Try to straighten out secret passing

Signed-off-by: Larry Gritz <[email protected]>

Author: lgritz

.github/workflows/analysis.yml

@@ -72,6 +72,8 @@ jobs:
       ctest_test_timeout: ${{ matrix.ctest_test_timeout }}
       coverage: ${{ matrix.coverage || '0' }}
       sonar: ${{ matrix.sonar || '0' }}
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
     strategy:
       fail-fast: false
       matrix:

.github/workflows/build-steps.yml

@@ -64,6 +64,10 @@ on:
         type: string
       nametag:
         type: string
+      GITHUB_TOKEN:
+        type: string
+      SONAR_TOKEN:
+        type: string
 
 permissions: read-all
 
@@ -150,8 +154,8 @@ jobs:
       - name: Sonar-scanner
         if: inputs.sonar == 1
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          GITHUB_TOKEN: ${{ inputs.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ inputs.SONAR_TOKEN }}
         run: |
             which sonar-scanner
             ls -l /__w/OpenImageIO/OpenImageIO/bw_output