Merge pull request #152 from cds-snc/repo-sync/site-reliability-engin… #4

	name: Scorecards supply-chain security
	on:
	workflow_dispatch:
	schedule:
	# Weekly on Saturdays.
	- cron: "30 1 * * 6"
	push:
	branches:
	- main

	permissions: read-all

	jobs:
	analysis:
	name: Scorecards analysis
	runs-on: ubuntu-latest
	permissions:
	actions: read
	contents: read

	steps:
	- name: "Checkout code"
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
	with:
	persist-credentials: false

	- name: "Run analysis"
	uses: ossf/scorecard-action@bfa3f0d2c52a31cf9f6bc003e1f15e8b99640aec
	with:
	results_file: ossf-results.json
	results_format: json
	publish_results: false

	- name: "Add metadata"
	run: \|
	full_repo="${{ github.repository }}"
	OWNER=${full_repo%/*}
	REPO=${full_repo#*/}
	jq -c '. + {"metadata_owner": "'$OWNER'", "metadata_repo": "'$REPO'", "metadata_query": "ossf"}' ossf-results.json > ossf-results-modified.json

	- name: "Post results to Sentinel"
	uses: cds-snc/sentinel-forward-data-action@main
	with:
	file_name: ossf-results-modified.json
	log_type: GitHubMetadata_OSSF_Scorecard
	log_analytics_workspace_id: ${{ secrets.LOG_ANALYTICS_WORKSPACE_ID }}
	log_analytics_workspace_key: ${{ secrets.LOG_ANALYTICS_WORKSPACE_KEY }}

Provide feedback