Allow pushing gems with attestations

Signed-off-by: Samuel Giddins <[email protected]>

.rubocop.yml

@@ -1,9 +1,9 @@
 AllCops:
-  TargetRubyVersion: 2.1
+  TargetRubyVersion: 3.1
   Include:
-    - 'Gemfile'
-    - 'Rakefile'
-    - 'gems.gemspec'
+    - "Gemfile"
+    - "Rakefile"
+    - "gems.gemspec"
 
 # Avoid long parameter lists
 ParameterLists:
@@ -21,10 +21,10 @@ BlockNesting:
 # Align with the style guide.
 CollectionMethods:
   PreferredMethods:
-    map:      'collect'
-    reduce:   'inject'
-    find:     'detect'
-    find_all: 'select'
+    map: "collect"
+    reduce: "inject"
+    find: "detect"
+    find_all: "select"
 
 # Limit line length
 LineLength:
@@ -72,13 +72,16 @@ Lambda:
 RaiseArgs:
   EnforcedStyle: compact
 
-TrailingCommaInLiteral:
+Style/TrailingCommaInArrayLiteral:
+  Enabled: false
+
+Style/TrailingCommaInHashLiteral:
   Enabled: false
 
 # Ignore length of describe and context blocks
 Metrics/BlockLength:
   Exclude:
-    - 'spec/**/*_spec.rb'
+    - "spec/**/*_spec.rb"
 
 # The RubyGems /api/v1/dependencies endpoint returns serialized ruby objects
 # that need to be deserialized within Gems::Client#dependencies. :(

Gemfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 gem 'jruby-openssl', :platforms => :jruby
@@ -11,11 +13,11 @@ end
 group :test do
   gem 'backports'
   gem 'coveralls'
+  gem 'rexml'
   gem 'rspec', '>= 3.1.0'
   gem 'rubocop', '~> 1.66'
   gem 'simplecov', '>= 0.9'
   gem 'webmock'
-  gem 'rexml'
   gem 'yardstick'
 end
 

Rakefile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'bundler'
 Bundler::GemHelper.install_tasks
 

gems.gemspec

@@ -1,6 +1,7 @@
 # coding: utf-8
+# frozen_string_literal: true
 
-lib = File.expand_path('../lib', __FILE__)
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'gems/version'
 

lib/gems/abstract_client.rb

@@ -10,9 +10,10 @@ def new(options = {})
       end
 
       # Delegate to Gems::Client
-      def method_missing(method, *args, &block)
+      def method_missing(method, ...)
         return super unless new.respond_to?(method)
-        new.send(method, *args, &block)
+
+        new.send(method, ...)
       end
 
       def respond_to?(method_name, include_private = false)

lib/gems/request.rb

@@ -23,7 +23,7 @@ def put(path, data = {}, content_type = 'application/x-www-form-urlencoded', req
 
   private
 
-    def request(method, path, data, content_type, request_host = host) # rubocop:disable AbcSize, CyclomaticComplexity, MethodLength, ParameterLists, PerceivedComplexity
+    def request(method, path, data, content_type, request_host = host) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/MethodLength, Metrics/ParameterLists, Metrics/PerceivedComplexity
       path += hash_to_query_string(data) if %i[delete get].include? method
       uri = URI.parse [request_host, path].join
       request_class = Net::HTTP.const_get method.to_s.capitalize
@@ -37,6 +37,8 @@ def request(method, path, data, content_type, request_host = host) # rubocop:dis
       case content_type
       when 'application/x-www-form-urlencoded'
         request.form_data = data if %i[post put].include? method
+      when 'multipart/form-data'
+        request.set_form data, content_type if %i[post put].include? method
       when 'application/octet-stream'
         request.body = data
         request.content_length = data.size

lib/gems/v1/client.rb

@@ -61,11 +61,19 @@ def gems(user_handle = nil)
       # @authenticated true
       # @param gem [File] A built gem.
       # @param host [String] A RubyGems compatible host to use.
+      # @param attestations [Array] An array of attestations to push, or `nil`.
       # @return [String]
       # @example
       #   Gems.push File.new 'pkg/gemcutter-0.2.1.gem'
-      def push(gem, host = Configuration::DEFAULT_HOST)
-        post('/api/v1/gems', gem.read, 'application/octet-stream', host)
+      def push(gem, host = Configuration::DEFAULT_HOST, attestations: nil)
+        if attestations
+          post('/api/v1/gems',
+               [['gem', gem.read, {:filename => gem.path, :content_type => 'application/octet-stream'}],
+                ['attestations', "[#{attestations.map(&:read).join(',')}]", {:content_type => 'application/json'}]],
+               'multipart/form-data', host)
+        else
+          post('/api/v1/gems', gem.read, 'application/octet-stream', host)
+        end
       end
 
       # Remove a gem from RubyGems.org's index

spec/gems/client_v1_spec.rb

@@ -93,7 +93,7 @@
       end
 
       it 'submits a gem to RubyGems.org' do
-        push = Gems.push(File.new(File.expand_path('../../fixtures/gems-0.0.8.gem', __FILE__), 'rb'))
+        push = Gems.push(File.new(File.expand_path('../fixtures/gems-0.0.8.gem', __dir__), 'rb'))
         expect(a_post('/api/v1/gems')).to have_been_made
         expect(push).to eq 'Successfully registered gem: gems (0.0.8)'
       end
@@ -105,11 +105,23 @@
           to_return(:body => fixture('push'))
       end
       it 'submits a gem to the passed host' do
-        push = Gems.push(File.new(File.expand_path('../../fixtures/gems-0.0.8.gem', __FILE__), 'rb'), 'http://example.com')
+        push = Gems.push(File.new(File.expand_path('../fixtures/gems-0.0.8.gem', __dir__), 'rb'), 'http://example.com')
         expect(a_post('http://example.com/api/v1/gems'))
         expect(push).to eq 'Successfully registered gem: gems (0.0.8)'
       end
     end
+
+    context 'with the attestations parameter' do
+      before do
+        stub_post('/api/v1/gems').
+          to_return(:body => fixture('push'))
+      end
+      it 'submits a gem to RubyGems.org with attestations' do
+        push = Gems.push(File.new(File.expand_path('../fixtures/gems-0.0.8.gem', __dir__), 'rb'), :attestations => [File.new(File.expand_path('../fixtures/gems-0.0.8.gem', __dir__), 'rb')])
+        expect(a_post('/api/v1/gems')).to have_been_made
+        expect(push).to eq 'Successfully registered gem: gems (0.0.8)'
+      end
+    end
   end
 
   describe '#yank' do