Add nudge message with magic link to create new Trusted Publisher

[facutuesca]

This adds a nudge message for the user with a link to create a Trusted Publisher for the project being uploaded. The link is a "magic link", containing URL parameters that will pre-fill most of the Trusted Publisher form fields.

This was originally discussed in https://github.com/pypi/warehouse/issues/13661, and currently under review in https://github.com/pypi/warehouse/pull/16399.

The nudge message will only be displayed when not using Trusted Publishing, and if the index is either PyPI or TestPyPI. It looks like this:

Warning:  A new Trusted Publisher for the currently running publishing workflow can be created by accessing the following link(s) while logged-in as a maintainer of the package(s):
- https://test.pypi.org/manage/project/my-project/settings/publishing/?provider=github&owner=my_username&repository=my_project&workflow_filename=release.yml

The message is also added to the job's summary, where it's rendered as Markdown and the links are clickable.

A small Python utility script was added in order to parse the package name(s) from the distribution files.

This is ready for review, but it's a draft PR since it shouldn't be merged until PyPI's side is merged: https://github.com/pypi/warehouse/pull/16399

cc @woodruffw @webknjaz