From dea8898c9dbfefde038c1648580efd25f974126f Mon Sep 17 00:00:00 2001
From: Darius Jahandarie <djahandarie@gmail.com>
Date: Sun, 20 Aug 2023 11:21:42 +0900
Subject: Use a fine-grained PAT in scorecard.yml

For additional checks in the scorecard, such as branch protection checks.
---
 .github/workflows/scorecard.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to '.github')

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 21927f18..cb9db177 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -16,6 +16,7 @@ permissions: read-all
 jobs:
   analysis:
     name: Scorecard analysis
+    environment: scorecard
     runs-on: ubuntu-latest
     permissions:
       # Needed to upload the results to code-scanning dashboard.
@@ -41,7 +42,7 @@ jobs:
           # - you want to enable the Branch-Protection check on a *public* repository, or
           # - you are installing Scorecard on a *private* repository
           # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
-          # repo_token: ${{ secrets.SCORECARD_TOKEN }}
+          repo_token: ${{ secrets.SCORECARD_TOKEN }}
 
           # Public repositories:
           #   - Publish results to OpenSSF REST API for easy access by consumers
-- 
cgit v1.2.3