feat: auto-generate action workflow

[cameronmeissner]

What type of PR is this?

What this PR does / why we need it:

Which issue(s) this PR fixes:

Fixes #

Requirements:

• uses conventional commit messages
• includes documentation
• adds unit tests
• tested upgrade from previous version

Special notes for your reviewer:

Release note:

none

[coveralls]

Pull Request Test Coverage Report for Build 11060596658

Details

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at 71.271%

---

Totals
Change from base Build 11059853467:	0.0%
Covered Lines:	2590
Relevant Lines:	3634

---

💛 - Coveralls

[cameronmeissner]

from further reading it seems that we can't utilize the GITHUB_TOKEN secret to make the auto-generated commit to the PR branch - that's due to the fact that commits made using GITHUB_TOKEN will not trigger CI jobs which would otherwise be triggered when the commit is made by a human author, which in our case would mostly likely cause problems since many of our CI workflows are considered required in all cases: https://github.com/orgs/community/discussions/25702#discussioncomment-3248819

to get around that limitation, we'd need to utilize a personal access token instead, which in and of itself brings it own challenges - at this point I'm not sure if we'd be able to use fine-grained access tokens or if we'd be forced to use classic access tokens. in either case, manually managing PATs is a cumbersome process and isn't really blessed by our current security posture.

further, my understanding is that in order for the workflow to be secure with respect to PRs potentially coming in from forks, we'd need to explicitly only allow it to be executed when being executed from this repository. in other words, the repo owner must be Azure: https://github.com/orgs/community/discussions/26409