security: use datadog-ci CLI installer and pin version

Author: daniel-mohedano

.github/workflows/analyze-changes.yaml

@@ -107,11 +107,12 @@ jobs:
         with:
           sarif_file: 'trivy-results.sarif'
 
+      - name: Install datadog-ci
+        uses: DataDog/install-datadog-ci-github-action@6d7f0c7c5402a4b1912055b76970ca76bef71fe5 # v1.0.4
+        with:
+          version: v5.16.1
       - name: Upload results to Datadog CI Static Analysis
-        run: |
-          wget --no-verbose https://github.com/DataDog/datadog-ci/releases/latest/download/datadog-ci_linux-x64 -O datadog-ci
-          chmod +x datadog-ci
-          ./datadog-ci sarif upload trivy-results.sarif --service dd-trace-java --env ci
+        run: datadog-ci sarif upload trivy-results.sarif --service dd-trace-java --env ci
         env:
           DD_API_KEY: ${{ secrets.DATADOG_API_KEY_PROD }}
           DD_SITE: datadoghq.com