ci: maintainer_check: Use zephyrbot token

This commit updates the maintainer check workflow to use the zephyrbot "PR
assigner" token with `org:read` permission because the default workflow
token is not able to retrieve organisation-level user membership
information.

Note that the workflow trigger condition is changed from `pull_request` to
`pull_request_target` because non-workflow secrets may not be accessed from
`pull_request` trigger for security reasons.

Signed-off-by: Stephanos Ioannidis <root@stephanos.io>

Author: stephanosio

.github/workflows/maintainer_check.yml

@@ -1,7 +1,7 @@
 name: Maintainer file check
 
 on:
-  pull_request:
+  pull_request_target:
     branches:
       - main
     paths:
@@ -37,7 +37,7 @@ jobs:
 
       - name: Check maintainer file changes
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.ZB_PR_ASSIGNER_GITHUB_TOKEN }}
         run: |
           python  ./scripts/ci/check_maintainer_changes.py  \
             --repo zephyrproject-rtos/zephyr mainline_MAINTAINERS.yml MAINTAINERS.yml