Resolve repository password from the keyring, allowing it to be store…

[jaraco]

…d securely and following conventions use by setuptools.upload.

[sigmavirus24]

Hi @jaraco

Could you include some tests here for the behaviour of the functions you've added/modified? Also, can you update our setup.{py,cfg} to add an optional dependency on Keyring based on an extra?

[jaraco]

Okay. Should be good to go now.

[sigmavirus24]

Thanks @jaraco!

[glyph]

This is an awesome feature! I'm wondering though; how is one supposed to authenticate to Twine, to store the credential in the keyring in the first place? I'd rather put it there than in ~/.pypirc.

[jaraco]

With keyring installed, keyring set <URL> <username> where URL is the PyPI upload URL and username is the username in pypirc. That will prompt for the password and save it to the keyring.

[glyph]

@jaraco It would be nice if there were a twine login command that would do this - it's not obvious how to derive the upload URL in advance. (The default changed recently, and given that 'legacy' is in the URL now, I assume it will change again soon)

[glyph]

@jaraco Does that seem like it would be within twine's roadmap?

[sigmavirus24]

@glyph @jaraco doesn't determine the roadmap for Twine. :)

What about just twine configure that would allow things to work a bit like Rackspace's rack CLI? That's a behaviour I can get behind

[glyph]

@sigmavirus24 While a configure verb would be nifty, I'd actually want a separate UI for persisting any secret materials; putting my password into ~/.pypirc manually is bad, but writing out a config file which contains a secret that I can't necessarily find or destroy is worse. If it were a guided UI that specifically called this out in its prompts then that would work for me.

[sigmavirus24]

Right, I'm imagining something that's guided. We should open a new issue to track this. Would you mind doing that?

[glyph]

@sigmavirus24 Done.