diff options
| -rw-r--r-- | setuptools/command/upload.py | 1 | ||||
| -rw-r--r-- | setuptools/tests/test_upload.py | 26 |
2 files changed, 27 insertions, 0 deletions
diff --git a/setuptools/command/upload.py b/setuptools/command/upload.py index 01fa026c..1851ed28 100644 --- a/setuptools/command/upload.py +++ b/setuptools/command/upload.py @@ -7,6 +7,7 @@ from base64 import standard_b64encode from distutils import log from distutils.command import upload as orig +from distutils.spawn import spawn from distutils.errors import DistutilsError diff --git a/setuptools/tests/test_upload.py b/setuptools/tests/test_upload.py index 6aaac075..3a1bbba9 100644 --- a/setuptools/tests/test_upload.py +++ b/setuptools/tests/test_upload.py @@ -176,3 +176,29 @@ class TestUploadTest: cmd.run() cmd.announce.assert_any_call('Invalid', log.ERROR) + + @mock.patch('setuptools.command.upload.spawn') + def test_upload_file_gpg(self, spawn, patched_upload): + cmd, urlopen = patched_upload + + cmd.sign = True + cmd.identity = "Alice" + cmd.dry_run = True + content_fname = cmd.distribution.dist_files[0][2] + signed_file = content_fname + '.asc' + + with open(signed_file, 'wb') as f: + f.write("signed-data".encode('utf-8')) + + cmd.ensure_finalized() + cmd.run() + + # Make sure that GPG was called + spawn.assert_called_once_with([ + "gpg", "--detach-sign", "--local-user", "Alice", "-a", + content_fname + ], dry_run=True) + + # Read the 'signed' data that was transmitted + entries = patched_upload.get_uploaded_metadata() + assert entries['gpg_signature'] == 'signed-data' |