attestation_spec: another auth case

Signed-off-by: William Woodruff <william@yossarian.net>
2024-05-03 13:17:31 -04:00 · 2024-05-03 13:17:31 -04:00 · 7e43e5aafe
commit 7e43e5aafe
parent 2aa3d77f72
1 changed files with 16 additions and 0 deletions
--- a/Library/Homebrew/test/attestation_spec.rb
+++ b/Library/Homebrew/test/attestation_spec.rb
@ -6,6 +6,7 @@ RSpec.describe Homebrew::Attestation do
  let(:fake_gh) { Pathname.new("/extremely/fake/gh") }
  let(:fake_gh_creds) { "fake-gh-api-token" }
  let(:fake_error_status) { instance_double(Process::Status, exitstatus: 1, termsig: nil) }
+  let(:fake_auth_status) { instance_double(Process::Status, exitstatus: 4, termsig: nil) }
  let(:cached_download) { "/fake/cached/download" }
  let(:fake_bottle_filename) { instance_double(Bottle::Filename, to_s: "fakebottle--1.0.faketag.bottle.tar.gz") }
  let(:fake_bottle_url) { "https://example.com/#{fake_bottle_filename}" }
@ -88,6 +89,21 @@ RSpec.describe Homebrew::Attestation do
      end.to raise_error(described_class::InvalidAttestationError)
    end

+    it "raises auth error when gh subprocess fails with auth exit code" do
+      expect(GitHub::API).to receive(:credentials)
+        .and_return(fake_gh_creds)
+
+      expect(Utils).to receive(:safe_popen_read)
+        .with({ "GH_TOKEN" => fake_gh_creds }, fake_gh, "attestation", "verify", cached_download, "--repo",
+              described_class::HOMEBREW_CORE_REPO, "--format", "json")
+        .and_raise(ErrorDuringExecution.new(["foo"], status: fake_auth_status))
+
+      expect do
+        described_class.check_attestation fake_bottle,
+                                          described_class::HOMEBREW_CORE_REPO
+      end.to raise_error(described_class::GhAuthNeeded)
+    end
+
    it "raises when gh returns invalid JSON" do
      expect(GitHub::API).to receive(:credentials)
        .and_return(fake_gh_creds)