Fix: correct CI on forked repositories

[MarceloRobert]

Description

Currently, our CI runs integration tests that require connection to the database and consequently require credentials for it. However, we don't have control over forks of the repository, so any PR coming from forks won't have access to the credentials, and will fail the CI. Not only that, but we also currently require an approval for the CI to run on PRs coming from forks at any time.

This PR proposes to:

1. Separate integration tests from linting, formatting and unit tests
   This is made so that we won't require secrets for linting, formatting and unit tests
2. Allow the CI to run on PRs from forks, except for the environments.
   Having the CI run right when a person makes a PR allows them to see lint/formatting problems right away, while the jobs that use secrets can still require approval
3. Separate deploy-staging job into a specific environment as well, following the environment-based secrets

Required changes:

• Move secrets from the base repository to the according environment
• Configure environments to require approval to run
• Allow base CI to run on PRs from forked repositories without approval

Changes

• Adds a pytest mark to identify unit tests versus integration tests
• Splits the integration tests from the linting, formatting and unit tests.
• Places the integration tests and deploy-staging into separate environments, such that those specific jobs can require approval while the rest won't need them (requires change on the repository settings)

Closes #1181

[MarceloRobert]

As discussed in today's demo, we will make some changes in the CI so that we don't even have the need to use the secrets. We will still split the unit/integration tests, but I'd rather close this PR and create another one (#1404).

Since this PR will be closed, we won't need the environments anymore, so @nuclearcat or @padovan (whoever has permission in the repository) you can go ahead and delete them (the django-integration-tests and dev-staging)