fine-grain App permissions & use GitHub native action for generating tokens

[Ebonsignori]

👋 Hi there,

I did not test this yet, but I think this action only requires the Deployments & Environments write permissions which is not specified in your README

Additionally,

For certain operations (like deleting an environment), your GitHub Action will need additional permissions that your github.token simply doesn't have.

May be outdated with the introduction of fine-grained PATs which have access to Deployments & Environments: Read & Write

Finally, I updated the token generation step to use the native GitHub https://github.com/actions/create-github-app-token which might be more reliable & up to date than navikt. In my projects I feel it's safer to use :latest when working with native GitHub actions, but that level of trust is up to you