chore(ci): switch Scorecard action to common reusable one (#481)

Author: scop

.github/workflows/scorecard.yml

@@ -7,30 +7,15 @@ on:
     branches:
       - main
 
-permissions:
-  contents: read
+permissions: {}
 
 jobs:
-  analysis:
-    name: Scorecard analysis
-    runs-on: ubuntu-latest
+  scorecard:
+    name: Scorecard
     permissions:
+      contents: read
       id-token: write
       security-events: write
-    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-      - uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
-        with:
-          results_file: results.sarif
-          results_format: sarif
-          publish_results: true
-      - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
-        with:
-          name: SARIF file
-          path: results.sarif
-          retention-days: 7
-      - uses: github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
-        with:
-          sarif_file: results.sarif
+    uses: UpCloudLtd/workflows/.github/workflows/openssf-scorecard.yaml@main
+    with:
+      publish-results: true