Enforce PR labels: use pull_request_target trigger to work with PRs coming from forks

[priethor]

Follow-up to #52980 and #52980

What?

The action that enforces PR labels set in #52980 doesn't work properly with PRs coming from forks. This PR changes the action trigger to fix this issue and work with all PRs.

Why?

When using the pull_requestevent, ${{ secrets.GITHUB_TOKEN }} is not given write permissions.

How?

By using the pull_request_target event instead:

In order to solve this, we’ve added a new pull_request_target event, which behaves in an almost identical way to the pull_request event with the same set of filters and payload. However, instead of running against the workflow and code from the merge commit, the event runs against the workflow and code from the base of the pull request. This means the workflow is running from a trusted source and is given access to a read/write token as well as secrets enabling the maintainer to safely comment on or label a pull request.

Testing Instructions

Once merged, change a label or update a PR that is coming from a fork and check the Enforce PR labels action is passing.

[github-actions]

Flaky tests detected in 85d5f73.
Some tests passed with failed attempts. The failures may not be related to this commit but are still reported for visibility. See the documentation for more information.

🔍 Workflow run URL: https://github.com/WordPress/gutenberg/actions/runs/5670328814
📝 Reported issues:

• [Flaky Test] fade animation #52347 in /test/e2e/specs/editor/blocks/image.spec.js
• [Flaky Test] should close and focus appropriately using escape key #52478 in /test/e2e/specs/editor/blocks/image.spec.js
• [Flaky Test] zoom animation #52381 in /test/e2e/specs/editor/blocks/image.spec.js