Previously, the action repository was being cloned from the remote
twice, unnecessarily. This patch eliminates this step and
uses the copy that was checked out on job start.
The generated trampoline action is still copied into the allowlisted
working directory so it can be referenced by the relative path
starting with `./`.
It is now output under
`./.github/.tmp/.generated-actions/run-pypi-publish-in-docker-container`
which mutates the end-user's workspace slightly but uses a path that
is unlikely to clash with somebody else's use.
Unfortunately, we cannot use randomized paths because the composite
action syntax does not allow accessing variables in `uses:`.
Fixes#292.
Sviatoslav Sydorenko
Brendon Smith
pre-commit-ci[bot]