Fix: Restructure checkout for code build

author Matthew Watkins <mwatkins@linuxfoundation.org>

Wed, 5 Nov 2025 09:52:17 +0000 (09:52 +0000)

committer Matthew Watkins <mwatkins@linuxfoundation.org>

Wed, 5 Nov 2025 09:52:17 +0000 (09:52 +0000)
author Matthew Watkins <mwatkins@linuxfoundation.org>
Wed, 5 Nov 2025 09:52:17 +0000 (09:52 +0000)
committer Matthew Watkins <mwatkins@linuxfoundation.org>
Wed, 5 Nov 2025 09:52:17 +0000 (09:52 +0000)
diff --git a/.github/workflows/security-scans.yaml b/.github/workflows/security-scans.yaml

index 1278c7a..2c6239e 100644 (file)
--- a/.github/workflows/security-scans.yaml
+++ b/.github/workflows/security-scans.yaml
@@ -46,6 +46,15 @@ jobs:
        # contents: read
        # actions: read
      steps:
+      - name: 'Checkout repository'
+        if: inputs.no_checkout != 'true'
+        # yamllint disable-line rule:line-length
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          # Disabling shallow clones is recommended
+          # This improves the relevancy of reporting output
+          fetch-depth: 0
+
        - name: 'Check for file: pom.xml'
          id: maven-project
          # yamllint disable-line rule:line-length
@@ -63,3 +72,4 @@ jobs:
          uses: lfreleng-actions/sonarqube-cloud-scan-action@a5fb959e36b1e7957b7cae5f4a12bf14b5c66875 # v0.1.3
          with:
            sonar_token: ${{ secrets.SONAR_TOKEN }}
+          no_checkout: true
author	Matthew Watkins <mwatkins@linuxfoundation.org>
	Wed, 5 Nov 2025 09:52:17 +0000 (09:52 +0000)
committer	Matthew Watkins <mwatkins@linuxfoundation.org>
	Wed, 5 Nov 2025 09:52:17 +0000 (09:52 +0000)