Merge pull request #500 from buildkite-plugins/SUP-4199

chore: add ossf plugin

Author: scadu

.buildkite/pipeline.yml

@@ -27,6 +27,15 @@ steps:
         tty: true
         command: ["bats", "tests", "tests/v1"]
 
+  - label: "Security Scan"
+    key: security_scan
+    plugins:
+      - secrets#v1.0.0:
+          variables:
+            GITHUB_TOKEN: GITHUB_TOKEN
+      - ossf-scorecard#v1.0.0:
+          github_token: $$GITHUB_TOKEN
+
   # The rest of the steps are integration tests
 
   - label: run, with links that fail

commands/push.sh

@@ -33,6 +33,7 @@ if [ "$(plugin_read_config QUIET_PULL "false")" == "true" ] ; then
 fi
 
 if plugin_read_list_into_result BUILDKITE_PLUGIN_DOCKER_COMPOSE_BUILD; then
+  # shellcheck disable=SC2154
   build_services=("${result[@]}")
 fi