Use dd-octo-sts. (#3908)

Author: jack-edmonds-dd

.github/workflows/test.yml

@@ -54,19 +54,18 @@ jobs:
     needs:
       - test
       - examples
+    permissions:
+      id-token: write
     steps:
-      - name: Get GitHub App token
-        if: github.event_name == 'pull_request'
-        id: get_token
-        uses: actions/create-github-app-token@v1
+      - uses: DataDog/dd-octo-sts-action@96a25462dbcb10ebf0bfd6e2ccc917d2ab235b9a # v1.0.4
+        id: octo-sts
         with:
-          app-id: ${{ secrets.PIPELINE_GITHUB_APP_ID }}
-          private-key: ${{ secrets.PIPELINE_GITHUB_APP_PRIVATE_KEY }}
-          repositories: datadog-api-spec
+          scope: DataDog/datadog-api-spec
+          policy: datadog-api-client-go.github.post-status-check.pr
       - name: Post status check
         uses: DataDog/github-actions/post-status-check@v2
         with:
-          github-token: ${{ steps.get_token.outputs.token }}
+          github-token: ${{ steps.octo-sts.outputs.token }}
           repo: datadog-api-spec
           status: ${{ (needs.test.result == 'cancelled' || needs.examples.result == 'cancelled') && 'pending' || (needs.test.result == 'success' && needs.examples.result == 'success') && 'success' || 'failure' }}
           context: master/unit