Perform "gem push" from a CI with MFA enabled.

[matteoredz]

Hey there, hope you're all doing great 👋🏻

I decided to enable the recommended MFA level (UI and API) from my current one (UI and gem sign-in) and I stumbled upon a possible blocking situation:

I usually use the release-please-action to automate the version bumps and the releases, so the whole release process is done through the release.yml GitHub workflow (aka the CI). The RubyGems API key is securely stored in my repo's secrets and the release script is in charge of building and pushing the Gem.

After enabling the recommended MFA level, I sadly found out that a release workflow run failed because of the following:

You have enabled multi-factor authentication. Please enter OTP code.
You have enabled multifactor authentication but no OTP code provided. Please fill it and retry.
Error: Process completed with exit code 1.

So my question is: How can we make MFA work when the push is done through a CI? Do I need to lower the MFA level and occasionally enable MFA just for a subset of keys that aren't used in a CI?

Thanks.

[matteoredz]

Gentle bump here, as I guess this discussion and its PR are the solution.