Expand encrypt matcher to cover more qualifiers (previous, key_provider, compressor, support_unencrypted_data)

[matsales28]

Problem this feature will solve

The encrypt matcher today exposes deterministic, downcase, and ignore_case, but ActiveRecord::Encryption accepts several more options that are part of the declared contract of an encrypted attribute:

• previous: — key rotation entries.
• key: and key_provider: — per-attribute key/provider overrides.
• compressor: (Rails 7.1+) and compress: false.
• support_unencrypted_data: true — was global only, became per-attribute in Rails 8.1.
• context_properties: — encryption-context overrides.

None of these can be expressed in a matcher today, so changes to them are not caught by specs.

Desired solution

New qualifiers mirroring the option names:

it do
  should encrypt(:ssn).
    deterministic(true).
    with_key_provider(MyKeyProvider).
    with_compressor(MyCompressor).
    supporting_unencrypted_data
end

Naming is open. Following the matcher's existing with_X / without_X convention: with_previous(...), with_key(...), with_key_provider(...), with_compressor(...), without_compression, supporting_unencrypted_data, with_context_properties(...).

Alternatives considered

• Inspecting the scheme directly via Model.encrypted_attributes[:attr] in a spec.

Additional context

References:

• https://api.rubyonrails.org/classes/ActiveRecord/Encryption/EncryptableRecord.html
• Rails 8.1 changelog entry for per-attribute support_unencrypted_data.