remote attestations from pypi publication

[mnbf9rca]

Summary by Sourcery

Revise the CI workflow to allow conditional deployment to PyPi production either directly or after a test deployment, based on user input. Remove commented-out code related to OIDC debugging and attestations.

CI:

• Update the deploy workflow to include separate jobs for deploying to PyPi production directly or after testing, based on the input parameter 'deploy_to_test'.

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request modifies the GitHub Actions workflow for building and publishing artifacts to PyPI. The changes primarily focus on improving the deployment process, adding conditional logic for test and production deployments, and adjusting the OIDC (OpenID Connect) configuration.

File-Level Changes

Change	Details	Files
Restructure deployment workflow to support both test and direct production deployments	Add conditional logic to deploy to PyPI test environment based on input Create separate jobs for deploying to production after test and direct production deployment Update job dependencies to ensure correct execution order	.github/workflows/deploy_workflow_wrapper.yml
Adjust OIDC configuration and attestation settings in PyPI deployment	Comment out OIDC debugger steps Disable attestations due to a reported issue with PyPI	.github/workflows/deploy_to_pypi.yml
Clean up and improve workflow file structure	Remove commented out output section Add newline characters for better readability Update workflow trigger description	.github/workflows/deploy_workflow_wrapper.yml

---

Tips

• Trigger a new Sourcery review by commenting @sourcery-ai review on the pull request.
• Continue your discussion with Sourcery by replying directly to review comments.
• You can change your review settings at any time by accessing your dashboard:
  • Enable or disable the Sourcery-generated pull request summary or reviewer's guide;
  • Change the review language;
• You can always contact us if you have any questions or feedback.

[sourcery-ai]

Hey @mnbf9rca - I've reviewed your changes and they look great!

Here's what I looked at during the review

• 🟡 General issues: 1 issue found
• 🟢 Security: all looks good
• 🟢 Testing: all looks good
• 🟢 Complexity: all looks good
• 🟢 Documentation: all looks good

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment to tell me if it was helpful.}

[sourcery-ai]

suggestion (bug_risk): Make the condition for direct production deployment more explicit

The current condition will run whenever deploy_to_test is not 'true', including cases where it's false or not set. Consider using a more specific condition to avoid unintended direct production deployments.

Suggested change

	if: ${{ github.event.inputs.deploy_to_test != 'true' }}
	if: ${{ github.event.inputs.deploy_to_test == 'false' || github.event.inputs.deploy_to_test == '' }}