1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
# frozen_string_literal: true
require_relative "../command"
require_relative "../local_remote_options"
require_relative "../gemcutter_utilities"
require_relative "../package"
class Gem::Commands::PushCommand < Gem::Command
include Gem::LocalRemoteOptions
include Gem::GemcutterUtilities
def description # :nodoc:
<<-EOF
The push command uploads a gem to the push server (the default is
https://rubygems.org) and adds it to the index.
The gem can be removed from the index and deleted from the server using the yank
command. For further discussion see the help for the yank command.
The push command will use ~/.gem/credentials to authenticate to a server, but you can use the RubyGems environment variable GEM_HOST_API_KEY to set the api key to authenticate.
EOF
end
def arguments # :nodoc:
"GEM built gem to push up"
end
def usage # :nodoc:
"#{program_name} GEM"
end
def initialize
super "push", "Push a gem up to the gem server", host: host, attestations: []
@user_defined_host = false
add_proxy_option
add_key_option
add_otp_option
add_option("--host HOST",
"Push to another gemcutter-compatible host",
" (e.g. https://rubygems.org)") do |value, options|
options[:host] = value
@user_defined_host = true
end
add_option("--attestation FILE",
"Push with sigstore attestations") do |value, options|
options[:attestations] << value
end
@host = nil
end
def execute
gem_name = get_one_gem_name
default_gem_server, push_host = get_hosts_for(gem_name)
@host = if @user_defined_host
options[:host]
elsif default_gem_server
default_gem_server
elsif push_host
push_host
else
options[:host]
end
sign_in @host, scope: get_push_scope
send_gem(gem_name)
end
def send_gem(name)
args = [:post, "api/v1/gems"]
_, push_host = get_hosts_for(name)
@host ||= push_host
# Always include @host, even if it's nil
args += [@host, push_host]
say "Pushing gem to #{@host || Gem.host}..."
response = send_push_request(name, args)
with_response response
end
private
def send_push_request(name, args)
scope = get_push_scope
rubygems_api_request(*args, scope: scope) do |request|
body = Gem.read_binary name
if options[:attestations].any?
request.set_form([
["gem", body, { filename: name, content_type: "application/octet-stream" }],
get_attestations_part,
], "multipart/form-data")
else
request.body = body
request.add_field "Content-Type", "application/octet-stream"
request.add_field "Content-Length", request.body.size
end
request.add_field "Authorization", api_key
end
end
def get_hosts_for(name)
gem_metadata = Gem::Package.new(name).spec.metadata
[
gem_metadata["default_gem_server"],
gem_metadata["allowed_push_host"],
]
end
def get_push_scope
:push_rubygem
end
def get_attestations_part
bundles = "[" + options[:attestations].map do |attestation|
Gem.read_binary(attestation)
end.join(",") + "]"
[
"attestations",
bundles,
{ content_type: "application/json" },
]
end
end
|
