From 063e2e2dbf344ea10135a36f588da9bb9f973b4f Mon Sep 17 00:00:00 2001 From: Steven Pritchard Date: Tue, 17 Dec 2024 09:30:11 -0600 Subject: [PATCH 1/2] Clean up for rubocop --- .github/workflows/pr_tests.yml | 11 +- .rubocop.yml | 699 ++++++++++++++++++ Gemfile | 11 +- .../suites/default/00_default_spec.rb | 128 ++-- spec/classes/check_spec.rb | 43 +- spec/classes/config_spec.rb | 5 +- spec/classes/init_spec.rb | 16 +- spec/classes/update_spec.rb | 43 +- spec/spec_helper.rb | 15 +- spec/spec_helper_acceptance.rb | 39 +- spec/type_aliases/bindpath_spec.rb | 20 +- 11 files changed, 865 insertions(+), 165 deletions(-) create mode 100644 .rubocop.yml diff --git a/.github/workflows/pr_tests.yml b/.github/workflows/pr_tests.yml index 21ca28c..bcc5fb0 100644 --- a/.github/workflows/pr_tests.yml +++ b/.github/workflows/pr_tests.yml @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: "Install Ruby ${{matrix.puppet.ruby_version}}" + - name: "Install Ruby 2.7" uses: ruby/setup-ruby@v1 # ruby/setup-ruby@ec106b438a1ff6ff109590de34ddc62c540232e0 with: ruby-version: 2.7 @@ -47,7 +47,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: "Install Ruby ${{matrix.puppet.ruby_version}}" + - name: "Install Ruby 2.7" uses: ruby/setup-ruby@v1 with: ruby-version: 2.7 @@ -56,13 +56,12 @@ jobs: - run: "bundle exec rake metadata_lint" ruby-style: - if: false # TODO Modules will need: rubocop in Gemfile, .rubocop.yml - name: 'Ruby Style (experimental)' + name: 'Ruby Style' runs-on: ubuntu-latest continue-on-error: true steps: - uses: actions/checkout@v3 - - name: "Install Ruby ${{matrix.puppet.ruby_version}}" + - name: "Install Ruby 2.7" uses: ruby/setup-ruby@v1 with: ruby-version: 2.7 @@ -89,7 +88,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: 'Install Ruby ${{matrix.puppet.ruby_version}}' + - name: 'Install Ruby 2.7' uses: ruby/setup-ruby@v1 with: ruby-version: 2.7 diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 0000000..65c8c0a --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,699 @@ +--- +require: + - rubocop-performance + - rubocop-rake + - rubocop-rspec +AllCops: + NewCops: enable + DisplayCopNames: true + TargetRubyVersion: "2.7" + Include: + - "**/*.rb" + Exclude: + - bin/* + - ".vendor/**/*" + - pkg/**/* + - spec/fixtures/**/* + - vendor/**/* + - "**/Puppetfile" + - "**/Vagrantfile" + - "**/Guardfile" +Layout/LineLength: + Description: People have wide screens, use them. + Max: 200 +RSpec/BeforeAfterAll: + Description: + Beware of using after(:all) as it may cause state to leak between tests. + A necessary evil in acceptance testing. + Exclude: + - spec/acceptance/**/*.rb +RSpec/HookArgument: + Description: Prefer explicit :each argument, matching existing module's style + EnforcedStyle: each +RSpec/DescribeSymbol: + Exclude: + - spec/unit/facter/**/*.rb +Style/BlockDelimiters: + Description: + Prefer braces for chaining. Mostly an aesthetical choice. Better to + be consistent then. + EnforcedStyle: braces_for_chaining +Style/ClassAndModuleChildren: + Description: Compact style reduces the required amount of indentation. + EnforcedStyle: compact +Style/EmptyElse: + Description: Enforce against empty else clauses, but allow `nil` for clarity. + EnforcedStyle: empty +Style/FormatString: + Description: Following the main puppet project's style, prefer the % format format. + EnforcedStyle: percent +Style/FormatStringToken: + Description: + Following the main puppet project's style, prefer the simpler template + tokens over annotated ones. + EnforcedStyle: template +Style/Lambda: + Description: Prefer the keyword for easier discoverability. + EnforcedStyle: literal +Style/RegexpLiteral: + Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168 + EnforcedStyle: percent_r +Style/TernaryParentheses: + Description: + Checks for use of parentheses around ternary conditions. Enforce parentheses + on complex expressions for better readability, but seriously consider breaking + it up. + EnforcedStyle: require_parentheses_when_complex +Style/TrailingCommaInArguments: + Description: + Prefer always trailing comma on multiline argument lists. This makes + diffs, and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/TrailingCommaInArrayLiteral: + Description: + Prefer always trailing comma on multiline literals. This makes diffs, + and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/SymbolArray: + Description: Using percent style obscures symbolic intent of array's contents. + EnforcedStyle: brackets +RSpec/MessageSpies: + EnforcedStyle: receive +Style/Documentation: + Exclude: + - lib/puppet/parser/functions/**/* + - spec/**/* +Style/WordArray: + EnforcedStyle: brackets +Performance/AncestorsInclude: + Enabled: true +Performance/BigDecimalWithNumericArgument: + Enabled: true +Performance/BlockGivenWithExplicitBlock: + Enabled: true +Performance/CaseWhenSplat: + Enabled: true +Performance/ConstantRegexp: + Enabled: true +Performance/MethodObjectAsBlock: + Enabled: true +Performance/RedundantSortBlock: + Enabled: true +Performance/RedundantStringChars: + Enabled: true +Performance/ReverseFirst: + Enabled: true +Performance/SortReverse: + Enabled: true +Performance/Squeeze: + Enabled: true +Performance/StringInclude: + Enabled: true +Performance/Sum: + Enabled: true +Style/CollectionMethods: + Enabled: true +Style/MethodCalledOnDoEndBlock: + Enabled: true +Style/StringMethods: + Enabled: true +Bundler/GemFilename: + Enabled: false +Bundler/InsecureProtocolSource: + Enabled: false +Gemspec/DuplicatedAssignment: + Enabled: false +Gemspec/OrderedDependencies: + Enabled: false +Gemspec/RequiredRubyVersion: + Enabled: false +Gemspec/RubyVersionGlobalsUsage: + Enabled: false +Layout/ArgumentAlignment: + Enabled: false +Layout/BeginEndAlignment: + Enabled: false +Layout/ClosingHeredocIndentation: + Enabled: false +Layout/EmptyComment: + Enabled: false +Layout/EmptyLineAfterGuardClause: + Enabled: false +Layout/EmptyLinesAroundArguments: + Enabled: false +Layout/EmptyLinesAroundAttributeAccessor: + Enabled: false +Layout/EndOfLine: + Enabled: false +Layout/FirstArgumentIndentation: + Enabled: false +Layout/HashAlignment: + Enabled: false +Layout/HeredocIndentation: + Enabled: false +Layout/LeadingEmptyLines: + Enabled: false +Layout/SpaceAroundMethodCallOperator: + Enabled: false +Layout/SpaceInsideArrayLiteralBrackets: + Enabled: false +Layout/SpaceInsideReferenceBrackets: + Enabled: false +Lint/BigDecimalNew: + Enabled: false +Lint/BooleanSymbol: + Enabled: false +Lint/ConstantDefinitionInBlock: + Enabled: false +Lint/DeprecatedOpenSSLConstant: + Enabled: false +Lint/DisjunctiveAssignmentInConstructor: + Enabled: false +Lint/DuplicateElsifCondition: + Enabled: false +Lint/DuplicateRequire: + Enabled: false +Lint/DuplicateRescueException: + Enabled: false +Lint/EmptyConditionalBody: + Enabled: false +Lint/EmptyFile: + Enabled: false +Lint/ErbNewArguments: + Enabled: false +Lint/FloatComparison: + Enabled: false +Lint/HashCompareByIdentity: + Enabled: false +Lint/IdentityComparison: + Enabled: false +Lint/InterpolationCheck: + Enabled: false +Lint/MissingCopEnableDirective: + Enabled: false +Lint/MixedRegexpCaptureTypes: + Enabled: false +Lint/NestedPercentLiteral: + Enabled: false +Lint/NonDeterministicRequireOrder: + Enabled: false +Lint/OrderedMagicComments: + Enabled: false +Lint/OutOfRangeRegexpRef: + Enabled: false +Lint/RaiseException: + Enabled: false +Lint/RedundantCopEnableDirective: + Enabled: false +Lint/RedundantRequireStatement: + Enabled: false +Lint/RedundantSafeNavigation: + Enabled: false +Lint/RedundantWithIndex: + Enabled: false +Lint/RedundantWithObject: + Enabled: false +Lint/RegexpAsCondition: + Enabled: false +Lint/ReturnInVoidContext: + Enabled: false +Lint/SafeNavigationConsistency: + Enabled: false +Lint/SafeNavigationWithEmpty: + Enabled: false +Lint/SelfAssignment: + Enabled: false +Lint/SendWithMixinArgument: + Enabled: false +Lint/ShadowedArgument: + Enabled: false +Lint/StructNewOverride: + Enabled: false +Lint/ToJSON: + Enabled: false +Lint/TopLevelReturnWithArgument: + Enabled: false +Lint/TrailingCommaInAttributeDeclaration: + Enabled: false +Lint/UnreachableLoop: + Enabled: false +Lint/UriEscapeUnescape: + Enabled: false +Lint/UriRegexp: + Enabled: false +Lint/UselessMethodDefinition: + Enabled: false +Lint/UselessTimes: + Enabled: false +Metrics/AbcSize: + Enabled: false +Metrics/BlockLength: + Enabled: false +Metrics/BlockNesting: + Enabled: false +Metrics/ClassLength: + Enabled: false +Metrics/CyclomaticComplexity: + Enabled: false +Metrics/MethodLength: + Enabled: false +Metrics/ModuleLength: + Enabled: false +Metrics/ParameterLists: + Enabled: false +Metrics/PerceivedComplexity: + Enabled: false +Migration/DepartmentName: + Enabled: false +Naming/AccessorMethodName: + Enabled: false +Naming/BlockParameterName: + Enabled: false +Naming/HeredocDelimiterCase: + Enabled: false +Naming/HeredocDelimiterNaming: + Enabled: false +Naming/MemoizedInstanceVariableName: + Enabled: false +Naming/MethodParameterName: + Enabled: false +Naming/RescuedExceptionsVariableName: + Enabled: false +Naming/VariableNumber: + Enabled: false +Performance/BindCall: + Enabled: false +Performance/DeletePrefix: + Enabled: false +Performance/DeleteSuffix: + Enabled: false +Performance/InefficientHashSearch: + Enabled: false +Performance/UnfreezeString: + Enabled: false +Performance/UriDefaultParser: + Enabled: false +RSpec/Be: + Enabled: false +RSpec/Dialect: + Enabled: false +RSpec/ContainExactly: + Enabled: false +RSpec/ContextMethod: + Enabled: false +RSpec/ContextWording: + Enabled: false +RSpec/DescribeClass: + Enabled: false +RSpec/EmptyHook: + Enabled: false +RSpec/EmptyLineAfterExample: + Enabled: false +RSpec/EmptyLineAfterExampleGroup: + Enabled: false +RSpec/EmptyLineAfterHook: + Enabled: false +RSpec/ExampleLength: + Enabled: false +RSpec/ExampleWithoutDescription: + Enabled: false +RSpec/ExpectChange: + Enabled: false +RSpec/ExpectInHook: + Enabled: false +RSpec/HooksBeforeExamples: + Enabled: false +RSpec/ImplicitBlockExpectation: + Enabled: false +RSpec/ImplicitSubject: + Enabled: false +RSpec/LeakyConstantDeclaration: + Enabled: false +RSpec/LetBeforeExamples: + Enabled: false +RSpec/MatchArray: + Enabled: false +RSpec/MissingExampleGroupArgument: + Enabled: false +RSpec/MultipleExpectations: + Enabled: false +RSpec/MultipleMemoizedHelpers: + Enabled: false +RSpec/MultipleSubjects: + Enabled: false +RSpec/NestedGroups: + Enabled: false +RSpec/PredicateMatcher: + Enabled: false +RSpec/ReceiveCounts: + Enabled: false +RSpec/ReceiveNever: + Enabled: false +RSpec/RepeatedExampleGroupBody: + Enabled: false +RSpec/RepeatedExampleGroupDescription: + Enabled: false +RSpec/RepeatedIncludeExample: + Enabled: false +RSpec/ReturnFromStub: + Enabled: false +RSpec/SharedExamples: + Enabled: false +RSpec/StubbedMock: + Enabled: false +RSpec/UnspecifiedException: + Enabled: false +RSpec/VariableDefinition: + Enabled: false +RSpec/VoidExpect: + Enabled: false +RSpec/Yield: + Enabled: false +Security/Open: + Enabled: false +Style/AccessModifierDeclarations: + Enabled: false +Style/AccessorGrouping: + Enabled: false +Style/BisectedAttrAccessor: + Enabled: false +Style/CaseLikeIf: + Enabled: false +Style/ClassEqualityComparison: + Enabled: false +Style/ColonMethodDefinition: + Enabled: false +Style/CombinableLoops: + Enabled: false +Style/CommentedKeyword: + Enabled: false +Style/Dir: + Enabled: false +Style/DoubleCopDisableDirective: + Enabled: false +Style/EmptyBlockParameter: + Enabled: false +Style/EmptyLambdaParameter: + Enabled: false +Style/Encoding: + Enabled: false +Style/EvalWithLocation: + Enabled: false +Style/ExpandPathArguments: + Enabled: false +Style/ExplicitBlockArgument: + Enabled: false +Style/ExponentialNotation: + Enabled: false +Style/FloatDivision: + Enabled: false +Style/FrozenStringLiteralComment: + Enabled: false +Style/GlobalStdStream: + Enabled: false +Style/HashAsLastArrayItem: + Enabled: false +Style/HashLikeCase: + Enabled: false +Style/HashTransformKeys: + Enabled: false +Style/HashTransformValues: + Enabled: false +Style/IfUnlessModifier: + Enabled: false +Style/KeywordParametersOrder: + Enabled: false +Style/MinMax: + Enabled: false +Style/MixinUsage: + Enabled: false +Style/MultilineWhenThen: + Enabled: false +Style/NegatedUnless: + Enabled: false +Style/NumericPredicate: + Enabled: false +Style/OptionalBooleanParameter: + Enabled: false +Style/OrAssignment: + Enabled: false +Style/RandomWithOffset: + Enabled: false +Style/RedundantAssignment: + Enabled: false +Style/RedundantCondition: + Enabled: false +Style/RedundantConditional: + Enabled: false +Style/RedundantFetchBlock: + Enabled: false +Style/RedundantFileExtensionInRequire: + Enabled: false +Style/RedundantRegexpCharacterClass: + Enabled: false +Style/RedundantRegexpEscape: + Enabled: false +Style/RedundantSelfAssignment: + Enabled: false +Style/RedundantSort: + Enabled: false +Style/RescueStandardError: + Enabled: false +Style/SingleArgumentDig: + Enabled: false +Style/SlicingWithRange: + Enabled: false +Style/SoleNestedConditional: + Enabled: false +Style/StderrPuts: + Enabled: false +Style/StringConcatenation: + Enabled: false +Style/Strip: + Enabled: false +Style/SymbolProc: + Enabled: false +Style/TrailingBodyOnClass: + Enabled: false +Style/TrailingBodyOnMethodDefinition: + Enabled: false +Style/TrailingBodyOnModule: + Enabled: false +Style/TrailingCommaInHashLiteral: + Enabled: false +Style/TrailingMethodEndStatement: + Enabled: false +Style/UnpackFirst: + Enabled: false +Gemspec/DeprecatedAttributeAssignment: + Enabled: false +Gemspec/DevelopmentDependencies: + Enabled: false +Gemspec/RequireMFA: + Enabled: false +Layout/LineContinuationLeadingSpace: + Enabled: false +Layout/LineContinuationSpacing: + Enabled: false +Layout/LineEndStringConcatenationIndentation: + Enabled: false +Layout/SpaceBeforeBrackets: + Enabled: false +Lint/AmbiguousAssignment: + Enabled: false +Lint/AmbiguousOperatorPrecedence: + Enabled: false +Lint/AmbiguousRange: + Enabled: false +Lint/ConstantOverwrittenInRescue: + Enabled: false +Lint/DeprecatedConstants: + Enabled: false +Lint/DuplicateBranch: + Enabled: false +Lint/DuplicateMagicComment: + Enabled: false +Lint/DuplicateMatchPattern: + Enabled: false +Lint/DuplicateRegexpCharacterClassElement: + Enabled: false +Lint/EmptyBlock: + Enabled: false +Lint/EmptyClass: + Enabled: false +Lint/EmptyInPattern: + Enabled: false +Lint/IncompatibleIoSelectWithFiberScheduler: + Enabled: false +Lint/LambdaWithoutLiteralBlock: + Enabled: false +Lint/NoReturnInBeginEndBlocks: + Enabled: false +Lint/NonAtomicFileOperation: + Enabled: false +Lint/NumberedParameterAssignment: + Enabled: false +Lint/OrAssignmentToConstant: + Enabled: false +Lint/RedundantDirGlobSort: + Enabled: false +Lint/RefinementImportMethods: + Enabled: false +Lint/RequireRangeParentheses: + Enabled: false +Lint/RequireRelativeSelfPath: + Enabled: false +Lint/SymbolConversion: + Enabled: false +Lint/ToEnumArguments: + Enabled: false +Lint/TripleQuotes: + Enabled: false +Lint/UnexpectedBlockArity: + Enabled: false +Lint/UnmodifiedReduceAccumulator: + Enabled: false +Lint/UselessRescue: + Enabled: false +Lint/UselessRuby2Keywords: + Enabled: false +Metrics/CollectionLiteralLength: + Enabled: false +Naming/BlockForwarding: + Enabled: false +Performance/CollectionLiteralInLoop: + Enabled: false +Performance/ConcurrentMonotonicTime: + Enabled: false +Performance/MapCompact: + Enabled: false +Performance/RedundantEqualityComparisonBlock: + Enabled: false +Performance/RedundantSplitRegexpArgument: + Enabled: false +Performance/StringIdentifierArgument: + Enabled: false +RSpec/BeEq: + Enabled: false +RSpec/BeNil: + Enabled: false +RSpec/ChangeByZero: + Enabled: false +RSpec/ClassCheck: + Enabled: false +RSpec/DuplicatedMetadata: + Enabled: false +RSpec/ExcessiveDocstringSpacing: + Enabled: false +RSpec/IdenticalEqualityAssertion: + Enabled: false +RSpec/NoExpectationExample: + Enabled: false +RSpec/PendingWithoutReason: + Enabled: false +RSpec/RedundantAround: + Enabled: false +RSpec/SkipBlockInsideExample: + Enabled: false +RSpec/SortMetadata: + Enabled: false +RSpec/SubjectDeclaration: + Enabled: false +RSpec/VerifiedDoubleReference: + Enabled: false +Security/CompoundHash: + Enabled: false +Security/IoMethods: + Enabled: false +Style/ArgumentsForwarding: + Enabled: false +Style/ArrayIntersect: + Enabled: false +Style/CollectionCompact: + Enabled: false +Style/ComparableClamp: + Enabled: false +Style/ConcatArrayLiterals: + Enabled: false +Style/DataInheritance: + Enabled: false +Style/DirEmpty: + Enabled: false +Style/DocumentDynamicEvalDefinition: + Enabled: false +Style/EmptyHeredoc: + Enabled: false +Style/EndlessMethod: + Enabled: false +Style/EnvHome: + Enabled: false +Style/FetchEnvVar: + Enabled: false +Style/FileEmpty: + Enabled: false +Style/FileRead: + Enabled: false +Style/FileWrite: + Enabled: false +Style/HashConversion: + Enabled: false +Style/HashExcept: + Enabled: false +Style/IfWithBooleanLiteralBranches: + Enabled: false +Style/InPatternThen: + Enabled: false +Style/MagicCommentFormat: + Enabled: false +Style/MapCompactWithConditionalBlock: + Enabled: false +Style/MapToHash: + Enabled: false +Style/MapToSet: + Enabled: false +Style/MinMaxComparison: + Enabled: false +Style/MultilineInPatternThen: + Enabled: false +Style/NegatedIfElseCondition: + Enabled: false +Style/NestedFileDirname: + Enabled: false +Style/NilLambda: + Enabled: false +Style/NumberedParameters: + Enabled: false +Style/NumberedParametersLimit: + Enabled: false +Style/ObjectThen: + Enabled: false +Style/OpenStructUse: + Enabled: false +Style/OperatorMethodCall: + Enabled: false +Style/QuotedSymbols: + Enabled: false +Style/RedundantArgument: + Enabled: false +Style/RedundantConstantBase: + Enabled: false +Style/RedundantDoubleSplatHashBraces: + Enabled: false +Style/RedundantEach: + Enabled: false +Style/RedundantHeredocDelimiterQuotes: + Enabled: false +Style/RedundantInitialize: + Enabled: false +Style/RedundantLineContinuation: + Enabled: false +Style/RedundantSelfAssignmentBranch: + Enabled: false +Style/RedundantStringEscape: + Enabled: false +Style/SelectByRegexp: + Enabled: false +Style/StringChars: + Enabled: false +Style/SwapValues: + Enabled: false diff --git a/Gemfile b/Gemfile index e74c3da..7c330d6 100644 --- a/Gemfile +++ b/Gemfile @@ -10,16 +10,23 @@ ENV['PDK_DISABLE_ANALYTICS'] ||= 'true' gem_sources.each { |gem_source| source gem_source } +group :syntax do + gem 'metadata-json-lint' + gem 'puppet-lint-trailing_comma-check', require: false + gem 'rubocop', '~> 1.68.0' + gem 'rubocop-performance', '~> 1.23.0' + gem 'rubocop-rake', '~> 0.6.0' + gem 'rubocop-rspec', '~> 3.2.0' +end + group :test do puppet_version = ENV.fetch('PUPPET_VERSION', ['>= 7', '< 9']) major_puppet_version = Array(puppet_version).first.scan(%r{(\d+)(?:\.|\Z)}).flatten.first.to_i gem 'hiera-puppet-helper' - gem 'metadata-json-lint' gem 'pathspec', '~> 0.2' if Gem::Requirement.create('< 2.6').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem('pdk', ENV.fetch('PDK_VERSION', ['>= 2.0', '< 4.0']), require: false) if major_puppet_version > 5 gem 'puppet', puppet_version gem 'puppetlabs_spec_helper' - gem 'puppet-lint-trailing_comma-check', require: false gem 'puppet-strings' gem 'rake' gem 'rspec' diff --git a/spec/acceptance/suites/default/00_default_spec.rb b/spec/acceptance/suites/default/00_default_spec.rb index de18fb6..d568296 100644 --- a/spec/acceptance/suites/default/00_default_spec.rb +++ b/spec/acceptance/suites/default/00_default_spec.rb @@ -7,88 +7,88 @@ describe 'rkhunter class' do hosts.each do |host| - let(:manifest) { + let(:manifest) do <<~MANIFEST include 'rkhunter' MANIFEST - } + end context 'default parameters' do # Using puppet_apply as a helper - it 'should work with no errors' do - apply_manifest_on(host, manifest, :catch_failures => true) + it 'works with no errors' do + apply_manifest_on(host, manifest, catch_failures: true) end - it 'should be idempotent' do - apply_manifest_on(host, manifest, :catch_changes => true) + it 'is idempotent' do + apply_manifest_on(host, manifest, catch_changes: true) end - if host[:platform] =~ %r{el-7-x86_64} - it 'should install unhide' do - expect(check_for_package(host,'unhide')).to be true + if host[:platform].include?('el-7-x86_64') + it 'installs unhide' do + expect(check_for_package(host, 'unhide')).to be true end end - it 'should have rkhunter installed' do - expect(check_for_package(host,'rkhunter')).to be true + it 'has rkhunter installed' do + expect(check_for_package(host, 'rkhunter')).to be true end - it 'should create the conf file' do + it 'creates the conf file' do on(host, %(test -f /etc/rkhunter.conf)) end - it 'should be running puppet_rkhunter_check.timer' do + it 'is running puppet_rkhunter_check.timer' do output = on(host, 'puppet resource service puppet_rkhunter_check.timer --to_yaml').stdout - service = YAML.load(output)['service']['puppet_rkhunter_check.timer'] - expect{ service['ensure'].to eq 'running' } - expect{ service['enable'].to eq 'true' } + service = YAML.safe_load(output)['service']['puppet_rkhunter_check.timer'] + expect { service['ensure'].to eq 'running' } + expect { service['enable'].to eq 'true' } end - it 'should be running puppet_rkhunter_check.service' do + it 'is running puppet_rkhunter_check.service' do output = on(host, 'puppet resource service puppet_rkhunter_check.service --to_yaml').stdout - service = YAML.load(output)['service']['puppet_rkhunter_check.timer'] - expect{ service['ensure'].to eq 'running' } - expect{ service['enable'].to eq 'true' } + service = YAML.safe_load(output)['service']['puppet_rkhunter_check.timer'] + expect { service['ensure'].to eq 'running' } + expect { service['enable'].to eq 'true' } end - it 'should be running puppet_rkhunter_update.timer' do + it 'is running puppet_rkhunter_update.timer' do output = on(host, 'puppet resource service puppet_rkhunter_update.timer --to_yaml').stdout - service = YAML.load(output)['service']['puppet_rkhunter_update.timer'] - expect{ service['ensure'].to eq 'running' } - expect{ service['enable'].to eq 'true' } + service = YAML.safe_load(output)['service']['puppet_rkhunter_update.timer'] + expect { service['ensure'].to eq 'running' } + expect { service['enable'].to eq 'true' } end - it 'should be running puppet_rkhunter_update.service' do + it 'is running puppet_rkhunter_update.service' do output = on(host, 'puppet resource service puppet_rkhunter_update.service --to_yaml').stdout - service = YAML.load(output)['service']['puppet_rkhunter_update.timer'] - expect{ service['ensure'].to eq 'running' } - expect{ service['enable'].to eq 'true' } + service = YAML.safe_load(output)['service']['puppet_rkhunter_update.timer'] + expect { service['ensure'].to eq 'running' } + expect { service['enable'].to eq 'true' } end - it 'should not have the root cron entry for rkhunter_check' do + it 'does not have the root cron entry for rkhunter_check' do output = on(host, 'puppet resource cron rkhunter_check --to_yaml').stdout - cron = YAML.load(output)['cron']['rkhunter_check'] - expect{ cron['ensure'].to eq 'absent' } + cron = YAML.safe_load(output)['cron']['rkhunter_check'] + expect { cron['ensure'].to eq 'absent' } end - it 'should not have the root cron entry for rkhunter_update' do + it 'does not have the root cron entry for rkhunter_update' do output = on(host, 'puppet resource cron rkhunter_update --to_yaml').stdout - cron = YAML.load(output)['cron']['rkhunter_update'] - expect{ cron['ensure'].to eq 'absent' } + cron = YAML.safe_load(output)['cron']['rkhunter_update'] + expect { cron['ensure'].to eq 'absent' } end - it 'should generate the database' do + it 'generates the database' do on(host, %(test -f /var/lib/rkhunter/db/rkhunter.dat)) end - it 'should run rkhutner successfully without warnings' do + it 'runs rkhutner successfully without warnings' do on(host, %(sed -i 's/^PATH=PATH/export PATH=PATH/' .ssh/environment;)) on(host, %(rkhunter --check --skip-keypress --disable passwd_changes,group_changes,system_configs_ssh)) end - it 'should generate a valid log when problems are found' do + it 'generates a valid log when problems are found' do on(host, %(touch /bin/.login)) - on(host, %(rkhunter --check --skip-keypress --disable passwd_changes,group_changes,system_configs_ssh), :acceptable_exit_codes => 1) + on(host, %(rkhunter --check --skip-keypress --disable passwd_changes,group_changes,system_configs_ssh), acceptable_exit_codes: 1) on(host, %(grep 'Warning: Found login backdoor file: /bin/.login' /var/log/rkhunter/rkhunter.log)) end end @@ -101,53 +101,53 @@ } end - it 'should work with no errors' do + it 'works with no errors' do set_hieradata_on(host, hieradata) - apply_manifest_on(host, manifest, :catch_failures => true) + apply_manifest_on(host, manifest, catch_failures: true) end - it 'should be idempotent' do - apply_manifest_on(host, manifest, :catch_changes => true) + it 'is idempotent' do + apply_manifest_on(host, manifest, catch_changes: true) end - it 'should not be running puppet_rkhunter_check.timer' do + it 'is not running puppet_rkhunter_check.timer' do output = on(host, 'puppet resource service puppet_rkhunter_check.timer --to_yaml').stdout - service = YAML.load(output)['service']['puppet_rkhunter_check.timer'] - expect{ service['ensure'].to eq 'stopped' } - expect{ service['enable'].to eq 'false' } + service = YAML.safe_load(output)['service']['puppet_rkhunter_check.timer'] + expect { service['ensure'].to eq 'stopped' } + expect { service['enable'].to eq 'false' } end - it 'should not be running puppet_rkhunter_check.service' do + it 'is not running puppet_rkhunter_check.service' do output = on(host, 'puppet resource service puppet_rkhunter_check.service --to_yaml').stdout - service = YAML.load(output)['service']['puppet_rkhunter_check.timer'] - expect{ service['ensure'].to eq 'stopped' } - expect{ service['enable'].to eq 'false' } + service = YAML.safe_load(output)['service']['puppet_rkhunter_check.timer'] + expect { service['ensure'].to eq 'stopped' } + expect { service['enable'].to eq 'false' } end - it 'should not be running puppet_rkhunter_update.timer' do + it 'is not running puppet_rkhunter_update.timer' do output = on(host, 'puppet resource service puppet_rkhunter_update.timer --to_yaml').stdout - service = YAML.load(output)['service']['puppet_rkhunter_update.timer'] - expect{ service['ensure'].to eq 'stopped' } - expect{ service['enable'].to eq 'false' } + service = YAML.safe_load(output)['service']['puppet_rkhunter_update.timer'] + expect { service['ensure'].to eq 'stopped' } + expect { service['enable'].to eq 'false' } end - it 'should not be running puppet_rkhunter_update.service' do + it 'is not running puppet_rkhunter_update.service' do output = on(host, 'puppet resource service puppet_rkhunter_update.service --to_yaml').stdout - service = YAML.load(output)['service']['puppet_rkhunter_update.timer'] - expect{ service['ensure'].to eq 'stopped' } - expect{ service['enable'].to eq 'false' } + service = YAML.safe_load(output)['service']['puppet_rkhunter_update.timer'] + expect { service['ensure'].to eq 'stopped' } + expect { service['enable'].to eq 'false' } end - it 'should have the root cron entry for rkhunter_check' do + it 'has the root cron entry for rkhunter_check' do output = on(host, 'puppet resource cron rkhunter_check --to_yaml').stdout - cron = YAML.load(output)['cron']['rkhunter_check'] - expect{ cron['command'].to eq '/usr/bin/rkhunter --check --skip-keypress --quiet' } + cron = YAML.safe_load(output)['cron']['rkhunter_check'] + expect { cron['command'].to eq '/usr/bin/rkhunter --check --skip-keypress --quiet' } end - it 'should have the root cron entry for rkhunter_update' do + it 'has the root cron entry for rkhunter_update' do output = on(host, 'puppet resource cron rkhunter_update --to_yaml').stdout - cron = YAML.load(output)['cron']['rkhunter_update'] - expect{ cron['command'].to eq '/usr/bin/rkhunter --update --nocolors' } + cron = YAML.safe_load(output)['cron']['rkhunter_update'] + expect { cron['command'].to eq '/usr/bin/rkhunter --update --nocolors' } end end end diff --git a/spec/classes/check_spec.rb b/spec/classes/check_spec.rb index 68f9c82..042fac2 100644 --- a/spec/classes/check_spec.rb +++ b/spec/classes/check_spec.rb @@ -2,7 +2,7 @@ describe 'rkhunter::check' do context 'supported operating systems' do - on_supported_os.each do |os, os_facts| + on_supported_os.each_value do |os_facts| let(:pre_condition) do <<~PRECOND function assert_private(){} @@ -17,12 +17,12 @@ it { is_expected.to create_class('rkhunter::check') } it do - is_expected.to create_systemd__timer('puppet_rkhunter_check.timer'). - with_timer_content(/OnCalendar=\*-\* 1:\d+/). - with_service_content(/Type=oneshot/). - with_service_content(%r{ExecStart=/usr/bin/rkhunter --check --skip-keypress --quiet}). - with_active(true). - with_enable(true) + is_expected.to create_systemd__timer('puppet_rkhunter_check.timer') + .with_timer_content(%r{OnCalendar=\*-\* 1:\d+}) + .with_service_content(%r{Type=oneshot}) + .with_service_content(%r{ExecStart=/usr/bin/rkhunter --check --skip-keypress --quiet}) + .with_active(true) + .with_enable(true) end it { is_expected.to create_cron('rkhunter_check').with_ensure('absent') } @@ -30,29 +30,30 @@ context 'cron mode' do let(:params) do { - :method => 'cron' + method: 'cron' } end + it { is_expected.to compile.with_all_deps } it { is_expected.to create_class('rkhunter::check') } it do - is_expected.to create_systemd__timer('puppet_rkhunter_check.timer'). - with_timer_content(/OnCalendar=\*-\* 1:\d+/). - with_service_content(/Type=oneshot/). - with_service_content(%r{ExecStart=/usr/bin/rkhunter --check --skip-keypress --quiet}). - with_active(false). - with_enable(false) + is_expected.to create_systemd__timer('puppet_rkhunter_check.timer') + .with_timer_content(%r{OnCalendar=\*-\* 1:\d+}) + .with_service_content(%r{Type=oneshot}) + .with_service_content(%r{ExecStart=/usr/bin/rkhunter --check --skip-keypress --quiet}) + .with_active(false) + .with_enable(false) end it do - is_expected.to create_cron('rkhunter_check'). - with_command('/usr/bin/rkhunter --check --skip-keypress --quiet'). - with_minute(/\d+/). - with_hour(1). - with_monthday('*'). - with_month('*'). - with_weekday('*') + is_expected.to create_cron('rkhunter_check') + .with_command('/usr/bin/rkhunter --check --skip-keypress --quiet') + .with_minute(%r{\d+}) + .with_hour(1) + .with_monthday('*') + .with_month('*') + .with_weekday('*') end end end diff --git a/spec/classes/config_spec.rb b/spec/classes/config_spec.rb index c013770..96dbf51 100644 --- a/spec/classes/config_spec.rb +++ b/spec/classes/config_spec.rb @@ -9,7 +9,7 @@ # config is a private class called by init. # context 'with default parameters' do - it { is_expected.to create_class('Rkhunter::Propupd').with_stage('simp_finalize')} + it { is_expected.to create_class('Rkhunter::Propupd').with_stage('simp_finalize') } it { is_expected.to create_exec('rkhunter_propupd') @@ -26,10 +26,9 @@ .with_validate_cmd('PATH=/sbin:/bin:/usr/sbin:/usr/bin rkhunter -C --configfile %') } - expected_content = File.read(File.join(File.dirname(__FILE__),'../files/rkhunter_conf.txt')) + expected_content = File.read(File.join(File.dirname(__FILE__), '../files/rkhunter_conf.txt')) it { is_expected.to create_file('/etc/rkhunter.conf').with_content(expected_content) } end - end end end diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 057233d..565ee56 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -17,24 +17,24 @@ it { is_expected.to create_package('rkhunter') } if os_facts[:os][:release][:major].to_i >= 8 - it { is_expected.to_not create_package('unhide') } + it { is_expected.not_to create_package('unhide') } else it { is_expected.to create_package('unhide') } end - end context 'when checking for updates' do - let(:params) {{ - :check_for_updates => true, - :install_optional_packages => false - }} + let(:params) do + { + check_for_updates: true, + install_optional_packages: false + } + end it { is_expected.to compile.with_all_deps } it { is_expected.to create_class('rkhunter::update').that_requires('Class[rkhunter::config]') } - it { is_expected.to_not create_package('unhide') } + it { is_expected.not_to create_package('unhide') } end - end end end diff --git a/spec/classes/update_spec.rb b/spec/classes/update_spec.rb index 8f36971..b3c8bdd 100644 --- a/spec/classes/update_spec.rb +++ b/spec/classes/update_spec.rb @@ -2,7 +2,7 @@ describe 'rkhunter::update' do context 'supported operating systems' do - on_supported_os.each do |os, os_facts| + on_supported_os.each_value do |os_facts| let(:pre_condition) do <<~PRECOND function assert_private(){} @@ -17,12 +17,12 @@ it { is_expected.to create_class('rkhunter::update') } it do - is_expected.to create_systemd__timer('puppet_rkhunter_update.timer'). - with_timer_content(/OnCalendar=\*-\* 0:\d+/). - with_service_content(/Type=oneshot/). - with_service_content(%r{ExecStart=/usr/bin/rkhunter --update --nocolors}). - with_active(true). - with_enable(true) + is_expected.to create_systemd__timer('puppet_rkhunter_update.timer') + .with_timer_content(%r{OnCalendar=\*-\* 0:\d+}) + .with_service_content(%r{Type=oneshot}) + .with_service_content(%r{ExecStart=/usr/bin/rkhunter --update --nocolors}) + .with_active(true) + .with_enable(true) end it { is_expected.to create_cron('rkhunter_update').with_ensure('absent') } @@ -30,29 +30,30 @@ context 'cron mode' do let(:params) do { - :method => 'cron' + method: 'cron' } end + it { is_expected.to compile.with_all_deps } it { is_expected.to create_class('rkhunter::update') } it do - is_expected.to create_systemd__timer('puppet_rkhunter_update.timer'). - with_timer_content(/OnCalendar=\*-\* 0:\d+/). - with_service_content(/Type=oneshot/). - with_service_content(%r{ExecStart=/usr/bin/rkhunter --update --nocolors}). - with_active(false). - with_enable(false) + is_expected.to create_systemd__timer('puppet_rkhunter_update.timer') + .with_timer_content(%r{OnCalendar=\*-\* 0:\d+}) + .with_service_content(%r{Type=oneshot}) + .with_service_content(%r{ExecStart=/usr/bin/rkhunter --update --nocolors}) + .with_active(false) + .with_enable(false) end it do - is_expected.to create_cron('rkhunter_update'). - with_command('/usr/bin/rkhunter --update --nocolors'). - with_minute(/\d+/). - with_hour(0). - with_monthday('*'). - with_month('*'). - with_weekday('*') + is_expected.to create_cron('rkhunter_update') + .with_command('/usr/bin/rkhunter --update --nocolors') + .with_minute(%r{\d+}) + .with_hour(0) + .with_monthday('*') + .with_month('*') + .with_weekday('*') end end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index f44bcc2..63033cd 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,4 +1,5 @@ # frozen_string_literal: true + # # ------------------------------------------------------------------------------ # NOTICE: **This file is maintained with puppetsync** @@ -86,7 +87,7 @@ def set_hieradata(hieradata) # If nothing else... c.default_facts = { production: { - #:fqdn => 'production.rspec.test.localdomain', + # :fqdn => 'production.rspec.test.localdomain', path: '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', concat_basedir: '/tmp' } @@ -146,9 +147,9 @@ def set_hieradata(hieradata) # sanitize hieradata if defined?(hieradata) - set_hieradata(hieradata.gsub(':', '_')) + set_hieradata(hieradata.tr(':', '_')) elsif defined?(class_name) - set_hieradata(class_name.gsub(':', '_')) + set_hieradata(class_name.tr(':', '_')) end end @@ -160,9 +161,7 @@ def set_hieradata(hieradata) end Dir.glob("#{RSpec.configuration.module_path}/*").each do |dir| - begin - Pathname.new(dir).realpath - rescue StandardError - raise "ERROR: The module '#{dir}' is not installed. Tests cannot continue." - end + Pathname.new(dir).realpath +rescue StandardError + raise "ERROR: The module '#{dir}' is not installed. Tests cannot continue." end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 3128f6b..c385964 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -18,7 +18,6 @@ end end - RSpec.configure do |c| # ensure that environment OS is ready on each host fix_errata_on hosts @@ -32,29 +31,25 @@ # Configure all nodes in nodeset c.before :suite do + # Install modules and dependencies from spec/fixtures/modules + copy_fixture_modules_to(hosts) begin - # Install modules and dependencies from spec/fixtures/modules - copy_fixture_modules_to( hosts ) - begin - server = only_host_with_role(hosts, 'server') - rescue ArgumentError =>e - server = only_host_with_role(hosts, 'default') - end - - # Generate and install PKI certificates on each SUT - Dir.mktmpdir do |cert_dir| - run_fake_pki_ca_on(server, hosts, cert_dir ) - hosts.each{ |sut| copy_pki_to( sut, cert_dir, '/etc/pki/simp-testing' )} - end + server = only_host_with_role(hosts, 'server') + rescue ArgumentError => e + server = only_host_with_role(hosts, 'default') + end - # add PKI keys - copy_keydist_to(server) - rescue StandardError, ScriptError => e - if ENV['PRY'] - require 'pry'; binding.pry - else - raise e - end + # Generate and install PKI certificates on each SUT + Dir.mktmpdir do |cert_dir| + run_fake_pki_ca_on(server, hosts, cert_dir) + hosts.each { |sut| copy_pki_to(sut, cert_dir, '/etc/pki/simp-testing') } end + + # add PKI keys + copy_keydist_to(server) + rescue StandardError, ScriptError => e + raise e unless ENV['PRY'] + require 'pry' + binding.pry # rubocop:disable Lint/Debugger end end diff --git a/spec/type_aliases/bindpath_spec.rb b/spec/type_aliases/bindpath_spec.rb index 634f8ef..765f03e 100644 --- a/spec/type_aliases/bindpath_spec.rb +++ b/spec/type_aliases/bindpath_spec.rb @@ -2,19 +2,19 @@ describe 'Rkhunter::BindPath' do context 'with valid parameters' do - it { is_expected.to allow_value( '+/this/is/fine' ) } - it { is_expected.to allow_value( '+/this/is/fine /this/too' ) } - it { is_expected.to allow_value( '/this/is/fine +/also/fine' ) } + it { is_expected.to allow_value('+/this/is/fine') } + it { is_expected.to allow_value('+/this/is/fine /this/too') } + it { is_expected.to allow_value('/this/is/fine +/also/fine') } end context 'with invalid parameters' do - it { is_expected.not_to allow_value( 'no/bueno' ) } - it { is_expected.not_to allow_value( '../no/bueno/still' ) } - it { is_expected.not_to allow_value( '*/still/no/bueno/' ) } + it { is_expected.not_to allow_value('no/bueno') } + it { is_expected.not_to allow_value('../no/bueno/still') } + it { is_expected.not_to allow_value('*/still/no/bueno/') } end context 'with silly things' do - it { is_expected.not_to allow_value( [] ) } - it { is_expected.not_to allow_value( '.' ) } - it { is_expected.not_to allow_value( '' ) } - it { is_expected.not_to allow_value( :undef ) } + it { is_expected.not_to allow_value([]) } + it { is_expected.not_to allow_value('.') } + it { is_expected.not_to allow_value('') } + it { is_expected.not_to allow_value(:undef) } end end From 4cdbcf7fdddea45e02d900d8cf53a180af119020 Mon Sep 17 00:00:00 2001 From: Steven Pritchard Date: Tue, 17 Dec 2024 12:24:31 -0600 Subject: [PATCH 2/2] Additional cleanup --- spec/classes/init_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 565ee56..78622c6 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -27,7 +27,7 @@ let(:params) do { check_for_updates: true, - install_optional_packages: false + install_optional_packages: false, } end