Use metadata['allowed_push_host'] to restrict gem pushing to that host only

[seamusabshere]

Defaults to nil, meaning any host is allowed. Includes tests.

Note that I had to change 2 tests in test_gem_commands_push_command.rb, namely test_execute and test_execute_host; they exploited the fact that gem push previously did not always attempt to load a gem's specification (it only loaded the gemspec if no host was specified). I used existing test helpers to fix those 2 tests.

I figure @rykov of @gemfury will appreciate this.

[drbrain]

Instead of a new option can you use the metadata support? Metadata has the restriction that both the key and value must be a String. When do you allow pushing to multiple hosts?

[seamusabshere]

That's a good point, it's unlikely there's more than one gemserver. Still, it feels a little weird to use key/value metadata instead of a "first-class option" to implement a relatively important form of security for private gems, but maybe that's just needless formalism. If you're sure this should be implemented with metadata, just let me know.

[seamusabshere]

hey guys, should I go with @drbrain's suggestion?

[drbrain]

We're preferring to add new fields in metadata as they don't require a release of RubyGems to use and the gems are buildable on older RubyGems.

[seamusabshere]

@drbrain done!

[seamusabshere]

would this have a higher chance of being accepted/merged if i changed the metadata key to something other than allowed_hosts? does it make sense to people more as allowed_gem_push_servers or something?

[drbrain]

At this time I'm only applying bug fixes as RubyGems 2.1 is imminent. After 2.1 is out I'll flush the queue, this pull request included.

… come to think of it, I like allowed_push_servers, no need to throw "gem" in there everywhere.

[seamusabshere]

hi @drbrain - i changed the key to allowed_push_host, that seemed to be the most concise and accurate name.

[drbrain]

After a quick glance, it looks good. 2.1 will be out next week, so I will merge this after the release.