ -0,0 +1,7 @@
+---
+i:
+  - am
+  - a
+
+good:
+  yaml: file

data/spec/fixtures/hieradata/style.yaml

@@ -0,0 +1,15 @@
+---
+i: 'am'
+
+:a:
+  good:
+    - yaml
+    - file
+
+but: 'i am missing a'
+
+value:
+
+and:
+  also: 'a'
+  subvalue:

data/spec/fixtures/hieradata/syntax.json

@@ -0,0 +1,8 @@
+{
+  "i": "am"
+  "a": {
+    "json": "file",
+  }
+  "with": "bad",
+  "syntax":
+}

data/spec/fixtures/hieradata/syntax.yaml

@@ -0,0 +1,8 @@
+---
+i: - am :a:
+  - :yaml:
+  - file:
+
+with:
+  : bad
+  :syntax: -

data/spec/fixtures/lib/good.rb

@@ -0,0 +1 @@
+puts 'i am a good ruby file'

data/spec/fixtures/lib/rubocop_style.rb

@@ -0,0 +1,3 @@
+hash = { :i => 'am' }
+$a = 'ruby'
+puts "file with bad style"

data/spec/fixtures/lib/style.rb

@@ -0,0 +1,12 @@
+hash = { :i => 'am' }
+$a = 'ruby'
+puts "file with bad style"
+
+# Reek
+class Issue
+  attr_accessor :foobarbaz
+
+  def initialize
+    #
+  end
+end