twine check in action, but passes when dockerfile built locally

[LecrisUT]

Example failure: https://github.com/spglib/spglib/actions/runs/8647336672/job/23717517322

I've run twine check locally and it passed, I ran it with the built Dockerfile and it also passed. Any idea what's going on here?

[webknjaz]

Have you tried downloading the artifacts from your GHA workflow page locally and checking them all with twine check --strict?

It's definitely unpleasant to get failures in the very last step of the release process, which is why I recommend running it early in the workflow. In many of my workflows I migrated to building the dists before testing. This way, I can lint them (including but not limited to twine check), test the same wheels and then publish exactly what's tested as opposed to publishing something that was built separately from what was built in the test jobs.

[LecrisUT]

Turns out it was a bug on download-artifact where it just made a mess of things scikit-build/scikit-build-core#696 (comment)

[webknjaz]

zipfile.BadZipFile: Bad magic number for file header

Your error sounds a lot like #215 and #148. I'd also report to Twine as we just call it via CLI and it could output better errors.

[LecrisUT]

Yeah, I should have added a manual action for twine check on the artifacts. Alternatively, having a dry-run/no-upload input for this action would also help with that.