Use shared workflow for PyPI-publish action

[timmc-edx]

The cookiecutter currently has a PyPI publish action that should be moved to the openedx/.github repo's shared workflows.

Acceptance criteria:

• Make a version of https://github.com/openedx/edx-cookiecutters/blob/master/python-template/%7B%7Bcookiecutter.placeholder_repo_name%7D%7D/.github/workflows/pypi-publish.yml in https://github.com/openedx/.github
  • Ensure it pins the version of pypa/gh-action-pypi-publish to a specific release or commit; currently we're using master, which the action is warning about (and is a bad idea in general for both security and reliability).
  • Update https://github.com/openedx/.github/blob/master/workflow-templates/pypi-publish.yml to use the shared workflow file too
• Change the cookiecutter to use the new shared workflow (using the master version, since it's under our control)
• Optionally: Update existing workflow files in other repos to match