ci: Add ansys/actions/check-actions-security action and related fixes

[ecoussoux-ansys]

This PR introduces the ansys/actions/check-actions-security action in the workflow file .github/workflows/cicd.yml and consequently in the CI of the ansys-tools-common.

This action is using zizmor to perform an audit of the workflows defined in the .github/workflows folder.
The PR addresses the findings surfaced by the zizmor audit on the workflow files (performed locally), resulting in the following changes:

• All actions (both from ansys/actions as well as external ones) used in workflow files are now pinned with a commit SHA,
• The argument persist-credentials: false is now systematically used with the action actions/checkout,
• Template expansions (${{ ... }}) are removed from plain run steps inside jobs. Inputs and relevant context variables are expanded in the env block instead,
• permissions are now defined on a job by job basis, while none are granted at the workflow level. Jobs that do not use secrets are not granted any specific permission,
• Names are provided for anonymous jobs,
• Container image used in run_mapdl_tests.yml is pinned to its SHA256 hash (found here),
• The option cache: 'pip' is removed when using actions/setup-python to prevent cache-poisoning vulnerability.

Lastly, the latest release v10.1.4 of ansys/actions is used here.

Close #40.

[RobPasMue]

LGTM!

[RobPasMue]

Thank you @ecoussoux-ansys for this PR! I mostly provided contents: read permissions for all stages on the main CI/CD, solved the code styling issues and changed the docs deps to make it work. I did most of my commits from the web - hence the amount of them. But my changes were all very simple.