Update of rubocop to 0.65

Signed-off-by: Artem Sidorenko <[email protected]>
sean-nixon · Mar 8, 2019 · e46d184 · e46d184
1 parent 56b3957
commit e46d184
Show file tree

Hide file tree

Showing 37 changed files with 134 additions and 147 deletions.
diff --git a/.rubocop.yml b/.rubocop.yml
@@ -4,7 +4,7 @@ AllCops:
   Exclude:
   - vendor/**/*
   - test/**/*
-  TargetRubyVersion: 2.1 # we need this because of chef 12.5.1 support
+  TargetRubyVersion: 2.5
 Metrics/AbcSize:
   Max: 29
 Metrics/LineLength:
@@ -17,26 +17,17 @@ Style/Documentation:
   Enabled: false
 Layout/DotPosition:
   EnforcedStyle: trailing
-  Enabled: true
-Style/Encoding:
-  EnforcedStyle: always
-  Enabled: true
 Layout/ExtraSpacing:
   Exclude:
     - attributes/default.rb
-Style/HashSyntax:
-  Enabled: true
-Style/NumericLiteralPrefix:
-  Enabled: false
+Layout/AlignHash:
+  EnforcedHashRocketStyle: table
+  EnforcedColonStyle: table
 Style/NumericLiterals:
   MinDigits: 10
-Style/RegexpLiteral:
-  AllowInnerSlashes: true
 Layout/SpaceAroundOperators:
   Exclude:
     - attributes/default.rb
 Metrics/BlockLength:
   Exclude:
     - 'spec/**/*'
-Style/FrozenStringLiteralComment:
-  Enabled: false
diff --git a/Berksfile b/Berksfile
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 source 'https://supermarket.chef.io'
 

diff --git a/Gemfile b/Gemfile
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 source 'https://rubygems.org'
 
@@ -10,7 +10,7 @@ group :test do
   gem 'coveralls', require: false
   gem 'foodcritic', '~> 15.1'
   gem 'rake'
-  gem 'rubocop', '~> 0.49.0'
+  gem 'rubocop', '~> 0.65.0'
   gem 'simplecov', '~> 0.16'
 end
 

diff --git a/Rakefile b/Rakefile
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 # rubocop:disable Style/SymbolArray
 
@@ -65,8 +65,8 @@ end
 
 desc 'Run kitchen integration tests'
 task :kitchen do
-  SSH_KEY_FILE = '~/.ssh/ci_id_rsa'.freeze
-  SSH_KEY_ENV_VAR_NAME = 'CI_SSH_KEY'.freeze
+  SSH_KEY_FILE = '~/.ssh/ci_id_rsa'
+  SSH_KEY_ENV_VAR_NAME = 'CI_SSH_KEY'
   concurrency = ENV['CONCURRENCY'] || 1
   instance = ENV['INSTANCE'] || ''
   args = ENV['CI'] ? '--destroy=always' : ''
@@ -92,3 +92,4 @@ task :kitchen do
 
   sh('sh', '-c', "bundle exec kitchen test -c #{concurrency} #{args} #{instance}")
 end
+# rubocop:enable Style/SymbolArray
diff --git a/attributes/default.rb b/attributes/default.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name:: os-hardening

diff --git a/attributes/sysctl.rb b/attributes/sysctl.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name:: os-hardening

diff --git a/libraries/apt_package_extras.rb b/libraries/apt_package_extras.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name:: os-hardening

diff --git a/libraries/cookbook_version.rb b/libraries/cookbook_version.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name:: os-hardening
@@ -24,9 +24,7 @@ class Chef
   class Recipe
     def cookbook_version(cookbook_name, version_contraint)
       cb = run_context.cookbook_collection[cookbook_name]
-      if cb.nil?
-        raise "Can't find cookbook #{cookbook_name}! Can't determine its version."
-      end
+      raise "Can't find cookbook #{cookbook_name}! Can't determine its version." if cb.nil?
 
       v = cb.metadata.version
       Chef::VersionConstraint::Platform.new(version_contraint).include?(v)

diff --git a/libraries/gpgcheck.rb b/libraries/gpgcheck.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name:: os-hardening
@@ -31,6 +31,7 @@ def self.check(file)
         File.open(file) do |f|
           f.each_line do |line|
             next unless pattern.match(line)
+
             Chef::Log.warn file + ': gpgcheck=1 not properly configured'
           end
         end

diff --git a/libraries/helpers_param.rb b/libraries/helpers_param.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name:: os-hardening
@@ -23,15 +23,15 @@
 module SysctlCookbook
   module SysctlHelpers
     module Param
-      def coerce_attributes(a, out = nil)
-        case a
+      def coerce_attributes(attr, out = nil)
+        case attr
         when Array
-          "#{out}=#{a.join(' ')}"
+          "#{out}=#{attr.join(' ')}"
         when String, Integer
-          "#{out}=#{a}"
+          "#{out}=#{attr}"
         when Hash
           out += '.' unless out.nil?
-          a.map { |k, v| coerce_attributes(v, "#{out}#{k}") }.flatten.sort
+          attr.map { |k, v| coerce_attributes(v, "#{out}#{k}") }.flatten.sort
         end
       end
     end

diff --git a/libraries/suid_sgid.rb b/libraries/suid_sgid.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name:: os-hardening

diff --git a/metadata.rb b/metadata.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8 # ~FC061
+# frozen_string_literal: true
 
 #
 # Copyright 2014, Deutsche Telekom AG

diff --git a/recipes/apt.rb b/recipes/apt.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name: os-hardening

diff --git a/recipes/auditd.rb b/recipes/auditd.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name: os-hardening

diff --git a/recipes/default.rb b/recipes/default.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name: os-hardening

diff --git a/recipes/limits.rb b/recipes/limits.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name: os-hardening
@@ -31,7 +31,5 @@
   mode '0440'
   owner 'root'
   group 'root'
-  if node['os-hardening']['security']['kernel']['enable_core_dump']
-    action :delete
-  end
+  action :delete if node['os-hardening']['security']['kernel']['enable_core_dump']
 end
diff --git a/recipes/login_defs.rb b/recipes/login_defs.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name: os-hardening
@@ -26,23 +26,23 @@
   owner 'root'
   group 'root'
   variables(
-    additional_user_paths: node['os-hardening']['env']['extra_user_paths'].join(':'), # :/usr/local/games:/usr/games
-    umask: node['os-hardening']['env']['umask'],
-    password_max_age: node['os-hardening']['auth']['pw_max_age'],
-    password_min_age: node['os-hardening']['auth']['pw_min_age'],
-    password_warn_age: node['os-hardening']['auth']['pw_warn_age'],
-    login_retries: node['os-hardening']['auth']['retries'],
-    login_timeout: node['os-hardening']['auth']['timeout'],
-    chfn_restrict: '', # "rwh"
+    additional_user_paths:    node['os-hardening']['env']['extra_user_paths'].join(':'), # :/usr/local/games:/usr/games
+    umask:                    node['os-hardening']['env']['umask'],
+    password_max_age:         node['os-hardening']['auth']['pw_max_age'],
+    password_min_age:         node['os-hardening']['auth']['pw_min_age'],
+    password_warn_age:        node['os-hardening']['auth']['pw_warn_age'],
+    login_retries:            node['os-hardening']['auth']['retries'],
+    login_timeout:            node['os-hardening']['auth']['timeout'],
+    chfn_restrict:            '', # "rwh"
     allow_login_without_home: node['os-hardening']['auth']['allow_homeless'],
-    uid_min: node['os-hardening']['auth']['uid_min'],
-    uid_max: node['os-hardening']['auth']['uid_max'],
-    gid_min: node['os-hardening']['auth']['gid_min'],
-    gid_max: node['os-hardening']['auth']['gid_max'],
-    sys_uid_min: node['os-hardening']['auth']['sys_uid_min'],
-    sys_uid_max: node['os-hardening']['auth']['sys_uid_max'],
-    sys_gid_min: node['os-hardening']['auth']['sys_gid_min'],
-    sys_gid_max: node['os-hardening']['auth']['sys_gid_max'],
-    mail_dir: node['os-hardening']['auth']['maildir']
+    uid_min:                  node['os-hardening']['auth']['uid_min'],
+    uid_max:                  node['os-hardening']['auth']['uid_max'],
+    gid_min:                  node['os-hardening']['auth']['gid_min'],
+    gid_max:                  node['os-hardening']['auth']['gid_max'],
+    sys_uid_min:              node['os-hardening']['auth']['sys_uid_min'],
+    sys_uid_max:              node['os-hardening']['auth']['sys_uid_max'],
+    sys_gid_min:              node['os-hardening']['auth']['sys_gid_min'],
+    sys_gid_max:              node['os-hardening']['auth']['sys_gid_max'],
+    mail_dir:                 node['os-hardening']['auth']['maildir']
   )
 end
diff --git a/recipes/minimize_access.rb b/recipes/minimize_access.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name: os-hardening

diff --git a/recipes/packages.rb b/recipes/packages.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name: os-hardening

diff --git a/recipes/pam.rb b/recipes/pam.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name: os-hardening
@@ -51,7 +51,7 @@
     template passwdqc_path do
       source 'pam_passwdqc.erb'
       cookbook node['os-hardening']['auth']['pam']['passwdqc']['template_cookbook']
-      mode 0640
+      mode '0640'
       owner 'root'
       group 'root'
     end
@@ -73,14 +73,14 @@
   end
 
   # configure tally2
-  if node['os-hardening']['auth']['retries'] > 0
+  if node['os-hardening']['auth']['retries'].positive?
     # tally2 is needed for pam
     package 'libpam-modules'
 
     template tally2_path do
       source 'pam_tally2.erb'
       cookbook node['os-hardening']['auth']['pam']['tally2']['template_cookbook']
-      mode 0640
+      mode '0640'
       owner 'root'
       group 'root'
     end
@@ -125,15 +125,15 @@
   template '/etc/pam.d/system-auth-ac' do
     source 'rhel_system_auth.erb'
     cookbook node['os-hardening']['auth']['pam']['system-auth']['template_cookbook']
-    mode 0640
+    mode '0640'
     owner 'root'
     group 'root'
   end
 
   # NSA 2.3.3.5 Upgrade Password Hashing Algorithm to SHA-512
   template '/etc/libuser.conf' do
     source 'rhel_libuser.conf.erb'
-    mode 0640
+    mode '0640'
     owner 'root'
     group 'root'
   end

diff --git a/recipes/profile.rb b/recipes/profile.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name: os-hardening
@@ -21,10 +21,8 @@
 
 template '/etc/profile.d/pinerolo_profile.sh' do
   source 'profile.conf.erb'
-  mode 0755
+  mode '0755'
   owner 'root'
   group 'root'
-  if node['os-hardening']['security']['kernel']['enable_core_dump']
-    action :delete
-  end
+  action :delete if node['os-hardening']['security']['kernel']['enable_core_dump']
 end
diff --git a/recipes/securetty.rb b/recipes/securetty.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name: os-hardening

diff --git a/recipes/selinux.rb b/recipes/selinux.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name: os-hardening
@@ -40,7 +40,7 @@
 
     template '/etc/selinux/config' do
       source 'rhel_selinuxconfig.erb'
-      mode 0644
+      mode '0644'
       owner 'root'
       group 'root'
       variables selinux_mode: node['os-hardening']['security']['selinux_mode']

diff --git a/recipes/suid_sgid.rb b/recipes/suid_sgid.rb
@@ -1,4 +1,4 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
 #
 # Cookbook Name: os-hardening