Merge pull request #1808 from authzed/add-dependabot-to-update-actions

adds dependabot configuration to update GitHub Actions

.github/dependabot.yml

@@ -13,3 +13,7 @@ updates:
       interval: "monthly"
     labels:
       - "area/dependencies"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"

.github/workflows/security.yaml

@@ -10,8 +10,10 @@ on:  # yamllint disable-line rule:truthy
   merge_group:
     types:
       - "checks_requested"
+env:
+  DOCKERHUB_PUBLIC_ACCESS_TOKEN: "dckr_pat_8AEETZWxu8f7FvJUk9NrpyX_ZEQ"
+  DOCKERHUB_PUBLIC_USER: "spicedbgithubactions"
 jobs:
-
   codeql:
     name: "CodeQL Analyze"
     if: "${{ github.event_name == 'pull_request' }}" # workaround to https://github.com/github/codeql-action/issues/1537
@@ -41,6 +43,10 @@ jobs:
     steps:
       - uses: "actions/checkout@v3"
       - uses: "authzed/actions/setup-go@main"
+      - uses: "docker/login-action@v3"
+        with:
+          username: "${{ env.DOCKERHUB_PUBLIC_USER }}"
+          password: "${{ env.DOCKERHUB_PUBLIC_ACCESS_TOKEN }}"
       - uses: "aquasecurity/trivy-action@master"
         with:
           scan-type: "fs"