github: run workflows for dependabot

[Gandem]

What does this PR do?

Currently, we receive two successive actions when dependabot opens a PR, first an opened event, then a labeled event. the second event cancels the first workflow, however, we don't re-run tests when a PR is labeled except if the label is publish-dev-test. this fixes the issue by removing the cancel for all labels except publish-dev-test.

Peer investigated with @nsavoire, 🙇

Motivation

Run tests for PRs opened by dependabot!

Additional Notes

N/A

How to test the change?

N/A

[Gandem]

/merge

[dd-devflow]

🚂 MergeQueue: waiting for PR to be ready

This merge request is not mergeable yet, because of pending checks/missing approvals. It will be added to the queue as soon as checks pass and/or get approvals.
Note: if you pushed new commits since the last approval, you may need additional approval.
You can remove it from the waiting list with /remove command.

Use /merge -c to cancel this operation!

[Gandem]

/remove

[dd-devflow]

🚂 Devflow: /remove

[dd-devflow]

⚠️ MergeQueue: This merge request was unqueued

This merge request was unqueued

If you need support, contact us on Slack #devflow!

[datadog-datadog-prod-us1]

🟠 Code Vulnerability

No explicit permissions set for at the workflow level (...read more)

Datadog’s GitHub organization defines default permissions for the GITHUB_TOKEN to be restricted (contents:read, metadata:read, and packages:read).

Your repository may require a different setup, so consider defining permissions for each job following the least privilege principle to restrict the impact of a possible compromise.

You can find the list of all possible permissions in Workflow syntax for GitHub Actions - GitHub Docs. They can be defined at the job or the workflow level.