Producing attestations fails when attempting publishing from unsupported reusable workflows (when enabled)

[efriis]

Howdy! We just had to turn off release attestations to get our releases running in langchain-ai/langchain. Haven't had a chance to dig deeper into attestation configuration in order to see what we need to fix, and thought I'd file an issue in case others run into the same thing!

langchain-ai/langchain#27765

Release Workflow

We run releases from the two workflow files edited in ^ that PR

• _release.yml, which calls _test_release.yml, and then publishes to pypi
• _test_release.yml for publishing to test.pypi

Error

We were seeing errors in your releases, e.g. in this workflow run: https://github.com/langchain-ai/langchain/actions/runs/11602468120/job/32307568692

Configuration of test release - 2 main things that look weird are /legacy/ and repository_url (we configure repository-url per docs)

Run pypa/gh-action-pypi-publish@release/v1
  with:
    packages-dir: libs/core/dist/
    verbose: true
    print-hash: true
    repository-url: https://test.pypi.org/legacy/
    skip-existing: true
    user: __token__
    repository_url: https://upload.pypi.org/legacy/
    packages_dir: dist
    verify_metadata: true
    skip_existing: false
    print_hash: false
    attestations: true
  env:
    POETRY_VERSION: 1.7.1
    PYTHON_VERSION: [3](https://github.com/langchain-ai/langchain/actions/runs/11602468120/job/32307568692#step:5:3).10

Logs - partially redacted

Checking libs/core/dist/langchain_core-0.3.14-py3-none-any.whl: PASSED
Checking libs/core/dist/langchain_core-0.3.14.tar.gz: PASSED
Notice: Generating and uploading digital attestations
Fulcio client using URL: https://fulcio.sigstore.dev
TUF metadata: /root/.local/share/sigstore-python/tuf/https%3A%2F%2Ftuf-repo-cdn.sigstore.dev
TUF targets cache: /root/.cache/sigstore-python/tuf/https%3A%2F%2Ftuf-repo-cdn.sigstore.dev
Found and verified trusted root
Generating ephemeral keys...
Requesting ephemeral certificate...
Retrieving signed certificate...
Found <Name(O=sigstore.dev,CN=sigstore-intermediate)> as issuer, verifying if it is a ca
attempting to verify SCT with key ID xxx
Successfully verified SCT...
DSSE PAE: xxx
proposed: xxx
integrated: xxx
Transparency log entry created with index: 145293525
DSSE PAE: xxx
proposed: xxx
integrated: xxx
Transparency log entry created with index: 145293526
Showing hash values of files to be uploaded:
/github/workspace/libs/core/dist/langchain_core-0.3.14-py3-none-any.whl

SHA256: xxx
MD5: xxx
BLAKE2-256: xxx

/github/workspace/libs/core/dist/langchain_core-0.3.14.tar.gz

SHA256: xxx 
MD5: xxx
BLAKE2-256: xxx

/github/workspace/libs/core/dist/langchain_core-0.3.14-py3-none-any.whl.publish.attestation

SHA256: xxx
MD5: xxx
BLAKE2-256: xxx

/github/workspace/libs/core/dist/langchain_core-0.3.14.tar.gz.publish.attestation

SHA256: xxx
MD5: xxx
BLAKE2-256: xxx

Uploading distributions to https://test.pypi.org/legacy/
INFO     libs/core/dist/langchain_core-0.3.14-py3-none-any.whl (399.1 KB)       
INFO     libs/core/dist/langchain_core-0.3.14.tar.gz (320.2 KB)                 
INFO     password set by command options                                        
INFO     username: __token__                                                    
INFO     password: <hidden>                                                     
Uploading langchain_core-0.3.14-py3-none-any.whl
INFO     Response from https://test.pypi.org/legacy/:                           
         400 Bad Request                                                        
INFO     <html>                                                                 
          <head>                                                                
           <title>400 Could not verify the uploaded artifact using the included 
         attestation: Verification failed: 0 of 2 policies succeeded</title>    
          </head>                                                               
          <body>                                                                
           <h1>400 Could not verify the uploaded artifact using the included    
         attestation: Verification failed: 0 of 2 policies succeeded</h1>       
           The server could not comply with the request since it is either      
         malformed or otherwise incorrect.<br/><br/>                            
         Could not verify the uploaded artifact using the included attestation: 
         Verification failed: 0 of 2 policies succeeded                         
                                                                                
                                                                                
          </body>                                                               
         </html>                                                                
ERROR    HTTPError: 400 Bad Request from https://test.pypi.org/legacy/

Temporary Fix

langchain-ai/langchain#27765

We turned off attestations with attestations: false

[webknjaz]

FYI reusable workflows are still not properly supported on the PyPI side. Some things happen to work almost by accident. There's a tracking issue somewhere in the Warehouse repo discussing this.

cc @woodruffw

[kesara]

This worked for me when pubslishing for test PyPI, but I got the same error when the GHA tries to publish to real PyPI.

Test PyPI:

Checking dist/svgcheck-0.9.0.tar.gz: PASSED
Notice: Generating and uploading digital attestations
Fulcio client using URL: https://fulcio.sigstore.dev/
TUF metadata: /root/.local/share/sigstore-python/tuf/https%3A%2F%2Ftuf-repo-cdn.sigstore.dev
TUF targets cache: /root/.cache/sigstore-python/tuf/https%3A%2F%2Ftuf-repo-cdn.sigstore.dev
Found and verified trusted root
Generating ephemeral keys...
Requesting ephemeral certificate...
Retrieving signed certificate...
Found <Name(O=sigstore.dev,CN=sigstore-intermediate)> as issuer, verifying if it is a ca
attempting to verify SCT with key ID dd3d306ac6c7113263191e1c99673702a24a5eb8de3cadff878a72802f29ee8e
Successfully verified SCT...

PyPI:

Checking dist/svgcheck-0.9.0.tar.gz: PASSED
Checking dist/svgcheck-0.9.0.tar.gz.publish.attestation: ERROR    InvalidDistribution: Unknown distribution format:                      
         'svgcheck-0.9.0.tar.gz.publish.attestation'

[webknjaz]

Thanks for the report. It would be useful to have a link to the log. And I even more useful if the job is restarted in debug mode.
Meanwhile, we'll have to wait for @woodruffw to see this and take a look from his side.

[kesara]

This is the link to the failed job: https://github.com/ietf-tools/svgcheck/actions/runs/11604651979/job/32313751640

[webknjaz]

Thanks! I wonder where this is coming from..

Error in sitecustomize; set PYTHONVERBOSE for traceback:
ModuleNotFoundError: No module named 'coverage'
Error in sitecustomize; set PYTHONVERBOSE for traceback:
ModuleNotFoundError: No module named 'coverage'

[webknjaz]

Extracting the artifacts from that job for history (they will be garbage-collected in a while) and further inspection:

[kesara]

Thanks! I wonder where this is coming from..

Error in sitecustomize; set PYTHONVERBOSE for traceback:
ModuleNotFoundError: No module named 'coverage'
Error in sitecustomize; set PYTHONVERBOSE for traceback:
ModuleNotFoundError: No module named 'coverage'

Looks that's from a left over old test file, It's unrelated to this issue.

[woodruffw]

Thanks for the details @kesara! This one is weird: that error is coming from twine itself, not from PyPI.

From a quick look, I think what happened here is that I forgot to add a skip for attestations in twine check. I can root cause that a bit more in a moment.

Edit: Yep, that's what it looks like. I'll work on a fix now.

[woodruffw]

pypa/twine#1172 should fix the behavior observed by @kesara!

For @efriis: @webknjaz is right that reusable workflow support is currently unfortunately limited on PyPI. My colleague @facutuesca and I are currently working on improving that, but in the mean time most users should stick to non-reusable workflows for Trusted Publishing.