PyPi trusted publishing: not working with reuseable workflows

[kdeldycke]

Attempt has been made in v2.14.0 (see 3571c06 and 1583a6f) but it doesn't work with reuseable workflow.

The publishing ends up with the following error:

2023-05-04T10:23:05.4290038Z ##[group]Run pypa/gh-action-pypi-publish@v1.8.6
2023-05-04T10:23:05.4290334Z with:
2023-05-04T10:23:05.4290619Z   packages-dir: /home/runner/work/mail-deduplicate/mail-deduplicate
2023-05-04T10:23:05.4290908Z   user: __token__
2023-05-04T10:23:05.4291165Z   repository_url: https://upload.pypi.org/legacy/
2023-05-04T10:23:05.4291431Z   packages_dir: dist
2023-05-04T10:23:05.4291653Z   verify_metadata: true
2023-05-04T10:23:05.4291859Z   skip_existing: false
2023-05-04T10:23:05.4292069Z   verbose: false
2023-05-04T10:23:05.4292274Z   print_hash: false
2023-05-04T10:23:05.4292462Z ##[endgroup]
2023-05-04T10:23:05.4549470Z ##[command]/usr/bin/docker run --name ed866e85ca8b0c42a84a0aa2284859693d6a22_8005b6 --label ed866e --workdir /github/workspace --rm -e "INPUT_PACKAGES-DIR" -e "INPUT_USER" -e "INPUT_PASSWORD" -e "INPUT_REPOSITORY-URL" -e "INPUT_REPOSITORY_URL" -e "INPUT_PACKAGES_DIR" -e "INPUT_VERIFY-METADATA" -e "INPUT_VERIFY_METADATA" -e "INPUT_SKIP-EXISTING" -e "INPUT_SKIP_EXISTING" -e "INPUT_VERBOSE" -e "INPUT_PRINT-HASH" -e "INPUT_PRINT_HASH" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e "ACTIONS_ID_TOKEN_REQUEST_URL" -e "ACTIONS_ID_TOKEN_REQUEST_TOKEN" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/mail-deduplicate/mail-deduplicate":"/github/workspace" ed866e:85ca8b0c42a84a0aa2284859693d6a22  "__token__" "" "" "/home/runner/work/mail-deduplicate/mail-deduplicate" "" "" "false" ""
2023-05-04T10:23:05.9204477Z ##[notice]Attempting to perform trusted publishing exchange to retrieve a temporary short-lived API token for authentication against https://upload.pypi.org/legacy/ due to __token__ username with no supplied password field
2023-05-04T10:23:06.7818733Z ##[error]Trusted publishing exchange failure: 
2023-05-04T10:23:06.7820182Z Token request failed: the server refused the request for the following reasons:
2023-05-04T10:23:06.7909041Z 
2023-05-04T10:23:06.7909646Z * `invalid-publisher`: valid token, but no corresponding publisher
2023-05-04T10:23:06.7909902Z 
2023-05-04T10:23:06.9498873Z Evaluate and set environment url
2023-05-04T10:23:06.9503492Z Evaluated environment url: https://pypi.org/p/mail-deduplicate

For other info, see:

• https://docs.pypi.org/trusted-publishers/adding-a-publisher/
• https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/