Add CI step to verify Python package installability prior to PyPI publish

[msardara]

Problem

Currently, our CI pipeline publishes Python packages to PyPI without verifying that the built artifacts are actually installable in a clean environment.

This is particularly risky in our workspace/monorepo setup. During local development, a package may successfully resolve a dependency because it points to a local workspace path. However, once published, if that dependency is not available on PyPI (or if the versioning is incorrect), the package becomes unusable for end-users.

Proposed Solution

We need to introduce a pre-publish check in our CI pipeline. This check should:

Build the package (sdist and/or wheel).

Create an isolated environment (e.g., a fresh virtualenv or container).

Attempt to install the generated artifact.

If the installation fails due to missing dependencies or version conflicts, the CI pipeline should fail, preventing a broken release.

Context

We already utilize a similar mechanism for our Rust crates using release-plz.

This ensures we catch "workspace dependency" issues before the pubblication of the crates.

Acceptance Criteria

• A new CI job/step is added that runs on PRs or pre-publish.

• The job builds the Python package and attempts pip install on the artifact.

• The job fails if dependencies cannot be resolved from public indices.

[hackeramitkumar]

assign this to me