Fix host cleanup, volume allowlist, cache upload, and action host edge cases (#970)

## Summary
- prevent host-mode execution from deleting caller-owned workdirs
- harden `valid_volumes` checks against `..` and symlink escapes
- return immediately after artifact cache upload write failures
- default implicit remote action clone hosts to `GitHubInstance`/`github.com`

Authored with assistance from OpenAI Codex GPT-5.

---------

Co-authored-by: silverwind <me@silverwind.io>
Reviewed-on: https://gitea.com/gitea/runner/pulls/970
Reviewed-by: silverwind <2021+silverwind@noreply.gitea.com>

act/container/host_environment.go

@@ -37,13 +37,13 @@ type HostEnvironment struct {
 	TmpDir    string
 	ToolCache string
 	Workdir   string
-	// BindWorkdir is true when the app runner mounts the workspace on the host and
-	// deletes the task directory after the job; host teardown must not remove Workdir.
-	BindWorkdir bool
-	ActPath     string
-	CleanUp     func()
-	StdOut      io.Writer
-	AllocatePTY bool // allocate a pseudo-TTY for each step's process
+	// CleanWorkdir means teardown owns Workdir and may delete it. Leave false
+	// when Workdir points at a caller-owned checkout (e.g. `act` local mode).
+	CleanWorkdir bool
+	ActPath      string
+	CleanUp      func()
+	StdOut       io.Writer
+	AllocatePTY  bool // allocate a pseudo-TTY for each step's process
 
 	mu          sync.Mutex
 	runningPIDs map[int]struct{}
@@ -483,7 +483,7 @@ func (e *HostEnvironment) Remove() common.Executor {
 			logger.Warnf("failed to remove host misc state %s: %v", e.Path, err)
 			errs = append(errs, err)
 		}
-		if !e.BindWorkdir && e.Workdir != "" {
+		if e.CleanWorkdir {
 			if err := removePathWithRetry(ctx, e.Workdir); err != nil {
 				logger.Warnf("failed to remove host workspace %s: %v", e.Workdir, err)
 				errs = append(errs, err)