From 508dd2de40b2fb092ad041ab7ae89a3c7bb53307 Mon Sep 17 00:00:00 2001
From: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com>
Date: Wed, 5 Jun 2024 18:26:03 -0400
Subject: [PATCH] ci: update security-scanner token

replacing the `ELEVATED_GITHUB_TOKEN` with `HASHIBOT_PRODSEC_GITHUB_TOKEN`
---
 .github/workflows/security-scan.yml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
index 427e11ca..c38fe69b 100644
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -40,8 +40,7 @@ jobs:
         uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
         with:
           repository: hashicorp/security-scanner
-          #TODO: replace w/ HASHIBOT_PRODSEC_GITHUB_TOKEN once provisioned
-          token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
+          token: ${{ secrets.HASHIBOT_PRODSEC_GITHUB_TOKEN }}
           path: security-scanner
           ref: main
 
@@ -60,4 +59,4 @@ jobs:
       - name: Upload SARIF file
         uses: github/codeql-action/upload-sarif@c4fb451437765abf5018c6fbf22cce1a7da1e5cc # codeql-bundle-v2.17.1
         with:
-          sarif_file: results.sarif
\ No newline at end of file
+          sarif_file: results.sarif