[Enhancement] Add OpenSSF Scorecard GitHub Actions workflow to publish security scores

### Search before asking

- [x] I had searched in the [issues](https://github.com/apache/doris/issues?q=is%3Aissue) and found no similar issues.


### Description

The repository currently does not publish OpenSSF Scorecard results to the public Scorecard API (https://api.securityscorecards.dev/). As a result, users and downstream projects cannot easily discover or track the project’s security best-practice posture in a standardized, automated way. The absence of published results reduces visibility and makes it harder for consumers to assess the project using common tooling.

### Solution

Add the official OpenSSF Scorecard GitHub Actions workflow to the repository so that scorecard runs automatically on a schedule and on the default branch and the results are published to the OpenSSF Scorecard API.

### Are you willing to submit PR?

- [x] Yes I am willing to submit a PR!

### Code of Conduct

- [x] I agree to follow this project's [Code of Conduct](https://www.apache.org/foundation/policies/conduct)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Enhancement] Add OpenSSF Scorecard GitHub Actions workflow to publish security scores #60508

Search before asking

Description

Solution

Are you willing to submit PR?

Code of Conduct

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Enhancement] Add OpenSSF Scorecard GitHub Actions workflow to publish security scores #60508

Description

Search before asking

Description

Solution

Are you willing to submit PR?

Code of Conduct

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions