fig 2.0.0.pre.alpha.5 → 2.0.0.pre.alpha.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 62f48881b3ac7d401f94298e95315f0500b08a26635ecbc36a47de29e9ef172e
-  data.tar.gz: b1833add69c8cf53d54cd0ce76ee6cc1608c713eb487963f0af679671916e22e
+  metadata.gz: ffb9d7bc5e0a1723f452acc24d3ed117f700814821c5f6b9be69258edeec4903
+  data.tar.gz: cff46d3b93314fc559e0e3ab549b472b9cdc1474363d758ef18c4020fca675b7
 SHA512:
-  metadata.gz: 062e6bb0dc0a5ccaa087022de0398cb641393f2dd4938afeecf1199ab0a8d81ef3b7c6c784d116b9f9b43aac5c769df1e177b12ac85a06fa4c54dd08b7249a7a
-  data.tar.gz: 77ec6f3a04820f24d373304f5289c5164ffd66984f3d6922a6de2d02fd3be288432e0b07a319e52dd36f633f877b109b859b79feef609a7aeef9e32ffe8bd98a
+  metadata.gz: 947d9c97f725fa69e074b0b580ba4698d4e824278c1ea2c71e036e5146030302de5319fe281171bc1727cd8a0194ace497edc731061fb9314317cb3aa52dacfe
+  data.tar.gz: a4c64c9fdf34e90543a790c3caf649cca749a74ef4b3b151902cfe931af17cc2a52d2f99dea12d090fcf8035c448fa5a8e5834b334683be4982882fe42da5e05

data/lib/fig/operating_system.rb

@@ -20,6 +20,7 @@ require 'fig/protocol/ftp'
 require 'fig/protocol/http'
 require 'fig/protocol/sftp'
 require 'fig/protocol/ssh'
+require 'fig/protocol/artifactory'
 require 'fig/repository_error'
 require 'fig/url'
 require 'fig/user_input_error'
@@ -83,8 +84,10 @@ class Fig::OperatingSystem
     @protocols['file'] = Fig::Protocol::File.new
     @protocols['ftp']  = Fig::Protocol::FTP.new login
     @protocols['http'] = Fig::Protocol::HTTP.new
+    @protocols['https'] = Fig::Protocol::HTTP.new
     @protocols['sftp'] = Fig::Protocol::SFTP.new
     @protocols['ssh']  = Fig::Protocol::SSH.new
+    @protocols['art'] = @protocols['artifactory'] = Fig::Protocol::Artifactory.new
   end
 
   def list(dir)

data/lib/fig/protocol/artifactory.rb

@@ -0,0 +1,389 @@
+# coding: utf-8
+
+require 'net/http'
+require 'uri'
+require 'etc'
+require 'thread'
+require 'socket'
+require 'digest'
+require 'time'
+
+require 'artifactory'
+
+require 'fig/logging'
+require 'fig/network_error'
+require 'fig/package_descriptor'
+require 'fig/protocol'
+require 'fig/protocol/netrc_enabled'
+
+
+module Fig; end
+module Fig::Protocol; end
+
+
+# file transfers/storage using https as the transport and artifactory as the backing store
+class Fig::Protocol::Artifactory
+  include Fig::Protocol
+  include Fig::Protocol::NetRCEnabled
+
+  # Artifactory browser API endpoint (undocumented API)
+  BROWSER_API_PATH = 'ui/api/v1/ui/v2/nativeBrowser/'
+
+  # Default number of list entries to fetch on initial iteration
+  INITIAL_LIST_FETCH_SIZE = 20000
+
+  def initialize
+    initialize_netrc
+  end
+
+  # must return a list of strings in the form <package_name>/<version>
+  def download_list(uri)
+    Fig::Logging.info("Downloading list of packages at #{uri}")
+    package_versions = []
+
+    begin
+      # Parse URI to extract base endpoint and repository key
+      # Expected format: https://artifacts.example.com/artifactory/repo-name/
+      parse_uri(uri) => { repo_key:, base_endpoint: }
+      
+      # Create Artifactory client instance
+      authentication = get_authentication_for(uri.host, :prompt_for_login)
+      client_config = { endpoint: base_endpoint }
+      if authentication
+        client_config[:username] = authentication.username
+        client_config[:password] = authentication.password
+      end
+      client = ::Artifactory::Client.new(client_config)
+
+      # Use Artifactory browser API to list directories at repo root
+      list_url = URI.join(base_endpoint, BROWSER_API_PATH, "#{repo_key}/")
+      
+      packages = get_all_artifactory_entries(list_url, client)
+      
+      # Filter to only valid package names upfront
+      valid_packages = packages.select do |package_item|
+        package_item['folder'] && 
+        package_item['name'] =~ Fig::PackageDescriptor::COMPONENT_PATTERN
+      end
+      
+      Fig::Logging.debug("Found #{valid_packages.size} valid packages, fetching versions concurrently...")
+      
+      # Use concurrent requests to fetch version lists (major performance improvement)
+      package_versions = fetch_versions_concurrently(valid_packages, base_endpoint, repo_key, client_config)
+      
+    rescue => e
+      # Follow FTP pattern: log error but don't fail completely
+      Fig::Logging.debug("Could not retrieve package list from #{uri}: #{e.message}")
+    end
+
+    return package_versions.sort
+  end
+
+  def download(art_uri, path, prompt_for_login)
+    Fig::Logging.info("Downloading from artifactory: #{art_uri}")
+
+    uri = httpify_uri(art_uri)
+
+    # Log equivalent curl command for debugging
+    authentication = get_authentication_for(uri.host, prompt_for_login)
+    if authentication
+      Fig::Logging.debug("Equivalent curl: curl -u #{authentication.username}:*** -o '#{path}' '#{uri}'")
+    else
+      Fig::Logging.debug("Equivalent curl: curl -o '#{path}' '#{uri}'")
+    end
+
+    ::File.open(path, 'wb') do |file|
+      file.binmode
+
+      begin
+        download_via_http_get(uri.to_s, file)
+      rescue SystemCallError => error
+        Fig::Logging.debug error.message
+        raise Fig::FileNotFoundError.new error.message, uri
+      rescue SocketError => error
+        Fig::Logging.debug error.message
+        raise Fig::FileNotFoundError.new error.message, uri
+      end
+    end
+
+    return true
+  end
+
+  def upload(local_file, uri)
+    Fig::Logging.info("Uploading #{local_file} to artifactory at #{uri}")
+
+    begin
+      parse_uri(uri) => { repo_key:, base_endpoint:, target_path: }
+
+      # Configure Artifactory gem globally - unlike other methods that can use client instances,
+      # the artifact.upload() method ignores the client: parameter and only uses global config.
+      # This is a limitation of the artifactory gem's upload implementation.
+      authentication = get_authentication_for(uri.host, :prompt_for_login)
+      ::Artifactory.configure do |config|
+        config.endpoint = base_endpoint
+        if authentication
+          config.username = authentication.username
+          config.password = authentication.password
+        end
+      end
+
+      # Log equivalent curl command for debugging
+      if authentication
+        Fig::Logging.debug("Equivalent curl: curl -u #{authentication.username}:*** -T '#{local_file}' '#{uri}'")
+      else
+        Fig::Logging.debug("Equivalent curl: curl -T '#{local_file}' '#{uri}'")
+      end
+
+      # Create artifact and upload
+      artifact = ::Artifactory::Resource::Artifact.new(local_path: local_file)
+      
+      # Collect metadata for upload
+      metadata = collect_upload_metadata(local_file, target_path, uri)
+
+      # Upload with metadata (no client parameter needed - uses global config)
+      artifact.upload(repo_key, target_path, metadata)
+      
+      Fig::Logging.info("Successfully uploaded #{local_file} to #{uri}")
+      
+    rescue ArgumentError => e
+      # Let ArgumentError bubble up for invalid URIs
+      raise e
+    rescue => e
+      Fig::Logging.debug("Upload failed: #{e.message}")
+      raise Fig::NetworkError.new("Failed to upload #{local_file} to #{uri}: #{e.message}")
+    end
+  end
+
+  # we can know this most of the time with the stat api
+  def path_up_to_date?(uri, path, prompt_for_login)
+    Fig::Logging.info("Checking if #{path} is up to date at #{uri}")
+
+    begin
+      parse_uri(uri) => { repo_key:, base_endpoint:, target_path: }
+
+
+      # Create Artifactory client instance (same as upload method)
+      authentication = get_authentication_for(uri.host, prompt_for_login)
+      client_config = { endpoint: base_endpoint }
+      if authentication
+        client_config[:username] = authentication.username
+        client_config[:password] = authentication.password
+      end
+      client = ::Artifactory::Client.new(client_config)
+      
+      # use storage api instead of search - more reliable for virtual repos
+      storage_url = "/api/storage/#{repo_key}/#{target_path}"
+      
+      response = client.get(storage_url)
+      
+      # compare sizes first
+      if response['size'] != ::File.size(path)
+        return false
+      end
+      
+      # compare modification times
+      remote_mtime = Time.parse(response['lastModified'])
+      local_mtime = ::File.mtime(path)
+      
+      if remote_mtime <= local_mtime
+        return true
+      end
+      
+      return false
+    rescue => error
+      Fig::Logging.debug "Error checking if #{path} is up to date: #{error.message}"
+      return nil
+    end
+  end
+
+  private
+
+  def httpify_uri(art_uri)
+    # if we got into the artifactory protocol, we get to assume that the URI
+    # is related to artifactory, which also means we can be assured that the
+    # only scheme that will work is 'https' rather than the faux scheme used
+    # to signal that the URL is artifactory protocol.
+
+    # this is kind of weird b/c `art_uri` will likely be URI::Generic and
+    # everything downstream of here is going to want the type for the URL to
+    # be URI::HTTPS. So, we hack the scheme for the input to `https` then
+    # parse that string to form the https-based URI with the correct type.
+    art_uri.scheme = 'https'
+    URI(art_uri.to_s)
+  end
+
+  def parse_uri(art_uri)
+    uri = httpify_uri(art_uri)
+
+    uri_path = uri.path.chomp('/')
+    path_parts = uri_path.split('/').reject(&:empty?)
+    
+    # Find artifactory in the path and split accordingly
+    artifactory_index = path_parts.index('artifactory')
+    raise ArgumentError, "URI must contain 'artifactory' in path: #{uri}" unless artifactory_index
+    
+    repo_key = path_parts[artifactory_index + 1]
+    raise ArgumentError, "No repository key found in URI: #{uri}" unless repo_key
+    
+    # Everything after repo_key is the target path within the repository
+    target_path = path_parts[(artifactory_index + 2)..-1]&.join('/') || ''
+    
+    # Base endpoint includes everything up to and including /artifactory
+    artifactory_path = path_parts[0..artifactory_index].join('/')
+    the_port = uri.port != uri.default_port ? ":#{uri.port}" : ""
+    base_endpoint = "#{uri.scheme}://#{uri.host}#{the_port}/#{artifactory_path}"
+    
+    { repo_key:, base_endpoint:, target_path: }
+  end
+
+  # Collect metadata for file upload, using fig. prefix instead of upload. prefix
+  def collect_upload_metadata(local_file, target_path, uri)
+    file_stat = ::File.stat(local_file)
+    
+    metadata = {
+      # Basic file information
+      'fig.original_path' => local_file,
+      'fig.target_path' => target_path,
+      'fig.file_size' => file_stat.size.to_s,
+      'fig.file_mtime' => file_stat.mtime.iso8601,
+      
+      # Upload context
+      'fig.hostname' => Socket.gethostname,
+      'fig.login' => ENV['USER'] || ENV['USERNAME'] || 'unknown',
+      'fig.timestamp' => Time.now.iso8601,
+      'fig.epoch' => Time.now.to_i.to_s,
+      
+      # Tool information
+      'fig.tool' => 'fig-artifactory-protocol',
+      'fig.uri' => uri.to_s,
+      
+      # Checksums for integrity
+      'fig.sha1' => Digest::SHA1.file(local_file).hexdigest,
+      'fig.md5' => Digest::MD5.file(local_file).hexdigest,
+      
+      # TODO: Add package/version metadata from URI path or local_file decoration
+      # TODO: Support user-injected metadata via environment variables or callbacks
+    }
+    
+    Fig::Logging.debug("Upload metadata: #{metadata.keys.join(', ')}")
+    metadata
+  end
+
+  # Fetch version lists for packages concurrently for major performance improvement
+  # Reduces ~2700 sequential API calls to concurrent batches
+  def fetch_versions_concurrently(valid_packages, base_endpoint, repo_key, client_config)
+    # Scale thread count based on CPU cores, with reasonable bounds
+    # Testing showed ~25 threads optimal for most servers, so use 3x CPU cores as default
+    default_threads = [Etc.nprocessors * 3, 50].min  # cap at 50 to avoid overwhelming servers
+    max_threads = ENV['FIG_ARTIFACTORY_THREADS']&.to_i || default_threads
+    
+    Fig::Logging.debug("Using #{max_threads} threads for concurrent version fetching (#{Etc.nprocessors} CPU cores detected)")
+    
+    package_versions = []
+    package_versions_mutex = Mutex.new
+    work_queue = Queue.new
+    
+    # Add all packages to work queue
+    valid_packages.each { |pkg| work_queue << pkg }
+    
+    # Create worker threads
+    threads = []
+    max_threads.times do
+      threads << Thread.new do
+        # Each thread gets its own client to avoid connection issues
+        thread_client = ::Artifactory::Client.new(client_config)
+        
+        while !work_queue.empty?
+          begin
+            package_item = work_queue.pop(true) # non-blocking pop
+          rescue ThreadError
+            break # queue is empty
+          end
+          
+          package_name = package_item['name']
+          
+          begin
+            package_list_url = URI.join(base_endpoint, BROWSER_API_PATH, "#{repo_key}/", "#{package_name}/")
+            versions = get_all_artifactory_entries(package_list_url, thread_client)
+            
+            local_package_versions = []
+            versions.each do |version_item|
+              next unless version_item['folder']
+              
+              version_name = version_item['name']
+              next unless version_name =~ Fig::PackageDescriptor::COMPONENT_PATTERN
+              
+              local_package_versions << "#{package_name}/#{version_name}"
+            end
+            
+            # Thread-safe addition to results
+            package_versions_mutex.synchronize do
+              package_versions.concat(local_package_versions)
+            end
+            
+          rescue => e
+            # Follow FTP pattern: ignore permission errors and continue processing
+            Fig::Logging.debug("Could not list versions for package #{package_name}: #{e.message}")
+          end
+        end
+      end
+    end
+    
+    # Wait for all threads to complete
+    threads.each(&:join)
+    
+    package_versions
+  end
+
+  # Get all entries from Artifactory browser API with pagination support
+  # Returns array of all entries, handling continueState pagination
+  def get_all_artifactory_entries(base_url, client)
+    record_num = ENV['FIG_ARTIFACTORY_PAGESIZE']&.to_i || INITIAL_LIST_FETCH_SIZE
+    
+    Fig::Logging.debug(">> getting art initial #{record_num} entries from #{base_url}...")
+
+    loop do
+      # Build URL with recordNum parameter
+      url = URI(base_url.to_s)
+      url.query = "recordNum=#{record_num}"
+      
+      response = client.get(url)
+      entries = response['data'] || []
+      
+      # Check if there are more entries to fetch
+      continue_state = response['continueState']
+      Fig::Logging.debug(">> continue_state is #{continue_state}...")
+      return entries if continue_state.nil? || continue_state.to_i < 0
+      
+      # Use continueState as the recordNum for the next request
+      record_num = continue_state
+    end
+  end
+
+  # swiped directly from http.rb; if no changes are required, then consider refactoring
+  def download_via_http_get(uri_string, file, redirection_limit = 10)
+    if redirection_limit < 1
+      Fig::Logging.debug 'Too many HTTP redirects.'
+      raise Fig::FileNotFoundError.new 'Too many HTTP redirects.', uri_string
+    end
+
+    response = Net::HTTP.get_response(URI(uri_string))
+
+    case response
+    when Net::HTTPSuccess then
+      file.write(response.body)
+    when Net::HTTPRedirection then
+      location = response['location']
+      Fig::Logging.debug "Redirecting to #{location}."
+      download_via_http_get(location, file, redirection_limit - 1)
+    else
+      Fig::Logging.debug "Download failed: #{response.code} #{response.message}."
+      raise Fig::FileNotFoundError.new(
+        "Download failed: #{response.code} #{response.message}.", uri_string
+      )
+    end
+
+    return
+  end
+  
+end

data/lib/fig/version.rb

@@ -1,5 +1,5 @@
 # coding: utf-8
 
 module Fig
-  VERSION = '2.0.0-alpha.5'.freeze
+  VERSION = '2.0.0-alpha.10'.freeze
 end

data/spec/protocol/artifactory_spec.rb

@@ -0,0 +1,599 @@
+# coding: utf-8
+
+require 'spec_helper'
+require 'fig/protocol/artifactory'
+
+describe Fig::Protocol::Artifactory do
+  let(:artifactory) { Fig::Protocol::Artifactory.new }
+  let(:base_url) { URI('https://artifacts.example.com/artifactory/ui/api/v1/ui/v2/nativeBrowser/repo-name/') }
+
+  describe '#get_all_artifactory_entries' do
+    let(:mock_client) { double('Artifactory::Client') }
+    let(:base_url) { URI('https://artifacts.example.com/artifactory/ui/api/v1/ui/v2/nativeBrowser/repo-name/') }
+
+    before do
+      # Stub netrc authentication
+      allow(artifactory).to receive(:get_authentication_for).and_return(nil)
+    end
+
+    context 'when all entries fit in single page' do
+      it 'returns entries without pagination' do
+        response = {
+          'data' => [
+            { 'name' => 'package1', 'folder' => true },
+            { 'name' => 'package2', 'folder' => true }
+          ],
+          'continueState' => -1
+        }
+        
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/artifactory/ui/api/v1/ui/v2/nativeBrowser/repo-name/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_return(response)
+
+        result = artifactory.send(:get_all_artifactory_entries, base_url, mock_client)
+        expect(result).to eq(response['data'])
+      end
+    end
+
+    context 'when entries require pagination' do
+      it 'follows pagination until continueState is -1' do
+        first_response = {
+          'data' => [
+            { 'name' => 'package1', 'folder' => true },
+            { 'name' => 'package2', 'folder' => true }
+          ],
+          'continueState' => 'cursor123'
+        }
+        
+        final_response = {
+          'data' => [
+            { 'name' => 'package1', 'folder' => true },
+            { 'name' => 'package2', 'folder' => true },
+            { 'name' => 'package3', 'folder' => true }
+          ],
+          'continueState' => -1
+        }
+
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/artifactory/ui/api/v1/ui/v2/nativeBrowser/repo-name/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_return(first_response)
+          
+        expect(mock_client).to receive(:get)
+          .with(URI('https://artifacts.example.com/artifactory/ui/api/v1/ui/v2/nativeBrowser/repo-name/?recordNum=cursor123'))
+          .and_return(final_response)
+
+        result = artifactory.send(:get_all_artifactory_entries, base_url, mock_client)
+        expect(result).to eq(final_response['data'])
+      end
+    end
+
+    context 'when continueState is nil' do
+      it 'returns entries and stops pagination' do
+        response = {
+          'data' => [{ 'name' => 'package1', 'folder' => true }],
+          'continueState' => nil
+        }
+        
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/artifactory/ui/api/v1/ui/v2/nativeBrowser/repo-name/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_return(response)
+
+        result = artifactory.send(:get_all_artifactory_entries, base_url, mock_client)
+        expect(result).to eq(response['data'])
+      end
+    end
+
+    context 'when FIG_ARTIFACTORY_PAGESIZE is set' do
+      it 'uses custom page size' do
+        allow(ENV).to receive(:[]).with('FIG_ARTIFACTORY_PAGESIZE').and_return('5000')
+        
+        response = {
+          'data' => [{ 'name' => 'package1', 'folder' => true }],
+          'continueState' => -1
+        }
+        
+        expect(mock_client).to receive(:get)
+          .with(URI('https://artifacts.example.com/artifactory/ui/api/v1/ui/v2/nativeBrowser/repo-name/?recordNum=5000'))
+          .and_return(response)
+
+        result = artifactory.send(:get_all_artifactory_entries, base_url, mock_client)
+        expect(result).to eq(response['data'])
+      end
+    end
+
+    context 'when response has no data field' do
+      it 'returns empty array' do
+        response = { 'continueState' => -1 }
+        
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/artifactory/ui/api/v1/ui/v2/nativeBrowser/repo-name/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_return(response)
+
+        result = artifactory.send(:get_all_artifactory_entries, base_url, mock_client)
+        expect(result).to eq([])
+      end
+    end
+  end
+
+  describe '#download_list' do
+    let(:uri) { URI('art://artifacts.example.com/artifactory/repo-name/') }
+    let(:artifactory) { Fig::Protocol::Artifactory.new }
+    let(:mock_client) { double('Artifactory::Client') }
+
+    before do
+      allow(::Artifactory::Client).to receive(:new).and_return(mock_client)
+      # Stub netrc authentication
+      allow(artifactory).to receive(:get_authentication_for).and_return(nil)
+    end
+
+    context 'when repository has packages and versions' do
+      it 'returns sorted package/version strings' do
+        # Mock package listing
+        packages_response = {
+          'data' => [
+            { 'name' => 'package-a', 'folder' => true },
+            { 'name' => 'package-b', 'folder' => true },
+            { 'name' => 'readme.txt', 'folder' => false }  # Should be ignored
+          ],
+          'continueState' => -1
+        }
+
+        # Mock version listings for each package
+        package_a_versions = {
+          'data' => [
+            { 'name' => '1.0.0', 'folder' => true },
+            { 'name' => '2.0.0', 'folder' => true },
+            { 'name' => 'metadata.xml', 'folder' => false }  # Should be ignored
+          ],
+          'continueState' => -1
+        }
+
+        package_b_versions = {
+          'data' => [
+            { 'name' => '0.5.0', 'folder' => true }
+          ],
+          'continueState' => -1
+        }
+
+        # Expect calls in order
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/ui/api/v1/ui/v2/nativeBrowser/repo-name/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_return(packages_response)
+
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/ui/api/v1/ui/v2/nativeBrowser/repo-name/package-a/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_return(package_a_versions)
+
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/ui/api/v1/ui/v2/nativeBrowser/repo-name/package-b/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_return(package_b_versions)
+
+        result = artifactory.download_list(uri)
+        expect(result).to eq([
+          'package-a/1.0.0',
+          'package-a/2.0.0', 
+          'package-b/0.5.0'
+        ])
+      end
+    end
+
+    context 'when repository is empty' do
+      it 'returns empty array' do
+        empty_response = {
+          'data' => [],
+          'continueState' => -1
+        }
+
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/ui/api/v1/ui/v2/nativeBrowser/repo-name/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_return(empty_response)
+
+        result = artifactory.download_list(uri)
+        expect(result).to eq([])
+      end
+    end
+
+    context 'when API calls fail' do
+      it 'handles errors gracefully and continues processing' do
+        packages_response = {
+          'data' => [
+            { 'name' => 'good-package', 'folder' => true },
+            { 'name' => 'bad-package', 'folder' => true }
+          ],
+          'continueState' => -1
+        }
+
+        good_versions = {
+          'data' => [{ 'name' => '1.0.0', 'folder' => true }],
+          'continueState' => -1
+        }
+
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/ui/api/v1/ui/v2/nativeBrowser/repo-name/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_return(packages_response)
+
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/ui/api/v1/ui/v2/nativeBrowser/repo-name/good-package/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_return(good_versions)
+
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/ui/api/v1/ui/v2/nativeBrowser/repo-name/bad-package/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_raise(StandardError.new('API error'))
+
+        # Should continue processing despite error
+        result = artifactory.download_list(uri)
+        expect(result).to eq(['good-package/1.0.0'])
+      end
+    end
+
+    context 'with invalid package/version names' do
+      it 'filters out names that do not match COMPONENT_PATTERN' do
+        packages_response = {
+          'data' => [
+            { 'name' => 'valid-package', 'folder' => true },
+            { 'name' => 'invalid package with spaces', 'folder' => true },
+            { 'name' => 'invalid@symbols', 'folder' => true }
+          ],
+          'continueState' => -1
+        }
+
+        valid_versions = {
+          'data' => [
+            { 'name' => '1.0.0', 'folder' => true },
+            { 'name' => 'invalid version', 'folder' => true }
+          ],
+          'continueState' => -1
+        }
+
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/ui/api/v1/ui/v2/nativeBrowser/repo-name/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_return(packages_response)
+
+        expect(mock_client).to receive(:get)
+          .with(URI("https://artifacts.example.com/ui/api/v1/ui/v2/nativeBrowser/repo-name/valid-package/?recordNum=#{Fig::Protocol::Artifactory::INITIAL_LIST_FETCH_SIZE}"))
+          .and_return(valid_versions)
+
+        result = artifactory.download_list(uri)
+        expect(result).to eq(['valid-package/1.0.0'])
+      end
+    end
+  end
+
+  describe '#download' do
+    let(:uri) { URI('artifactory://artifacts.example.com/artifactory/repo-name/package/version/file.tar.gz') }
+    let(:https_uri) { URI(uri.to_s.sub(/\Aartifactory:/, 'https:')) }
+    let(:path) { '/tmp/test_file.tar.gz' }
+    let(:prompt_for_login) { false }
+    let(:mock_file) { double('File') }
+    let(:mock_auth) { double('Authentication', username: 'testuser', password: 'testpass') }
+
+    before do
+      allow(::File).to receive(:open).with(path, 'wb').and_yield(mock_file)
+      allow(mock_file).to receive(:binmode)
+    end
+
+    context 'with authentication' do
+      it 'downloads file and logs curl equivalent with auth' do
+        allow(artifactory).to receive(:get_authentication_for).with(uri.host, prompt_for_login).and_return(mock_auth)
+        allow(artifactory).to receive(:download_via_http_get).with(https_uri.to_s, mock_file)
+
+        expect(Fig::Logging).to receive(:debug).with("Equivalent curl: curl -u testuser:*** -o '#{path}' '#{https_uri}'")
+
+        result = artifactory.download(uri, path, prompt_for_login)
+        expect(result).to be true
+      end
+    end
+
+    context 'without authentication' do
+      it 'downloads file and logs curl equivalent without auth' do
+        allow(artifactory).to receive(:get_authentication_for).with(uri.host, prompt_for_login).and_return(nil)
+        allow(artifactory).to receive(:download_via_http_get).with(https_uri.to_s, mock_file)
+
+        expect(Fig::Logging).to receive(:debug).with("Equivalent curl: curl -o '#{path}' '#{https_uri}'")
+
+        result = artifactory.download(uri, path, prompt_for_login)
+        expect(result).to be true
+      end
+    end
+
+    context 'when download_via_http_get raises SystemCallError' do
+      it 'wraps error in FileNotFoundError' do
+        allow(artifactory).to receive(:get_authentication_for).and_return(nil)
+        system_error = SystemCallError.new('Connection failed')
+        allow(artifactory).to receive(:download_via_http_get).and_raise(system_error)
+
+        expect(Fig::Logging).to receive(:debug).with("Equivalent curl: curl -o '#{path}' '#{https_uri}'")
+        expect(Fig::Logging).to receive(:debug).with('unknown error - Connection failed')
+        expect { artifactory.download(uri, path, prompt_for_login) }.to raise_error(Fig::FileNotFoundError, 'unknown error - Connection failed')
+      end
+    end
+
+    context 'when download_via_http_get raises SocketError' do
+      it 'wraps error in FileNotFoundError' do
+        allow(artifactory).to receive(:get_authentication_for).and_return(nil)
+        socket_error = SocketError.new('Host not found')
+        allow(artifactory).to receive(:download_via_http_get).and_raise(socket_error)
+
+        expect(Fig::Logging).to receive(:debug).with("Equivalent curl: curl -o '#{path}' '#{https_uri}'")
+        expect(Fig::Logging).to receive(:debug).with('Host not found')
+        expect { artifactory.download(uri, path, prompt_for_login) }.to raise_error(Fig::FileNotFoundError, 'Host not found')
+      end
+    end
+
+    it 'opens file in binary write mode' do
+      allow(artifactory).to receive(:get_authentication_for).and_return(nil)
+      allow(artifactory).to receive(:download_via_http_get)
+
+      expect(::File).to receive(:open).with(path, 'wb')
+      expect(mock_file).to receive(:binmode)
+
+      artifactory.download(uri, path, prompt_for_login)
+    end
+  end
+
+  describe '#httpify_uri' do
+    let(:artifactory) { Fig::Protocol::Artifactory.new }
+
+    it 'converts art:// scheme to https://' do
+      art_uri = URI('art://artifacts.example.com/artifactory/repo-name/')
+      result = artifactory.send(:httpify_uri, art_uri)
+      
+      expect(result.scheme).to eq('https')
+      expect(result.host).to eq('artifacts.example.com')
+      expect(result.path).to eq('/artifactory/repo-name/')
+      expect(result).to be_a(URI::HTTPS)
+    end
+
+    it 'converts artifactory:// scheme to https://' do
+      art_uri = URI('artifactory://artifacts.example.com/artifactory/repo-name/package/version/file.tar.gz')
+      result = artifactory.send(:httpify_uri, art_uri)
+      
+      expect(result.scheme).to eq('https')
+      expect(result.host).to eq('artifacts.example.com')
+      expect(result.path).to eq('/artifactory/repo-name/package/version/file.tar.gz')
+      expect(result).to be_a(URI::HTTPS)
+    end
+
+    it 'preserves port and query parameters' do
+      art_uri = URI('art://artifacts.example.com:8080/artifactory/repo-name/?param=value')
+      result = artifactory.send(:httpify_uri, art_uri)
+      
+      expect(result.scheme).to eq('https')
+      expect(result.host).to eq('artifacts.example.com')
+      expect(result.port).to eq(8080)
+      expect(result.path).to eq('/artifactory/repo-name/')
+      expect(result.query).to eq('param=value')
+      expect(result).to be_a(URI::HTTPS)
+    end
+
+    it 'handles URIs with userinfo' do
+      art_uri = URI('artifactory://user:pass@artifacts.example.com/artifactory/repo-name/')
+      result = artifactory.send(:httpify_uri, art_uri)
+      
+      expect(result.scheme).to eq('https')
+      expect(result.userinfo).to eq('user:pass')
+      expect(result.host).to eq('artifacts.example.com')
+      expect(result.path).to eq('/artifactory/repo-name/')
+      expect(result).to be_a(URI::HTTPS)
+    end
+  end
+
+  describe '#parse_uri' do
+    let(:artifactory) { Fig::Protocol::Artifactory.new }
+
+    context 'with basic artifactory URI' do
+      it 'parses repository-level URI correctly' do
+        art_uri = URI('art://artifacts.example.com/artifactory/repo-name/')
+        result = artifactory.send(:parse_uri, art_uri)
+        
+        expect(result[:repo_key]).to eq('repo-name')
+        expect(result[:base_endpoint]).to eq('https://artifacts.example.com/artifactory')
+        expect(result[:target_path]).to eq('')
+      end
+
+      it 'parses URI with file path correctly' do
+        art_uri = URI('artifactory://artifacts.example.com/artifactory/repo-name/package/version/file.tar.gz')
+        result = artifactory.send(:parse_uri, art_uri)
+        
+        expect(result[:repo_key]).to eq('repo-name')
+        expect(result[:base_endpoint]).to eq('https://artifacts.example.com/artifactory')
+        expect(result[:target_path]).to eq('package/version/file.tar.gz')
+      end
+
+      it 'parses URI with nested directory path correctly' do
+        art_uri = URI('art://artifacts.example.com/artifactory/my-repo/com/example/package/1.0.0/package-1.0.0.jar')
+        result = artifactory.send(:parse_uri, art_uri)
+        
+        expect(result[:repo_key]).to eq('my-repo')
+        expect(result[:base_endpoint]).to eq('https://artifacts.example.com/artifactory')
+        expect(result[:target_path]).to eq('com/example/package/1.0.0/package-1.0.0.jar')
+      end
+    end
+
+    context 'with custom port' do
+      it 'includes port in base_endpoint when non-standard' do
+        art_uri = URI('artifactory://artifacts.example.com:8080/artifactory/repo-name/file.txt')
+        result = artifactory.send(:parse_uri, art_uri)
+        
+        expect(result[:repo_key]).to eq('repo-name')
+        expect(result[:base_endpoint]).to eq('https://artifacts.example.com:8080/artifactory')
+        expect(result[:target_path]).to eq('file.txt')
+      end
+
+      it 'excludes default HTTPS port from base_endpoint' do
+        art_uri = URI('art://artifacts.example.com:443/artifactory/repo-name/file.txt')
+        result = artifactory.send(:parse_uri, art_uri)
+        
+        expect(result[:repo_key]).to eq('repo-name')
+        expect(result[:base_endpoint]).to eq('https://artifacts.example.com/artifactory')
+        expect(result[:target_path]).to eq('file.txt')
+      end
+    end
+
+    context 'with artifactory in different path positions' do
+      it 'handles artifactory in root path' do
+        art_uri = URI('art://artifacts.example.com/artifactory/repo-name/file.txt')
+        result = artifactory.send(:parse_uri, art_uri)
+        
+        expect(result[:repo_key]).to eq('repo-name')
+        expect(result[:base_endpoint]).to eq('https://artifacts.example.com/artifactory')
+        expect(result[:target_path]).to eq('file.txt')
+      end
+
+      it 'handles artifactory in nested path' do
+        art_uri = URI('artifactory://artifacts.example.com/some/path/artifactory/repo-name/file.txt')
+        result = artifactory.send(:parse_uri, art_uri)
+        
+        expect(result[:repo_key]).to eq('repo-name')
+        expect(result[:base_endpoint]).to eq('https://artifacts.example.com/some/path/artifactory')
+        expect(result[:target_path]).to eq('file.txt')
+      end
+    end
+
+    context 'with trailing slashes' do
+      it 'handles URI with trailing slash' do
+        art_uri = URI('art://artifacts.example.com/artifactory/repo-name/')
+        result = artifactory.send(:parse_uri, art_uri)
+        
+        expect(result[:repo_key]).to eq('repo-name')
+        expect(result[:base_endpoint]).to eq('https://artifacts.example.com/artifactory')
+        expect(result[:target_path]).to eq('')
+      end
+
+      it 'handles URI without trailing slash' do
+        art_uri = URI('artifactory://artifacts.example.com/artifactory/repo-name')
+        result = artifactory.send(:parse_uri, art_uri)
+        
+        expect(result[:repo_key]).to eq('repo-name')
+        expect(result[:base_endpoint]).to eq('https://artifacts.example.com/artifactory')
+        expect(result[:target_path]).to eq('')
+      end
+    end
+
+    context 'error cases' do
+      it 'raises ArgumentError when artifactory is not in path' do
+        art_uri = URI('art://artifacts.example.com/some/other/path/repo-name/')
+        
+        expect {
+          artifactory.send(:parse_uri, art_uri)
+        }.to raise_error(ArgumentError, /URI must contain 'artifactory' in path/)
+      end
+
+      it 'raises ArgumentError when no repository key is found' do
+        art_uri = URI('artifactory://artifacts.example.com/artifactory/')
+        
+        expect {
+          artifactory.send(:parse_uri, art_uri)
+        }.to raise_error(ArgumentError, /No repository key found in URI/)
+      end
+
+      it 'raises ArgumentError when artifactory is at end of path' do
+        art_uri = URI('art://artifacts.example.com/some/path/artifactory')
+        
+        expect {
+          artifactory.send(:parse_uri, art_uri)
+        }.to raise_error(ArgumentError, /No repository key found in URI/)
+      end
+    end
+
+    context 'edge cases' do
+      it 'handles empty target path correctly' do
+        art_uri = URI('artifactory://artifacts.example.com/artifactory/repo-name')
+        result = artifactory.send(:parse_uri, art_uri)
+        
+        expect(result[:target_path]).to eq('')
+      end
+
+      it 'handles single character repo key' do
+        art_uri = URI('art://artifacts.example.com/artifactory/r/file.txt')
+        result = artifactory.send(:parse_uri, art_uri)
+        
+        expect(result[:repo_key]).to eq('r')
+        expect(result[:target_path]).to eq('file.txt')
+      end
+
+      it 'handles repo key with special characters' do
+        art_uri = URI('artifactory://artifacts.example.com/artifactory/repo-name-with-dashes_and_underscores/file.txt')
+        result = artifactory.send(:parse_uri, art_uri)
+        
+        expect(result[:repo_key]).to eq('repo-name-with-dashes_and_underscores')
+        expect(result[:target_path]).to eq('file.txt')
+      end
+    end
+  end
+
+  describe '#upload' do
+    let(:local_file) { '/tmp/test.txt' }
+    let(:uri) { URI('https://artifacts.example.com/artifactory/repo-name/path/to/file.txt') }
+    let(:mock_client) { double('Artifactory::Client') }
+    let(:mock_artifact) { double('Artifactory::Resource::Artifact') }
+    let(:mock_authentication) { double('authentication', username: 'testuser', password: 'testpass') }
+
+    before do
+      allow(artifactory).to receive(:get_authentication_for).and_return(mock_authentication)
+      # Mock the global configuration - create a config double that responds to all setters
+      config_mock = double('config')
+      allow(config_mock).to receive(:endpoint=)
+      allow(config_mock).to receive(:username=)
+      allow(config_mock).to receive(:password=)
+      allow(::Artifactory).to receive(:configure).and_yield(config_mock)
+      allow(::Artifactory::Resource::Artifact).to receive(:new).and_return(mock_artifact)
+      allow(::File).to receive(:stat).and_return(double('stat', size: 1024, mtime: Time.now))
+      allow(Digest::SHA1).to receive(:file).and_return(double(hexdigest: 'sha1hash'))
+      allow(Digest::MD5).to receive(:file).and_return(double(hexdigest: 'md5hash'))
+    end
+
+    it 'parses URI correctly and uploads file' do
+      config_mock = double('config')
+      expect(::Artifactory).to receive(:configure).and_yield(config_mock)
+      expect(config_mock).to receive(:endpoint=).with('https://artifacts.example.com/artifactory')
+      expect(config_mock).to receive(:username=).with('testuser')
+      expect(config_mock).to receive(:password=).with('testpass')
+      
+      expect(mock_artifact).to receive(:upload).with(
+        'repo-name',
+        'path/to/file.txt',
+        hash_including('fig.original_path' => local_file)
+      )
+
+      artifactory.upload(local_file, uri)
+    end
+
+    it 'logs equivalent curl command' do
+      allow(mock_artifact).to receive(:upload)
+      
+      expect(Fig::Logging).to receive(:debug).with(
+        "Equivalent curl: curl -u testuser:*** -T '#{local_file}' '#{uri}'"
+      ).ordered
+      expect(Fig::Logging).to receive(:debug).with(
+        /Upload metadata:/
+      ).ordered
+
+      artifactory.upload(local_file, uri)
+    end
+
+    it 'raises error for invalid URI without artifactory in path' do
+      invalid_uri = URI('https://example.com/repo-name/file.txt')
+      
+      expect {
+        artifactory.upload(local_file, invalid_uri)
+      }.to raise_error(ArgumentError, /URI must contain 'artifactory' in path/)
+    end
+
+    it 'collects metadata with fig. prefix' do
+      metadata_hash = nil
+      allow(mock_artifact).to receive(:upload) do |repo, path, metadata|
+        metadata_hash = metadata
+      end
+
+      artifactory.upload(local_file, uri)
+
+      expect(metadata_hash).to include(
+        'fig.original_path' => local_file,
+        'fig.target_path' => 'path/to/file.txt',
+        'fig.tool' => 'fig-artifactory-protocol'
+      )
+      expect(metadata_hash.keys).to all(start_with('fig.'))
+    end
+  end
+end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: fig
 version: !ruby/object:Gem::Version
-  version: 2.0.0.pre.alpha.5
+  version: 2.0.0.pre.alpha.10
 platform: ruby
 authors:
 - Fig Folks
 bindir: bin
 cert_chain: []
-date: 2025-08-20 00:00:00.000000000 Z
+date: 2025-09-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt_pbkdf
@@ -233,6 +233,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 2.6.0
+- !ruby/object:Gem::Dependency
+  name: artifactory
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.0.17
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.0.17
+- !ruby/object:Gem::Dependency
+  name: rexml
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: rdoc
   requirement: !ruby/object:Gem::Requirement
@@ -306,7 +334,7 @@ dependencies:
 description: |-
   Fig is a utility for configuring environments and managing dependencies across a team of developers. Given a list of packages and a command to run, Fig builds environment variables named in those packages (e.g., CLASSPATH), then executes the command in that environment. The caller's environment is not affected.
 
-  Built from git SHA1: ac8e555-dirty
+  Built from git SHA1: 46bcf5e-dirty
 email: maintainer@figpackagemanager.org
 executables:
 - fig
@@ -438,6 +466,7 @@ files:
 - lib/fig/parser.rb
 - lib/fig/parser_package_build_state.rb
 - lib/fig/protocol.rb
+- lib/fig/protocol/artifactory.rb
 - lib/fig/protocol/file.rb
 - lib/fig/protocol/ftp.rb
 - lib/fig/protocol/http.rb
@@ -504,6 +533,7 @@ files:
 - spec/environment_variables_spec.rb
 - spec/figrc_spec.rb
 - spec/parser_spec.rb
+- spec/protocol/artifactory_spec.rb
 - spec/repository_spec.rb
 - spec/runtime_environment_spec.rb
 - spec/spec_helper.rb
@@ -515,7 +545,7 @@ files:
 licenses:
 - BSD-3-Clause
 metadata:
-  git_sha: ac8e555-dirty
+  git_sha: 46bcf5e-dirty
 rdoc_options: []
 require_paths:
 - lib
@@ -533,5 +563,5 @@ requirements: []
 rubygems_version: 3.6.1
 specification_version: 4
 summary: 'Utility for configuring environments and managing dependencies across a
-  team of developers. Built from git SHA1: ac8e555-dirty'
+  team of developers. Built from git SHA1: 46bcf5e-dirty'
 test_files: []