Currently the docs outline that the rubygems_mfa_required flag will require owners to enter an OTP for all privileged operations (push, yank, owner add and remove). In actuality, rubygems_mfa_required will require owners to have just to have MFA enabled (and not specifically at the ui_and_api level for the CI/CD case).
From https://github.com/rubygems/rubygems.org/issues/4264#issuecomment-1839423900
Currently the docs outline that the
rubygems_mfa_requiredflag will require owners to enter an OTP for all privileged operations (push, yank, owner add and remove). In actuality,rubygems_mfa_requiredwill require owners to have just to have MFA enabled (and not specifically at theui_and_apilevel for the CI/CD case).