recipes/security.rb
Block has too many lines. [54/25] Open
Open
jenkins_script 'configure crowd permissions' do
if node['jenkins-server']['plugins']['crowd2']
# Give all groups that are allowed to authenticate the overall read permission
strategies = []
node['jenkins-server']['plugins']['crowd2']['group'].split(',').each do |group|- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Line is too long. [85/80] Open
Open
'private_key' => node['jenkins-server']['dev_mode']['security']['private_key'],- Exclude checks
Line is too long. [93/80] Open
Open
notifies :execute, node['jenkins-server']['security']['notifies']['resource'], :immediately- Exclude checks
Line is too long. [115/80] Open
Open
# to further customize this resource, copy it into your own recipe and name it "configure custom crowd permissions"- Exclude checks
Use meaningful heredoc delimiters. Open
Open
EOH- Read upRead up
- Exclude checks
This cop checks that your heredocs are using meaningful delimiters.
By default it disallows END and EO*, and can be configured through
blacklisting additional delimiters.
Example:
# good
<<-SQL
SELECT * FROM foo
SQL
# bad
<<-END
SELECT * FROM foo
END
# bad
<<-EOS
SELECT * FROM foo
EOSUse meaningful heredoc delimiters. Open
Open
EOH- Read upRead up
- Exclude checks
This cop checks that your heredocs are using meaningful delimiters.
By default it disallows END and EO*, and can be configured through
blacklisting additional delimiters.
Example:
# good
<<-SQL
SELECT * FROM foo
SQL
# bad
<<-END
SELECT * FROM foo
END
# bad
<<-EOS
SELECT * FROM foo
EOSFavor modifier unless usage when having a single-line body. Another good alternative is the usage of control flow &&/||. Open
Open
unless Chef::Config[:solo]- Read upRead up
- Exclude checks
Checks for if and unless statements that would fit on one line
if written as a modifier if/unless. The maximum line length is
configured in the Metrics/LineLength cop.
Example:
# bad
if condition
do_stuff(bar)
end
unless qux.empty?
Foo.do_something
end
# good
do_stuff(bar) if condition
Foo.do_something unless qux.empty?Line is too long. [108/80] Open
Open
node.run_state[:jenkins_private_key] = File.read("#{Chef::Config[:file_cache_path]}/jenkins-key") # ~FC001- Exclude checks
Line is too long. [83/80] Open
Open
# By default Jenkins allows everybody. Configure "Project Matrix Authorization" and- Exclude checks
Line is too long. [94/80] Open
Open
# copy it into your own recipe and name it "configure custom permissions" for example. And set- Exclude checks
Line is too long. [81/80] Open
Open
notifies :create, 'ruby_block[set jenkins_security_enabled flag]', :immediately- Exclude checks
Line is too long. [91/80] Open
Open
# Set the jenkins_security_enabled flag and set run_state to use the configured private key- Exclude checks
Line is too long. [90/80] Open
Open
# Set the private key in the run state only if security was enabled in a previous chef run- Exclude checks
Line is too long. [81/80] Open
Open
notifies :create, 'ruby_block[set jenkins_security_enabled flag]', :immediately- Exclude checks
Line is too long. [113/80] Open
Open
# default['jenkins-server']['security']['notifies']['resource'] = 'jenkins_script[configure custom permissions]'.- Exclude checks
Line is too long. [101/80] Open
Open
# give the admin user the "administrator" permission. If you want to further customize this resource,- Exclude checks
Line is too long. [103/80] Open
Open
# By default Jenkins allows everybody. Configure "Project Matrix Authorization", the CrowdSecurityRealm- Exclude checks
Prefer {...} over do...end for single-line blocks. Open
Open
block do end- Read upRead up
- Exclude checks
Check for uses of braces or do/end around single line or multi-line blocks.
Example: EnforcedStyle: linecountbased (default)
# bad - single line block
items.each do |item| item / 5 end
# good - single line block
items.each { |item| item / 5 }
# bad - multi-line block
things.map { |thing|
something = thing.some_method
process(something)
}
# good - multi-line block
things.map do |thing|
something = thing.some_method
process(something)
endExample: EnforcedStyle: semantic
# Prefer `do...end` over `{...}` for procedural blocks.
# return value is used/assigned
# bad
foo = map do |x|
x
end
puts (map do |x|
x
end)
# return value is not used out of scope
# good
map do |x|
x
end
# Prefer `{...}` over `do...end` for functional blocks.
# return value is not used out of scope
# bad
each { |x|
x
}
# return value is used/assigned
# good
foo = map { |x|
x
}
map { |x|
x
}.inspectExample: EnforcedStyle: bracesforchaining
# bad
words.each do |word|
word.flip.flop
end.join("-")
# good
words.each { |word|
word.flip.flop
}.join("-")Line is too long. [108/80] Open
Open
# for authentication with a JIRA account and give the admin user the "administrator" permission. If you want- Exclude checks
Line is too long. [82/80] Open
Open
# Give all groups that are allowed to authenticate the overall read permission- Exclude checks
Convert if nested inside else to elsif. Open
Open
if node['dev_mode']- Read upRead up
- Exclude checks
If the else branch of a conditional consists solely of an if node,
it can be combined with the else to become an elsif.
This helps to keep the nesting level from getting too deep.
Example:
# bad
if condition_a
action_a
else
if condition_b
action_b
else
action_c
end
end
# good
if condition_a
action_a
elsif condition_b
action_b
else
action_c
endLine is too long. [86/80] Open
Open
# for example. And set default['jenkins-server']['security']['notifies']['resource'] =- Exclude checks
Line is too long. [82/80] Open
Open
'public_key' => node['jenkins-server']['dev_mode']['security']['public_key']- Exclude checks
Line is too long. [83/80] Open
Open
node['jenkins-server']['plugins']['crowd2']['group'].split(',').each do |group|- Exclude checks