Add build provenance attestation

[kevinbackhouse]

I noticed that we have this in the release.yml workflow but not in these two workflows. I was a bit confused because we already have a "sign with sigstore" step in these workflows. As I understand it, "sign with sigstore" is the preferred way to sign the artifacts for PyPI and attest-build-provenance is the prefered way to do it for GitHub releases. And it doesn't hurt to do both.

[Copilot]

Pull request overview

This pull request adds build provenance attestation to the PyPI and TestPyPI publishing workflows, aligning them with the security practices already established in the release.yml workflow. The changes add artifact attestation capabilities using GitHub's attest-build-provenance action, which complements the existing Sigstore signing and provides additional supply chain security for the published Python packages.

Changes:

• Added attestations: write permission to both PyPI publishing workflows
• Added Attest build provenance step to generate attestations for wheel and tar.gz distribution files

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.

File	Description
.github/workflows/publish-to-testpypi.yaml	Added attestations permission and build provenance attestation step for TestPyPI releases
.github/workflows/publish-to-pypi.yaml	Added attestations permission and build provenance attestation step for PyPI releases

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[steiza]

Okay, so there's 3 ways that attestations are being generated and "stored":

1. pypa/gh-action-pypi-publish@v1.13.0 is already generating attestations for you and storing them in PyPI:

$ curl https://pypi.org/integrity/seclab-taskflow-agent/0.2.0/seclab_taskflow_agent-0.2.0.tar.gz/provenance
{"attestation_bundles":...

2. sigstore/gh-action-sigstore-python@v3.1.0 is signing things and "stores" them on the Actions run log. It's up to you, but I would recommend removing this - those attestations are not very discoverable.

3. actions/attest-build-provenance@v3.2.0 (which this pull request adds) will sign things and store them in GitHub's attestation store, which will show up in things like the Releases page. I think it's helpful to have this information inside GitHub as well as inside PyPI. I think we want to call it in a slightly different way though - I'll add comments on the PR itself.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[steiza]

This LGTM!

[kevinbackhouse]

This LGTM!

Thanks @steiza! One more question for you though: on a different PR where I'm making the same change, Copilot recommended doing the attestation step before the artifact-upload. Do you agree that it would be better to swap the order?

[steiza]

Copilot Exiv2/exiv2#3504 (comment) doing the attestation step before the artifact-upload

🤷 The example Copilot gave is what should happen if the attestation step fails - do you still want it to have uploaded the artifact? I guess that depends on what you want! I think most people will be consuming this (and attestations) from PyPI instead of GitHub directly, but I don't have a strong opinion either way.

[kevinbackhouse]

I've moved the attestation before upload-artifact and squashed the commits.