rubocop: autofix

.rubocop.yml

@@ -1,4 +1,6 @@
 ---
+inherit_from: .rubocop_todo.yml
+
 # Managed by modulesync - DO NOT EDIT
 # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
 

.rubocop_todo.yml

@@ -0,0 +1,34 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2022-06-03 20:21:58 UTC using RuboCop version 1.22.3.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 1
+# Configuration parameters: AllowComments, AllowEmptyLambdas.
+Lint/EmptyBlock:
+  Exclude:
+    - 'lib/puppet/type/firewalld_direct_purge.rb'
+
+# Offense count: 3
+# Configuration parameters: MinNameLength, AllowNamesEndingInNumbers, AllowedNames, ForbiddenNames.
+# AllowedNames: at, by, db, id, in, io, ip, of, on, os, pp, to
+Naming/MethodParameterName:
+  Exclude:
+    - 'lib/puppet/provider/firewalld_zone/firewall_cmd.rb'
+    - 'lib/puppet/type/firewalld_ipset.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: always, always_true, never
+Style/FrozenStringLiteralComment:
+  Exclude:
+    - 'spec/unit/facter/firewalld_version_spec.rb'
+
+# Offense count: 1
+Style/MixinUsage:
+  Exclude:
+    - 'spec/spec_helper_acceptance.rb'

lib/facter/firewalld_version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Return the version of firewalld that is installed
 Facter.add(:firewalld_version) do
   confine { Process.uid.zero? }

lib/puppet/provider/firewalld.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'puppet'
 require 'puppet/type'
 require 'puppet/provider'
@@ -6,18 +8,15 @@ class Puppet::Provider::Firewalld < Puppet::Provider
   @runstate = nil
 
   class << self
-    attr_accessor :running
-    attr_accessor :runstate
+    attr_accessor :running, :runstate
   end
 
   def state
     self.class.state
   end
 
   def self.state
-    if Puppet::Provider::Firewalld.runstate.nil?
-      Puppet::Provider::Firewalld.runstate = check_running_state
-    end
+    Puppet::Provider::Firewalld.runstate = check_running_state if Puppet::Provider::Firewalld.runstate.nil?
     Puppet::Provider::Firewalld.runstate
   end
 
@@ -39,7 +38,7 @@ def self.check_running_state
     # See: https://github.com/crayfishx/puppet-firewalld/issues/96
     #
     debug('Could not determine state of firewalld because the executable is not available')
-    return nil
+    nil
   end
 
   # v3.0.0
@@ -83,7 +82,7 @@ def execute_firewall_cmd(args, zone = @resource[:zone], perm = true, failonfail
   #
   def parse_args(args)
     args = args.flatten.join(' ') if args.is_a?(Array)
-    args.split(%r{(\'[^\']*\'| )}).reject { |r| ['', ' '].include?(r) }
+    args.split(%r{('[^']*'| )}).reject { |r| ['', ' '].include?(r) }
   end
 
   # Occasionally we need to restart firewalld in a transient way between resources

lib/puppet/provider/firewalld_custom_service/firewall_cmd.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'puppet'
 require File.join(File.dirname(__FILE__), '..', 'firewalld.rb')
 
@@ -12,11 +14,9 @@
   def exists?
     builtin = true
 
-    found_resource = execute_firewall_cmd(['--get-services'], nil).strip.split(' ').include?(@resource[:name])
+    found_resource = execute_firewall_cmd(['--get-services'], nil).strip.split.include?(@resource[:name])
 
-    if found_resource && execute_firewall_cmd(['--path-service', @resource[:name]], nil).start_with?('/etc')
-      builtin = false
-    end
+    builtin = false if found_resource && execute_firewall_cmd(['--path-service', @resource[:name]], nil).start_with?('/etc')
 
     return false if builtin && (@resource[:ensure] == :absent)
 
@@ -92,14 +92,12 @@ def ports=(should)
       end
     end
 
-    to_remove .each do |entry|
-      begin
-        port_str = "#{entry['port']}/#{entry['protocol']}"
+    to_remove.each do |entry|
+      port_str = "#{entry['port']}/#{entry['protocol']}"
 
-        execute_firewall_cmd(['--service', @resource[:name], '--remove-port', port_str], nil)
-      rescue Puppet::ExecutionFailure => e
-        errors << "Could not remove port '#{port_str} from #{@resource[:name]}' => #{e}"
-      end
+      execute_firewall_cmd(['--service', @resource[:name], '--remove-port', port_str], nil)
+    rescue Puppet::ExecutionFailure => e
+      errors << "Could not remove port '#{port_str} from #{@resource[:name]}' => #{e}"
     end
 
     raise Puppet::ResourceError, errors.join("\n") unless errors.empty?
@@ -120,27 +118,21 @@ def protocols=(should)
     else
       to_remove = @property_hash[:protocols] - should
       ports_protos = []
-      unless @resource[:ports].include?(:unset)
-        ports_protos = Array(@resource[:ports]).select { |x| x['port'].nil? }.map { |x| x['protocol'] }
-      end
+      ports_protos = Array(@resource[:ports]).select { |x| x['port'].nil? }.map { |x| x['protocol'] } unless @resource[:ports].include?(:unset)
       to_add = (should + ports_protos) - @property_hash[:protocols]
     end
 
     errors = []
     to_add.each do |entry|
-      begin
-        execute_firewall_cmd(['--service', @resource[:name], '--add-protocol', entry], nil)
-      rescue Puppet::ExecutionFailure => e
-        errors << "Could not add protocol '#{entry} to #{@resource[:name]}' => #{e}"
-      end
+      execute_firewall_cmd(['--service', @resource[:name], '--add-protocol', entry], nil)
+    rescue Puppet::ExecutionFailure => e
+      errors << "Could not add protocol '#{entry} to #{@resource[:name]}' => #{e}"
     end
 
     to_remove.each do |entry|
-      begin
-        execute_firewall_cmd(['--service', @resource[:name], '--remove-protocol', entry], nil)
-      rescue Puppet::ExecutionFailure => e
-        errors << "Could not remove protocol'#{entry} from #{@resource[:name]}' => #{e}"
-      end
+      execute_firewall_cmd(['--service', @resource[:name], '--remove-protocol', entry], nil)
+    rescue Puppet::ExecutionFailure => e
+      errors << "Could not remove protocol'#{entry} from #{@resource[:name]}' => #{e}"
     end
 
     raise Puppet::ResourceError, errors.join("\n") unless errors.empty?
@@ -165,19 +157,15 @@ def modules=(should)
 
     errors = []
     to_add.each do |entry|
-      begin
-        execute_firewall_cmd(['--service', @resource[:name], '--add-module', entry], nil)
-      rescue Puppet::ExecutionFailure => e
-        errors << "Could not add module '#{entry} to #{@resource[:name]}' => #{e}"
-      end
+      execute_firewall_cmd(['--service', @resource[:name], '--add-module', entry], nil)
+    rescue Puppet::ExecutionFailure => e
+      errors << "Could not add module '#{entry} to #{@resource[:name]}' => #{e}"
     end
 
     to_remove.each do |entry|
-      begin
-        execute_firewall_cmd(['--service', @resource[:name], '--remove-module', entry], nil)
-      rescue Puppet::ExecutionFailure => e
-        errors << "Could not remove module '#{entry} from #{@resource[:name]}' => #{e}"
-      end
+      execute_firewall_cmd(['--service', @resource[:name], '--remove-module', entry], nil)
+    rescue Puppet::ExecutionFailure => e
+      errors << "Could not remove module '#{entry} from #{@resource[:name]}' => #{e}"
     end
 
     raise Puppet::ResourceError, errors.join("\n") unless errors.empty?
@@ -230,7 +218,7 @@ def destinations
     return @destinations if @destinations
 
     @destinations = execute_firewall_cmd(['--service', @resource[:name], '--get-destinations'], nil).strip.split(%r{\s+})
-    @destinations = Hash[@destinations.map { |x| x.split(':', 2) }]
+    @destinations = @destinations.map { |x| x.split(':', 2) }.to_h
 
     @destinations
   end

lib/puppet/provider/firewalld_direct_chain/firewall_cmd.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'puppet'
 require File.join(File.dirname(__FILE__), '..', 'firewalld.rb')
 

lib/puppet/provider/firewalld_direct_passthrough/firewall_cmd.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'puppet'
 require File.join(File.dirname(__FILE__), '..', 'firewalld.rb')
 

lib/puppet/provider/firewalld_direct_purge/firewall_cmd.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'puppet'
 require File.join(File.dirname(__FILE__), '..', 'firewalld.rb')
 
@@ -8,14 +10,16 @@
   desc 'Meta provider to the firewalld_direct_purge type'
 
   def get_instances_of(restype)
-    raise Puppet::Error, "Unknown type #{restype}" unless [:chain, :passthrough, :rule].include?(restype)
+    raise Puppet::Error, "Unknown type #{restype}" unless %i[chain passthrough rule].include?(restype)
+
     perm = execute_firewall_cmd(['--direct', "--get-all-#{restype}s"], nil).split(%r{\n})
     curr = execute_firewall_cmd(['--direct', "--get-all-#{restype}s"], nil, false).split(%r{\n})
     [perm, curr].flatten.uniq
   end
 
   def purge_resources(restype, args)
-    raise Puppet::Error, "Unknown type #{restype}" unless [:chain, :passthrough, :rule].include?(restype)
+    raise Puppet::Error, "Unknown type #{restype}" unless %i[chain passthrough rule].include?(restype)
+
     execute_firewall_cmd(['--direct', "--remove-#{restype}", parse_args(args)], nil)
   end
 end

lib/puppet/provider/firewalld_direct_rule/firewall_cmd.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'puppet'
 require File.join(File.dirname(__FILE__), '..', 'firewalld.rb')
 

lib/puppet/provider/firewalld_ipset/firewall_cmd.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'puppet'
 require File.join(File.dirname(__FILE__), '..', 'firewalld.rb')
 
@@ -10,13 +12,13 @@
   mk_resource_methods
 
   def self.instances
-    ipset_ids = execute_firewall_cmd(['--get-ipsets'], nil).split(' ')
+    ipset_ids = execute_firewall_cmd(['--get-ipsets'], nil).split
     ipset_ids.map do |ipset_id|
       ipset_raw = execute_firewall_cmd(["--info-ipset=#{ipset_id}"], nil)
       raw_options = ipset_raw.match(%r{options: (.*)})
       options = {}
       if raw_options
-        raw_options[1].split(' ').each do |v|
+        raw_options[1].split.each do |v|
           k, v = v.split('=')
           options[k.to_sym] = v
         end
@@ -61,7 +63,7 @@ def create
     @resource[:entries].each { |e| add_entry(e) } if @resource[:manage_entries]
   end
 
-  [:type, :maxelem, :family, :hashsize, :timeout].each do |method|
+  %i[type maxelem family hashsize timeout].each do |method|
     define_method("#{method}=") do |should|
       info("Destroying and creating ipset #{@resource[:name]}")
       destroy

lib/puppet/provider/firewalld_port/firewall_cmd.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'puppet'
 require File.join(File.dirname(__FILE__), '..', 'firewalld.rb')
 

lib/puppet/provider/firewalld_rich_rule/firewall_cmd.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'puppet'
 require File.join(File.dirname(__FILE__), '..', 'firewalld.rb')
 
@@ -26,6 +28,7 @@ def key_val_opt(opt, resource_param = opt)
   def eval_source
     args = []
     return [] unless (addr = @resource[:source])
+
     invert = addr['invert'] ? ' NOT' : ''
     args << "source#{invert}"
     args << quote_keyval('address', addr['address'])
@@ -36,6 +39,7 @@ def eval_source
   def eval_dest
     args = []
     return [] unless (addr = @resource[:dest])
+
     invert = addr['invert'] ? ' NOT' : ''
     args << "destination#{invert}"
     args << quote_keyval('address', addr['address'])
@@ -44,7 +48,7 @@ def eval_dest
   end
 
   def elements
-    [:service, :port, :protocol, :icmp_block, :icmp_type, :masquerade, :forward_port]
+    %i[service port protocol icmp_block icmp_type masquerade forward_port]
   end
 
   def eval_element
@@ -76,6 +80,7 @@ def eval_element
 
   def eval_log
     return [] unless @resource[:log]
+
     args = []
     args << 'log'
     if @resource[:log].is_a?(Hash)
@@ -88,16 +93,16 @@ def eval_log
 
   def eval_audit
     return [] unless @resource[:audit]
+
     args = []
     args << 'audit'
-    if @resource[:audit].is_a?(Hash)
-      args << quote_keyval('limit value', @resource[:log]['limit'])
-    end
+    args << quote_keyval('limit value', @resource[:log]['limit']) if @resource[:audit].is_a?(Hash)
     args
   end
 
   def eval_action
     return [] unless (action = @resource[:action])
+
     args = []
     if action.is_a?(Hash)
       args << action[:action]
@@ -109,6 +114,7 @@ def eval_action
 
   def build_rich_rule
     return @resource[:raw_rule] if @resource[:raw_rule]
+
     rule = ['rule']
     rule << [
       key_val_opt('family'),

lib/puppet/provider/firewalld_service/firewall_cmd.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'puppet'
 require File.join(File.dirname(__FILE__), '..', 'firewalld.rb')
 
@@ -8,7 +10,7 @@
   desc 'Interact with firewall-cmd'
 
   def exists?
-    execute_firewall_cmd(['--list-services']).split(' ').include?(@resource[:service])
+    execute_firewall_cmd(['--list-services']).split.include?(@resource[:service])
   end
 
   def create