GH action to update dependabot updates should run under `serverless-qe`

[dsimansk]

Currently, we push into dependabot's PRs with default action's GITHUB_TOKEN. Default behavior of gh actions is to prevent any triggers on GH actions checks, if such token creates or push and update to PR.

We should probably use serverless-qe account to perform PR updates into dependabot's PRs.

E.g. happened here:
openshift-knative/net-istio#226

More on:
https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#triggering-further-workflow-runs

/cc @creydr @pierDipi

[pierDipi]

I don't know if that token is available in the context of PRs, if it is, it might be a security concern because it would give anyone that can open PRs access to it (as I can change the workflow in the PR itself)