[ci]: update the dependency versions of GitHub Actions workflows

[P-Peaceful]

Related PR

PR: #4088

What's changed?

ASF policy requires all third-party GitHub Actions to be pinned to a commit SHA
and approved via the ASF infrastructure allowlist.

This change aligns the workflow with the approved patterns defined in:
https://github.com/apache/infrastructure-actions

docker/build-push-action:
  d08e5c354a6adb9ed34480a06d141179aa583294:
    tag: v7.0.0
graalvm/setup-graalvm:
  f744c72a42b1995d7b0cbc314bde4bace7ac1fe1:
    tag: v1.5.0
DavidAnson/markdownlint-cli2-action:
  07035fd053f7be764496c0f8d8f9f41f98305101:
    tag: v22.0.0
docker/setup-qemu-action:
  ce360397dd3f832beb865e1373c09c0e9f86d70a:
    tag: v4.0.0
docker/setup-buildx-action:
  4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd:
    tag: v4.0.0
docker/login-action:
  b45d80f862d83dbcd57f89517bcf500b2ab88fb2:
    tag: v4.0.0

Future Work

ASF infrastructure is introducing mechanisms for managing and validating
GitHub Actions versions (e.g., Dependabot integration and allowlist checks):

apache/infrastructure-actions#486

After this PR is merged, we can consider aligning with the ASF-recommended
approach by:

• Enabling Dependabot for GitHub Actions updates
• Adding pre-check validation to ensure action SHAs are in the ASF allowlist

This PR focuses only on bringing the current workflows into compliance.

Checklist

• I have read the Contributing Guide
• I have written the necessary doc or comment.
• I have added the necessary unit tests and all cases have passed.

Add or update API

• I have added the necessary e2e tests and all cases have passed.

[yuluo-yx]

LGTM