CI -Separate out workflows for building pypi packages per test and release use cases

[soapy1]

Context

PR's coming from forks of users with improper github access have the "Builds and maybe upload PyPI package" workflow failing. For example:

• https://github.com/conda-incubator/conda-store/pull/980
• https://github.com/conda-incubator/conda-store/pull/981

The error produced is:

Error: Failed to get ID token: Error message: Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable

However, the workflow already has the required permissions set.

Description

This PR proposes separating out the 2 use cases for building pypi packages. These are

1. building pypi packages for every pr to test the pr
2. building pypi packages for a release to be uploaded to pypi (requires attestation)

Now, there are the worflows:

• build_pypi_package
  • just builds and inspects the pypi package
  • runs on every pr
• release
  • builds, inspects, attest, upload pypi package
  • only runs on releases

Refs: https://docs.github.com/en/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#configuring-required-approval-for-workflows-from-public-forks https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository

[netlify[bot]]

✅ Deploy Preview for conda-store canceled.

Name	Link
🔨 Latest commit	a3a24d60f6aea219361a8b5a45c8f56d44d506f5
🔍 Latest deploy log	https://app.netlify.com/sites/conda-store/deploys/6736773d87da7c00083e1c00