chore: improve defense in depth of integ test workflow

[mrgrain]

Improves the security posture of the integration test workflow by deferring OIDC credential acquisition until just before tests run, rather than at the start of the job. This is defense in depth — while the workflow's ambient identity is trusted and any step could assume the OIDC role, delaying credential materialization reduces the window where credentials are easily accessible to earlier setup steps (git identity, verdaccio, version resolution).

Additionally upgrades GitHub Actions to their latest major versions (checkout@v6, setup-node@v6, configure-aws-credentials@v6, setup-java@v5) and switches artifact downloads from name-based to artifact-id-based resolution for more precise artifact targeting.

Checklist

• This change contains a major version upgrade for a dependency and I confirm all breaking changes are addressed
  • Release notes for the new version:
    • actions/checkout@v6: https://github.com/actions/checkout/releases/tag/v6.0.0
    • actions/setup-node@v6: https://github.com/actions/setup-node/releases/tag/v6.0.0
    • aws-actions/configure-aws-credentials@v6: https://github.com/aws-actions/configure-aws-credentials/releases/tag/v6.0.0
    • actions/setup-java@v5: https://github.com/actions/setup-java/releases/tag/v5.0.0

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 88.18%. Comparing base (b362949) to head (5ff2b91).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1558      +/-   ##
==========================================
+ Coverage   88.16%   88.18%   +0.01%     
==========================================
  Files          76       76              
  Lines       10841    10841              
  Branches     1494     1493       -1     
==========================================
+ Hits         9558     9560       +2     
+ Misses       1255     1253       -2     
  Partials       28       28              

Flag	Coverage Δ
suite.unit	88.18% <ø> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[mrgrain]

Already disabled for yarn by default, just making this explicit.