From fbed26f5624dc527ab7f18ecb44fdc60b693b091 Mon Sep 17 00:00:00 2001 From: Tobias Bieniek Date: Fri, 29 Nov 2024 10:47:17 +0100 Subject: [PATCH 1/2] smoke_test: Add "publish with invalid authentication" check This should check a) if publishing without valid authentication fails and b) if HTTP error codes and messages are successfully received and shown by cargo. --- crates/crates_io_smoke_test/src/cargo.rs | 19 +++++++++++++++++++ crates/crates_io_smoke_test/src/main.rs | 16 +++++++++++++++- 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/crates/crates_io_smoke_test/src/cargo.rs b/crates/crates_io_smoke_test/src/cargo.rs index 539406d0cea..d2e5797587e 100644 --- a/crates/crates_io_smoke_test/src/cargo.rs +++ b/crates/crates_io_smoke_test/src/cargo.rs @@ -1,6 +1,7 @@ use crate::exit_status_ext::ExitStatusExt; use secrecy::{ExposeSecret, SecretString}; use std::path::Path; +use std::process::Output; use tokio::process::Command; #[allow(unstable_name_collisions)] @@ -43,3 +44,21 @@ pub async fn publish(project_path: &Path, token: &SecretString) -> anyhow::Resul .exit_ok() .map_err(Into::into) } + +pub async fn publish_with_output( + project_path: &Path, + token: &SecretString, +) -> anyhow::Result { + Command::new("cargo") + .args(["publish", "--registry", "staging"]) + .current_dir(project_path) + .env("CARGO_TERM_COLOR", "always") + .env( + "CARGO_REGISTRIES_STAGING_INDEX", + "https://github.com/rust-lang/staging.crates.io-index", + ) + .env("CARGO_REGISTRIES_STAGING_TOKEN", token.expose_secret()) + .output() + .await + .map_err(Into::into) +} diff --git a/crates/crates_io_smoke_test/src/main.rs b/crates/crates_io_smoke_test/src/main.rs index e3b3d7005b0..c0fedf56396 100644 --- a/crates/crates_io_smoke_test/src/main.rs +++ b/crates/crates_io_smoke_test/src/main.rs @@ -7,7 +7,7 @@ mod git; extern crate tracing; use crate::api::ApiClient; -use anyhow::{anyhow, Context}; +use anyhow::{anyhow, bail, Context}; use clap::Parser; use secrecy::SecretString; use std::path::{Path, PathBuf}; @@ -65,6 +65,20 @@ async fn main() -> anyhow::Result<()> { .await .context("Failed to create project")?; + info!("Checking publish with invalid authentication…"); + let invalid_token = "invalid-token".into(); + let output = cargo::publish_with_output(&project_path, &invalid_token).await?; + if output.status.success() { + bail!("Expected `cargo publish` to fail with invalid token"); + } else { + let stderr = String::from_utf8_lossy(&output.stderr); + if !stderr.contains("401 Unauthorized") + || !stderr.contains("The given API token does not match the format used by crates.io") + { + bail!("Expected `cargo publish` to fail with an `401 Unauthorized` error, but got: {stderr}"); + } + } + if options.skip_publish { info!("Packaging crate file…"); cargo::package(&project_path) From cfd4e9b854bcb4cda999bb1cc1ad6221663b9cc3 Mon Sep 17 00:00:00 2001 From: Tobias Bieniek Date: Fri, 29 Nov 2024 10:48:01 +0100 Subject: [PATCH 2/2] smoke_test: Fix `--skip-publish` behavior In this case we still want to smoke test the version downloads, but with the latest version instead of the one which we did not publish. --- crates/crates_io_smoke_test/src/main.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/crates/crates_io_smoke_test/src/main.rs b/crates/crates_io_smoke_test/src/main.rs index c0fedf56396..a469f5fb82b 100644 --- a/crates/crates_io_smoke_test/src/main.rs +++ b/crates/crates_io_smoke_test/src/main.rs @@ -86,6 +86,7 @@ async fn main() -> anyhow::Result<()> { .context("Failed to run `cargo package`")?; info!("Skipping publish step"); + new_version = old_version; } else { info!("Publishing to staging.crates.io…"); cargo::publish(&project_path, &options.token)