issues
search
cloudposse
/
.github
Organization GitHub Workflows & Community Files
Apache License 2.0
6
stars
7
forks
source link
feat: add scorecard
#118
Closed
nitrocode
closed
2 months ago
nitrocode
commented
2 months ago
what
add scorecard github action
why
publish results on openssf website
able to showcase scores using a badge
references
https://securityscorecards.dev/#how-it-works
example of an existing project
https://scorecard.dev/viewer/?uri=github.com/ossf/scorecard-action
example for tested internal project
https://scorecard.dev/viewer/?uri=github.com/cloudposse/terraform-module-test
main repo
https://github.com/ossf/scorecard
action
https://github.com/ossf/scorecard-action
borrowed from
https://github.com/renovatebot/renovate/blob/9b64288861fcebfcce7a4938307dec52c04ec54f/.github/workflows/scorecard.yml#L2
Tested in
https://github.com/cloudposse/terraform-module-test/pull/117
what
why
references