Hey everyone,
It's Friday which means we have a new Cookstyle release with a ton of great changes!
Chef Cops Broken Up Into Four Departments
The Chef cops have been broken up into four more granular departments of cops. This makes it easier to pick and choose which cops to scan for, and makes disabling groups of cops simpler. Instead of just "Chef" we now have the following departments:
-
ChefDeprecations: Cops that detect (and in many cases correct) deprecations that will prevent cookbooks from running on modern versions of Chef Infra Client. -
ChefStyle: Cops that help with the format and readability of your cookbooks. -
ChefModernize: Cops that help you modernize your cookbooks to better use functionality introduced in new Chef Infra Client Releases. -
ChefEffortless: Cops that help with the migration to the Effortless pattern. These are disabled by default.
You can run cookstyle with just a single department:
cookstyle --only ChefDeprecations
You can also exclude a specific group from the command line:
cookstyle --except ChefStyle
You can also add the following to your .rubocop.yml config to disable a specific department:
ChefStyle:
Enabled: false
Chef Cop Documentation
Documentation for all Chef cops can now be found in the Cookstyle repos's docs directory
15 New Chef Cops
Chef/ResourceSetsInternalProperties
The ResourceSetsInternalProperties cop detects resources that set internal state properties used by built-in Chef Infra resources. These undocumented properties should not be set in a resource block and doing so will cause unexpected behavior when running Chef Infra Client.
Examples
Service resource setting the running property:
service 'foo' do
running true
action [:start, :enable]
end
Chef/ResourceSetsNameProperty
The ResourceSetsNameProperty cop detects a resource block with the name property set. The name property is a special property that is derived from the name of the resource block and should not be changed with the block. Changing the name within a resource block can cause issues with reporting and notifications. If you wish to give your resources a more friendly name, consider setting a name_property, which is available in all built-in Chef Infra resources. The name_property for each resource can be found in the resource reference documentation.
Examples
Service resource incorrectly setting the name property:
service 'Start the important service' do
name 'foo'
action [:start, :enable]
end
Service resource correctly setting the service_name name property:
service 'Start the important service' do
service_name 'foo'
action [:start, :enable]
end
Enabled by default: True
Autocorrects: No
Chef/ResourceWithNoneAction
The ResourceWithNoneAction cop detects the use of the :none action in a resource. The :none action is a common typo for the built-in :nothing action in all resources.
Examples
Service resource with the incorrect :none action:
service 'my_service' do
action [:none]
end
Enabled by default: True
Autocorrects: Yes
Chef/ChocolateyPackageUninstallAction
The ChocolateyPackageUninstallAction cop detects a chocolatey_package resource that uses the :uninstall action. The uninstall action has been replaced with the :remove action and will error in Chef Infra Client 14+.
Examples
chocolatey_package incorrectly setting the :uninstall action:
chocolatey_package 'nginx' do
action :uninstall
end
chocolatey_package correctly setting the :remove action:
chocolatey_package 'nginx' do
action :remove
end
Enabled by default: True
Autocorrects: Yes
Chef/LaunchdDeprecatedHashProperty
The LaunchdDeprecatedHashProperty cop detects the use of the deprecated hash property in the launchd resource. The hash property was renamed to plist_hash in Chef Infra Client 13 and support for the hash name was removed in Chef Infra Client 14.
Examples
launchd with the deprecated hash property:
launchd 'foo' do
hash foo: 'bar'
end
launchd with the correct plist_hash property:
launchd 'foo' do
plist_hash foo: 'bar'
end
Enabled by default: True
Autocorrects: Yes
Chef/LocaleDeprecatedLcAllProperty
The LocaleDeprecatedLcAllProperty cop detects the use of the lc_all property in the locale resource. The lc_all property was deprecated in Chef Infra Client 15.0 and will be removed in the 16.0 release. Setting the LC_ALL variable is NOT recommended. As a system-wide setting, LANG should provide the desired behavior. LC_ALL is intended to be used for temporarily troubleshooting issues rather than an everyday system setting. Changing LC_ALL can break Chef’s parsing of command output in unexpected ways. Use one of the more specific LC_ properties as needed.
Examples
locale resource setting the lc_all property:
locale 'set locale' do
lang 'en_gb.utf-8'
lc_all 'en_gb.utf-8'
end
Enabled by default: True
Autocorrects: No
Chef/UserDeprecatedSupportsProperty
The UserDeprecatedSupportsProperty cop detects the usage of the deprecated supports property in the user resource.
Enabled by default: True
Autocorrects: No
Chef/PowershellScriptExpandArchive
The PowershellScriptExpandArchive op detects the usage of the powershell_script resource to run the Expand-Archive Cmdlet. The archive_file resource in Chef Infra Client 15.0 should be used instead.
Examples
powershell_script using Expand-Archive to setup a website:
powershell_script 'Expand website' do
code 'Expand-Archive "C:\\file.zip" -DestinationPath "C:\\inetpub\\wwwroot\\mysite"'
not_if { File.exist?("C:\\inetpub\\wwwroot\\mysite") }
end
The same archive handled by archive_file:
archive_file 'Expand website' do
path 'C:\file.zip'
destination 'C:\inetpub\wwwroot\mysite'
end
Enabled by default: True
Autocorrects: No
Chef/PowershellInstallPackage
The PowershellInstallPackage cop detects the usage of the powershell_script resource to run the Install-Package Cmdlet. The powershell_package resources should be used to install packages via the PowerShell Package Manager instead.
Installing Docker via powershell_script and Install-Package:
powershell_script 'Install Docker' do
code 'Install-Package -Name docker'
not_if { File.exist?("C:\\Program Files\\Docker") }
end
The same package installed with powershell_package:
powershell_package 'Install Docker' do
package_name 'Docker'
end
Enabled by default: True
Autocorrects: No
Chef/PowershellInstallWindowsFeature
The PowershellInstallWindowsFeature cop detects the usage of the powershell_script resource to run the Install-WindowsFeature or Add-WindowsFeature Cmdlets. The windows_feature resource should be used to install Windows features.
Examples
powershell_script using Install-WindowsFeature to install a feature:
powershell_script 'Install Feature' do
code 'Install-WindowsFeature -Name "Windows-Identity-Foundation"'
not_if '(Get-WindowsFeature | where {$_.Name -eq "Windows-Identity-Foundation"}).IsInstalled -eq true'
end
The same feature install with windows_feature:
windows_feature 'Windows-Identity-Foundation' do
action :install
install_method :windows_feature_powershell
end
Enabled by default: True
Autocorrects: No
Chef/CookbookUsesNodeSave
The CookbookUsesNodeSave cop detects the usage of node.save within a cookbook. node.save is often used to ensure a run_list is saved, or so that other state information is immediately available for search by other nodes in your environment. The use of node.save can be incredibly problematic and should be avoided as a run failure will still result in the node data being saved to the Chef Infra Server. If search is used to put nodes into production state, this may result in non-functioning nodes being used.
Enabled by default: True
Autocorrects: No
Chef/SevenZipArchiveResource
The SevenZipArchiveResource cop detects the usage of the seven_zip_archive resource from the seven_zip community cookbook. The archive_file resource built into Chef Infra Client 15.0 should be used instead to avoid the need for extra cookbook dependencies.
Examples
Expanding a zip archive with seven_zip_archive:
seven_zip_archive 'seven_zip_source' do
path 'C:\inetpub\wwwroot\mysite'
source 'C:\file.zip'
end
The same archive handled by archive_file:
archive_file 'Expand website' do
path 'C:\file.zip'
destination 'C:\inetpub\wwwroot\mysite'
end
Enabled by default: True
Autocorrects: No
Chef/LibarchiveFile
The LibarchiveFile cop detects the usage of the libarchive_file resource from the libarchive community cookbook. The archive_file resource built into Chef Infra Client 15.0 is based on the libarchive_file resource and it should be used instead to avoid the need for extra cookbook dependencies.
Examples
Expanding a zip archive with libarchive_file:
libarchive_file 'seven_zip_source' do
path 'C:\file.zip'
destination 'C:\inetpub\wwwroot\mysite'
end
The same archive handled by archive_file:
archive_file 'Expand website' do
path 'C:\file.zip'
destination 'C:\inetpub\wwwroot\mysite'
end
Enabled by default: True
Autocorrects: No
Chef/ShellOutToChocolatey
The ShellOutToChocolatey cop detects the use of powershell_script or execute resources to shell out to Chocolatey's choco command line utility. Chef Infra Client ships with multiple chocolatey resources, which should be used instead to install packages, configure features, and setup sources:
Enabled by default: True
Autocorrects: No
Chef/UsesChefRESTHelpers
The UsesChefRESTHelpers cop detects the usage of the various Chef::REST helpers, which were removed in Chef Infra Client 13.0. For communicating with the Chef Infra Server directly, you may consider using the Chef::ServerAPI helpers instead.
Enabled by default: True
Autocorrects: No
Other fixes and changes
-
Chef/DefaultMetadataMaintainernow detects additional defaultmaintainerandmaintainer_emailfield values. -
Chef/UsesDeprecatedMixinsnow inspects files in the resources directory in addition to the providers and libraries directories.
Enjoy,
Tim