From f42bedb737b28539c03bea40cd3f98c05bda813f Mon Sep 17 00:00:00 2001
From: Spencer Schrock <sschrock@google.com>
Date: Tue, 25 Oct 2022 08:48:03 -0700
Subject: [PATCH 1/2] Use root distroless to support GitHub Actions

Signed-off-by: Spencer Schrock <sschrock@google.com>
---
 Dockerfile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 40ae7f78..e579910b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -35,6 +35,7 @@ ARG TARGETOS
 ARG TARGETARCH
 RUN CGO_ENABLED=0 make build
 
-FROM gcr.io/distroless/base:nonroot@sha256:99133cb0878bb1f84d1753957c6fd4b84f006f2798535de22ebf7ba170bbf434
+# Need root for GitHub Actions support
+FROM gcr.io/distroless/base@sha256:122585ba4c098993df9f8dc7285433e8a19974de32528ee3a4b07308808c84ce
 COPY --from=build /src/scorecard-action /
 ENTRYPOINT [ "/scorecard-action" ]

From dc9159f050bf6aa55ffd77f0d3d22b67444933ce Mon Sep 17 00:00:00 2001
From: Spencer Schrock <sschrock@google.com>
Date: Tue, 25 Oct 2022 08:56:36 -0700
Subject: [PATCH 2/2] Add template policy file back. TODO determine if we
 should replace this with a different template

Signed-off-by: Spencer Schrock <sschrock@google.com>
---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index e579910b..537ff525 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -38,4 +38,5 @@ RUN CGO_ENABLED=0 make build
 # Need root for GitHub Actions support
 FROM gcr.io/distroless/base@sha256:122585ba4c098993df9f8dc7285433e8a19974de32528ee3a4b07308808c84ce
 COPY --from=build /src/scorecard-action /
+COPY policies/template.yml /policy.yml
 ENTRYPOINT [ "/scorecard-action" ]