[ruby/rubygems] Added test for auto-attestation

hsbt · matzbot · commit e35eaf5695db · 2026-04-01T07:26:17.000Z
ruby/rubygems@df2bdde8e5
diff --git a/test/rubygems/test_gem_commands_push_command.rb b/test/rubygems/test_gem_commands_push_command.rb
@@ -115,32 +115,44 @@ def test_execute_attestation
     assert_equal Gem::Net::HTTP::Post, @fetcher.last_request.class
     content_length = @fetcher.last_request["Content-Length"].to_i
     assert_equal content_length, @fetcher.last_request.body.length
-    assert_equal "multipart", @fetcher.last_request.main_type, @fetcher.last_request.content_type
-    assert_equal "form-data", @fetcher.last_request.sub_type
-    assert_include @fetcher.last_request.type_params, "boundary"
-    boundary = @fetcher.last_request.type_params["boundary"]
+    assert_attestation_multipart Gem.read_binary("#{@path}.sigstore.json")
+  end
 
-    parts = @fetcher.last_request.body.split(/(?:\r\n|\A)--#{Regexp.quote(boundary)}(?:\r\n|--)/m)
-    refute_empty parts
-    assert_empty parts[0]
-    parts.shift # remove the first empty part
+  def test_execute_attestation_auto
+    @response = "Successfully registered gem: freewill (1.0.0)"
+    @fetcher.data["#{Gem.host}/api/v1/gems"] = HTTPResponseFactory.create(body: @response, code: 200, msg: "OK")
 
-    p1 = parts.shift
-    p2 = parts.shift
-    assert_equal "\r\n", parts.shift
-    assert_empty parts
+    attestation_path = "#{@path}.sigstore.json"
+    File.write(attestation_path, "auto-attestation")
+    @cmd.options[:args] = [@path]
 
-    assert_equal [
-      "Content-Disposition: form-data; name=\"gem\"; filename=\"#{@path}\"",
-      "Content-Type: application/octet-stream",
-      nil,
-      Gem.read_binary(@path),
-    ].join("\r\n").b, p1
-    assert_equal [
-      "Content-Disposition: form-data; name=\"attestations\"",
-      nil,
-      "[#{Gem.read_binary("#{@path}.sigstore.json")}]",
-    ].join("\r\n").b, p2
+    @cmd.stub(:attest!, attestation_path) do
+      @cmd.execute
+    end
+
+    assert_equal Gem::Net::HTTP::Post, @fetcher.last_request.class
+    content_length = @fetcher.last_request["Content-Length"].to_i
+    assert_equal content_length, @fetcher.last_request.body.length
+    assert_attestation_multipart Gem.read_binary(attestation_path)
+  end
+
+  def test_execute_attestation_fallback
+    @response = "Successfully registered gem: freewill (1.0.0)"
+    @fetcher.data["#{Gem.host}/api/v1/gems"] = HTTPResponseFactory.create(body: @response, code: 200, msg: "OK")
+
+    @cmd.options[:args] = [@path]
+
+    @cmd.stub(:attest!, proc { raise Gem::Exception, "boom" }) do
+      use_ui @ui do
+        @cmd.execute
+      end
+    end
+
+    assert_match "Failed to push with attestation, retrying without attestation.", @ui.error
+    assert_equal Gem::Net::HTTP::Post, @fetcher.last_request.class
+    assert_equal Gem.read_binary(@path), @fetcher.last_request.body
+    assert_equal "application/octet-stream",
+                 @fetcher.last_request["Content-Type"]
   end
 
   def test_execute_allowed_push_host
@@ -643,6 +655,35 @@ def test_sending_gem_with_no_local_creds
 
   private
 
+  def assert_attestation_multipart(attestation_payload)
+    assert_equal "multipart", @fetcher.last_request.main_type, @fetcher.last_request.content_type
+    assert_equal "form-data", @fetcher.last_request.sub_type
+    assert_include @fetcher.last_request.type_params, "boundary"
+    boundary = @fetcher.last_request.type_params["boundary"]
+
+    parts = @fetcher.last_request.body.split(/(?:\r\n|\A)--#{Regexp.quote(boundary)}(?:\r\n|--)/m)
+    refute_empty parts
+    assert_empty parts[0]
+    parts.shift # remove the first empty part
+
+    p1 = parts.shift
+    p2 = parts.shift
+    assert_equal "\r\n", parts.shift
+    assert_empty parts
+
+    assert_equal [
+      "Content-Disposition: form-data; name=\"gem\"; filename=\"#{@path}\"",
+      "Content-Type: application/octet-stream",
+      nil,
+      Gem.read_binary(@path),
+    ].join("\r\n").b, p1
+    assert_equal [
+      "Content-Disposition: form-data; name=\"attestations\"",
+      nil,
+      "[#{attestation_payload}]",
+    ].join("\r\n").b, p2
+  end
+
   def singleton_gem_class
     class << Gem; self; end
   end
