Support OpenToFu checks on pull request created from forks #27
Description
Scope
Since #21, it is possible to run OpenToFu checks on pull request.
But those created from forked repositories will fail early because the secrets required to access the state and other providers API's are only available from the upstream repository.
Today, the only option to run those check is to ask a maintainer push the branch from the fork in this repository and verify the action logs.
It seems challenging to allow anyone to run any OpenToFu check w/o making the state public (w/o or w/ useless encryption)!
Maybe with some tokens allowing read-only access and a single secret to share allowing contributor the decrypt the state on case basis...
Value
A contributor with read-only permissions (anyone in fact) would be able to verify her/his/them changes with a closer feedback loop.
Requirements
Pull request from forks should trigger some relevant OpenToFu checks with minimal involvement from the maintainers.