ci: remove environment from release job to fix OIDC trust policy mismatch

[SamuelSSalazar]

By submitting a PR to this repository, I agree to the terms within the Auth0 Code of Conduct.

Description

Removed environment: release from the release workflow. All secrets used in this workflow are defined at the org level, no secrets are scoped to the environment.

Why?

The release workflow is failing with Not authorized to perform sts:AssumeRoleWithWebIdentity.

When a GitHub Actions job specifies an environment, the OIDC token's sub claim changes from repo:auth0/node-wsfed:ref:refs/heads/master to repo:auth0/node-wsfed:environment:release. The IAM trust policy was configured with the ref-based claim, causing the mismatch.

"The subject claim includes the environment name when the job references an environment."
-- https://docs.github.com/en/actions/reference/security/oidc#filtering-for-a-specific-environment

Checklist

• I have added documentation for new/changed functionality in this PR or in auth0.com/docs
• All active GitHub checks for tests, formatting, and security are passing
• The correct base branch is being used, if not the default branch

[github-actions]

🎉 This PR is included in version 7.0.2 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀