Account for forking workflows in our actions and documentation #262
Description
Jira: https://asfdaac.atlassian.net/browse/TOOL-3494
Note: The above link is accessible only to members of ASF.
ASFHyP3 is getting more and more external contributions from users and org forks, and our actions are not well suited to that right now. I expect this pattern to increase as HyP3 is more broadly used across ESDIS and more teams are involved in HyP3-ish work.
For example, only the changelog check works in this hyp3 PR: ASFHyP3/hyp3#2597
The static analysis check is done with an on: push event only, so is run in the fork context and doesn't show up in the PR; we'd need to add on: pull_request or on: pull_request_target for it to work in a PR from a fork.
We should review how our actions work from personal and organizational forks (they can sometimes act differently), ensure the actions for all the repos in this org are fork-friendly and fork-safe (secrets access), and ensure we document a fork-friendly and fork-safe setup.
Note: We've dealt with this a few times already for individual cases;:
We've hit it enough now that I think it's worth a more holistic/comprehensive effort.