Class: RuboCop::Cop::Chef::Correctness::ConditionalRubyShellout

Inherits:

Base

Object
Base
RuboCop::Cop::Chef::Correctness::ConditionalRubyShellout

show all

Extended by:: AutoCorrector

Includes:: RuboCop::Chef::CookbookHelpers

Defined in:: lib/rubocop/cop/chef/correctness/conditional_ruby_shellout.rb

Overview

Don’t use Ruby to shellout in a ‘only_if` / `not_if` conditional. Any string value used in an `only_if` / `not_if` is executed in your system’s shell and the return code of the command is the result for the ‘not_if` / `only_if` determination.

Examples:


### incorrect
cookbook_file '/logs/foo/error.log' do
  source 'error.log'
  only_if { system('wget https://www.bar.com/foobar.txt -O /dev/null') }
end

cookbook_file '/logs/foo/error.log' do
  source 'error.log'
  only_if { shell_out('wget https://www.bar.com/foobar.txt -O /dev/null').exitstatus == 0 }
end

### correct
cookbook_file '/logs/foo/error.log' do
  source 'error.log'
  only_if 'wget https://www.bar.com/foobar.txt -O /dev/null'
end

Constant Summary collapse

MSG =

"Don't use Ruby to shellout in an only_if / not_if conditional when you can shellout directly by wrapping the command in quotes."

Instance Method Summary collapse

#on_block(node) ⇒ Object

Methods included from RuboCop::Chef::CookbookHelpers

#match_property_in_resource?, #match_resource_type?, #method_arg_ast_to_string, #resource_block_name_if_string

Methods inherited from Base

#target_chef_version

Instance Method Details

#on_block(node) ⇒ `Object`

# File 'lib/rubocop/cop/chef/correctness/conditional_ruby_shellout.rb', line 58

def on_block(node)
  conditional_shellout?(node) do |type, val|
    add_offense(node, severity: :refactor) do |corrector|
      corrector.replace(node, "#{type} #{val.source}")
    end
  end
end