Use Tempfile for auto-attestation bundles to avoid file conflicts and cleanup issues

[Copilot]

What was the end-user or developer problem that led to this PR?

The attest! method wrote attestation bundles to a deterministic path (#{name}.sigstore.json) next to the gem file, which could overwrite existing files and left artifacts behind after successful pushes.

What is your fix for the problem, implemented in this PR?

Changed attest! to use Tempfile for bundle creation instead of a fixed path:

• Bundle now lives in OS-managed temp directory with unique name
• Added begin...ensure block in send_push_request_with_attestation to unlink bundle after reading
• Uses tempfile.close(false) to prevent premature deletion before sigstore-cli writes to it

User-provided attestations via --attestation flag remain unchanged and are not cleaned up.

Make sure the following tasks are checked

• Describe the problem / feature
• Write tests for features and bug fixes
• Write code to solve the problem
• Make sure you follow the current code style and write meaningful commit messages without tags

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[Copilot]

Pull request overview

This PR iterates on the push command’s auto-attestation flow by switching bundle generation to use a temporary file and ensuring cleanup occurs after the multipart request payload is constructed.

Changes:

• Update Gem::Commands::PushCommand#attest! to create the sigstore bundle using Tempfile instead of a deterministic path.
• Ensure the auto-generated bundle file is removed after it’s read into the multipart request payload.
• Adjust the auto-attestation test to avoid reading the bundle after cleanup.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File	Description
lib/rubygems/commands/push_command.rb	Uses Tempfile for bundle path creation and unlinks the auto-attestation bundle after reading it.
test/rubygems/test_gem_commands_push_command.rb	Updates the auto-attestation test to assert multipart payload contents without rereading a cleaned-up file.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The ensure cleanup uses File.unlink(...) without rescuing errors. If unlink fails (Windows file locking, permissions, race between exist? and unlink), the push could error out even though the request was constructed successfully. Prefer a non-raising cleanup (FileUtils.rm_f) or rescue SystemCallError around the unlink so cleanup failure doesn’t break the command.

[Copilot]

This test exercises the auto-attestation path but no longer asserts the key new behavior: that the generated bundle file is cleaned up after request construction. Add an assertion after @cmd.execute that the file at attestation_path no longer exists to prevent regressions in the cleanup logic.

[Copilot]

attest! creates a Tempfile but only returns its path. Since Tempfile registers a finalizer to unlink the file on GC, the bundle can be deleted between returning from attest! and Gem.read_binary(bundle_path), causing intermittent ENOENT and attestation fallback. Consider managing the tempfile lifetime across signing+reading (e.g., create/hold the Tempfile in send_push_request_with_attestation and only unlink after reading, or use an approach that disables Tempfile auto-unlink and ensures manual cleanup on both success and failure).