Get the action.yml from the current branch

tdruez · tdruez · commit 92f72c4ac297 · 2025-06-11T19:14:19.000+04:00
Signed-off-by: tdruez &lt;tdruez@nexb.com&gt;
diff --git a/.github/workflows/analyze-docker-image.yml b/.github/workflows/analyze-docker-image.yml
@@ -5,7 +5,13 @@ jobs:
     runs-on: ubuntu-24.04
     name: Analyze a Docker image
     steps:
-      - uses: nexB/scancode-action@alpha
+      - name: Get the action.yml from the current branch
+        uses: actions/checkout@v4
+        with:
+          sparse-checkout: action.yml
+          sparse-checkout-cone-mode: false
+
+      - uses: ./
         with:
           pipelines: "analyze_docker_image"
           input-urls:
diff --git a/.github/workflows/find-vulnerabilities.yml b/.github/workflows/find-vulnerabilities.yml
@@ -5,10 +5,16 @@ jobs:
     runs-on: ubuntu-24.04
     name: Scan codebase and look for vulnerabilities
     steps:
+      - name: Get the action.yml from the current branch
+        uses: actions/checkout@v4
+        with:
+          sparse-checkout: action.yml
+          sparse-checkout-cone-mode: false
+
       - uses: actions/checkout@v4
         with:
           path: scancode-inputs
-      - uses: nexB/scancode-action@alpha
+      - uses: ./
         with:
           pipelines: "scan_codebase,find_vulnerabilities"
         env:
diff --git a/.github/workflows/map-deploy-to-develop.yml b/.github/workflows/map-deploy-to-develop.yml
@@ -5,7 +5,13 @@ jobs:
     runs-on: ubuntu-24.04
     name: Map deploy to develop
     steps:
-      - uses: nexB/scancode-action@alpha
+      - name: Get the action.yml from the current branch
+        uses: actions/checkout@v4
+        with:
+          sparse-checkout: action.yml
+          sparse-checkout-cone-mode: false
+
+      - uses: ./
         with:
           pipelines: "map_deploy_to_develop"
           input-urls:
diff --git a/.github/workflows/scan-codebase.yml b/.github/workflows/scan-codebase.yml
@@ -5,11 +5,17 @@ jobs:
     runs-on: ubuntu-24.04
     name: Scan codebase and check for compliance issues
     steps:
+      - name: Get the action.yml from the current branch
+        uses: actions/checkout@v4
+        with:
+          sparse-checkout: action.yml
+          sparse-checkout-cone-mode: false
+
       - uses: actions/checkout@v4
         with:
           path: scancode-inputs
       - name: Run scancode-action from current branch
-        uses: ./scancode-inputs
+        uses: ./
         with:
           pipelines: "scan_codebase"
           check-compliance: true
diff --git a/.github/workflows/scan-single-package.yml b/.github/workflows/scan-single-package.yml
@@ -5,9 +5,15 @@ jobs:
     runs-on: ubuntu-24.04
     name: Scan a package source archive
     steps:
+      - name: Get the action.yml from the current branch
+        uses: actions/checkout@v4
+        with:
+          sparse-checkout: action.yml
+          sparse-checkout-cone-mode: false
+
       - name: Download repository archive to scancode-inputs/ directory
         run: |
           wget --directory-prefix=scancode-inputs https://github.com/${GITHUB_REPOSITORY}/archive/${GITHUB_REF}.zip
-      - uses: nexB/scancode-action@alpha
+      - uses: ./
         with:
           pipelines: "scan_single_package"
