Is your feature request related to a problem?

No visibilty of supply chain security in our GitHub Actions

Related OSPO Tool

automatic-contrib-prs GitHub Action, cleanowners GitHub Action, contributors GitHub Action, evergreen GitHub Action, issues-metrics GitHub Action, stale-repos GitHub Action

Describe the solution you'd like

Summary

Add the OSSF Scorecard GitHub Action so we can have automated supply chain security detection. Allows us to add badge to README to show users we are using open source security tooling.

Corresponding Work

Add Tasks that ladder up to this batch

• Add OSSF Scorecard GitHub Action automatic-contrib-prs#52
  • PR coming soon
• Add OSSF Scorecard GitHub Action cleanowners#49
  • PR coming soon
• Add OSSF Scorecard GitHub Action contributors#88
  • PR coming soon
• Add OSSF Scorecard GitHub Action evergreen#90
  • PR coming soon
• Add OSSF Scorecard GitHub Action issue-metrics#232
  • PR coming soon
• Add OSSF Scorecard GitHub Action stale-repos#115
  • chore: add OSSF scorecard github action and README badge stale-repos#130

Dependencies

OSSF Scorecard GitHub Action

Supporting Documentation

OSSF Scorecard GitHub Action

Describe alternatives you've considered

No response

Additional context

No response