search

UC-Davis-molecular-computing / scadnano-python-package

Python scripting library for generating designs readable by scadnano.
https://scadnano.org
MIT License
13 stars 7 forks source link

enable 2FA for PyPI publishing action #291

Closed dave-doty closed 8 months ago

dave-doty commented 8 months ago

PyPI will require two-factor authentication by 2024: https://blog.pypi.org/posts/2023-05-25-securing-pypi-with-2fa/

I have no idea how to enable this to work with the Github action that publishes to PyPI: https://github.com/UC-Davis-molecular-computing/scadnano-python-package/blob/main/.github/workflows/release.yml

rayzhuca commented 8 months ago

The new security update requires everyone who maintains a PyPI project to enable 2FA. This should be a similar to the UC Davis 2FA process.

A step-by-step guide would be

  1. Open an authentication (TOTP) application (Duo mobile is a viable option)
  2. Log in to your PyPI account, go to your account settings, and choose "Add 2FA with authentication application"
  3. PyPI will generate a secret key, specific to your account. This is displayed as a QR code, and as a text code.
  4. Scan the QR code with your authentication application, or type it in manually. The method of input will depend on the application you have chosen. (In Duo Mobile, press "Add" and select "Use QR Code".
  5. Your application will generate an authentication code - use this to verify your set-up on PyPI
dave-doty commented 8 months ago

Thanks so much. Sorry, I guess I could have looked up these instructions myself, but I assumed that we would have to do something more complex to make it work with the Github action that publishes the scadnano package to PyPI.

dave-doty commented 8 months ago

I enabled 2FA for PyPI. I'll close this issue for now, and hopefully the publishing action works the next time we have a PR from dev into main, but if not I'll reopen the issue and we'll try to debug it.