ci: use github secrets for GH token (#3678)

.github/workflows/pre-post-release.yml

@@ -55,24 +55,16 @@ jobs:
       - validate-tag
     permissions:
       contents: write
+    env:
+      GITHUB_TOKEN: ${{ secrets.RELEASE_GITHUB_TOKEN }}
     steps:
-      - uses: elastic/apm-pipeline-library/.github/actions/github-token@current
-        with:
-          url: ${{ secrets.VAULT_ADDR }}
-          roleId: ${{ secrets.VAULT_ROLE_ID }}
-          secretId: ${{ secrets.VAULT_SECRET_ID }}
-
-      - uses: elastic/apm-pipeline-library/.github/actions/setup-git@current
-        with:
-          username: ${{ env.GIT_USER }}
-          email: ${{ env.GIT_EMAIL }}
-          token: ${{ env.GITHUB_TOKEN }}
-
       - uses: actions/checkout@v4
         with:
           ref: ${{ inputs.ref }}
           token: ${{ env.GITHUB_TOKEN }}
 
+      - uses: elastic/oblt-actions/git/setup@v1
+
       - name: Create the release tag (post phase)
         if: inputs.phase == 'post'
         run: |

.github/workflows/release-step-3.yml

@@ -223,21 +223,16 @@ jobs:
       - post-release
     permissions:
       contents: write
+    env:
+      GITHUB_TOKEN: ${{ secrets.RELEASE_GITHUB_TOKEN }}
     steps:
-      - uses: elastic/apm-pipeline-library/.github/actions/github-token@current
-        with:
-          url: ${{ secrets.VAULT_ADDR }}
-          roleId: ${{ secrets.VAULT_ROLE_ID }}
-          secretId: ${{ secrets.VAULT_SECRET_ID }}
-      - uses: elastic/apm-pipeline-library/.github/actions/setup-git@current
-        with:
-          username: ${{ env.GIT_USER }}
-          email: ${{ env.GIT_EMAIL }}
-          token: ${{ env.GITHUB_TOKEN }}
       - uses: actions/checkout@v4
         with:
           ref: ${{ inputs.ref }}
           token: ${{ env.GITHUB_TOKEN }}
+
+      - uses: elastic/oblt-actions/git/setup@v1
+
       - name: Update major branch
         if: ${{ ! inputs.dry_run }}
         run: .ci/release/update-major-branch.sh ${{ env.RELEASE_VERSION }}