Update github action workflows to use commit sha and set persist-credentials=false

[gopidesupavan]

It is good practice to use commit sha for the github actions, not everything trustable with direct version specifier :)

Also its better not to persist any creds in checkout , otherwise all the jobs and underlaying software have acceess to git config.

Important Read

• Please ensure the GitHub issue is mentioned at the beginning of the PR

What is the purpose of the pull request

(For example: This pull request implements the sync for delta format.)

Brief change log

(for example:)

• Fixed JSON parsing error when persisting state
• Added unit tests for schema evolution

Verify this pull request

(Please pick either of the following options)

This pull request is a trivial rework / code cleanup without any test coverage.

(or)

This pull request is already covered by existing tests, such as (please describe tests).

(or)

This change added tests and can be verified as follows:

(example:)

• Added integration tests for end-to-end.
• Added TestConversionController to verify the change.
• Manually verified the change by running a job locally.