Trigger all workflow on PR

tdruez · tdruez · commit 97fc3b4abbcd · 2025-10-15T09:19:04.000+04:00
Signed-off-by: tdruez &lt;tdruez@nexb.com&gt;
diff --git a/.github/workflows/sca-integration-anchore.yml b/.github/workflows/sca-integration-anchore.yml
@@ -9,6 +9,7 @@ name: Generate SBOM with Anchore Grype and load into ScanCode.io
 # It runs on demand, and once a week (scheduled).
 
 on:
+  pull_request:
   workflow_dispatch:
   schedule:
     # Run once a week (every 7 days) at 00:00 UTC on Sunday
diff --git a/.github/workflows/sca-integration-cdxgen.yml b/.github/workflows/sca-integration-cdxgen.yml
@@ -9,6 +9,7 @@ name: Generate SBOM with CycloneDX cdxgen and load into ScanCode.io
 # It runs on demand, and once a week (scheduled).
 
 on:
+  pull_request:
   workflow_dispatch:
   schedule:
     # Run once a week (every 7 days) at 00:00 UTC on Sunday
diff --git a/.github/workflows/sca-integration-depscan.yml b/.github/workflows/sca-integration-depscan.yml
@@ -9,6 +9,7 @@ name: Generate SBOM with OWASP dep-scan and load into ScanCode.io
 # It runs on demand, and once a week (scheduled).
 
 on:
+  pull_request:
   workflow_dispatch:
   schedule:
     # Run once a week (every 7 days) at 00:00 UTC on Sunday
diff --git a/.github/workflows/sca-integration-ort.yml b/.github/workflows/sca-integration-ort.yml
@@ -9,14 +9,11 @@ name: Generate SBOM with ORT and load into ScanCode.io
 # It runs on demand, and once a week (scheduled).
 
 on:
+  pull_request:
   workflow_dispatch:
   schedule:
     # Run once a week (every 7 days) at 00:00 UTC on Sunday
     - cron: "0 0 * * 0"
-  pull_request:
-  push:
-    branches:
-      - main
 
 permissions:
   contents: read
diff --git a/.github/workflows/sca-integration-osv-scanner.yml b/.github/workflows/sca-integration-osv-scanner.yml
@@ -9,8 +9,8 @@ name: Generate SBOM with OSV-Scanner and load into ScanCode.io
 # It runs on demand, and once a week (scheduled).
 
 on:
-  workflow_dispatch:
   pull_request:
+  workflow_dispatch:
   schedule:
     # Run once a week (every 7 days) at 00:00 UTC on Sunday
     - cron: "0 0 * * 0"
diff --git a/.github/workflows/sca-integration-sbom-tool.yml b/.github/workflows/sca-integration-sbom-tool.yml
@@ -9,6 +9,7 @@ name: Generate SBOM with SBOM tool and load into ScanCode.io
 # It runs on demand, and once a week (scheduled).
 
 on:
+  pull_request:
   workflow_dispatch:
   schedule:
     # Run once a week (every 7 days) at 00:00 UTC on Sunday
diff --git a/.github/workflows/sca-integration-trivy.yml b/.github/workflows/sca-integration-trivy.yml
@@ -9,6 +9,7 @@ name: Generate SBOM with Trivy and load into ScanCode.io
 # It runs on demand, and once a week (scheduled).
 
 on:
+  pull_request:
   workflow_dispatch:
   schedule:
     # Run once a week (every 7 days) at 00:00 UTC on Sunday
@@ -59,12 +60,3 @@ jobs:
             --packages ${{ env.EXPECTED_PACKAGE }} \
             --vulnerable-packages ${{ env.EXPECTED_VULNERABLE_PACKAGE }} \
             --dependencies ${{ env.EXPECTED_DEPENDENCY }}
-
-      - name: Verify SBOM Analysis Results in ScanCode.io
-        shell: bash
-        run: |
-          scanpipe verify-project \
-            --project scancode-action \
-            --packages ${{ env.EXPECTED_PACKAGE }} \
-            --vulnerable-packages ${{ env.EXPECTED_VULNERABLE_PACKAGE }} \
-            --dependencies ${{ env.EXPECTED_DEPENDENCY }}
