Allow pypi password to be specified on the console

zestsoftware / zest.releaser

Python software releasing made easy and repeatable

https://zestreleaser.readthedocs.io

GNU General Public License v2.0

201 stars 62 forks source link

Allow pypi password to be specified on the console #208

Open ccmaymay opened 7 years ago

ccmaymay commented 7 years ago

Some people don't like to save passwords in cleartext on disk. If a password is not specified in .pypirc could it be read and passed on from the console, e.g., using getpass?

reinout commented 7 years ago

I don't know, actually. We use "twine" for the actual upload. Twine apparently supports keychain and prompt:

https://github.com/pypa/twine/blob/3efd3b5d2715f537096b95cb2e6853e02990b059/twine/utils.py

Could be worth a try. I don't know if it works if twine starts prompting (as in: do we capture the prompt or does it 'just work'). If twine works OK, it might still be that we need to disable a check we do on the .pypirc ourselves.

ccmaymay commented 7 years ago

With no password set in .pypirc I get the following during a release:

Upload to pypi (Y/n)? Y
Uploading concrete-4.12.8.dev0.tar.gz
[================================] 200134/200134 - 00:00:00
Response status code: 401
Reason: You must be identified to edit package information
There were errors or warnings.
ERROR: Package upload has failed.
None
Retry this command? [Yes/no/quit/?]

(There is no prompt for a password.)

brainwane commented 6 years ago

keyring support might be the way to go here.