From 3d6e4a793a3d9360d5fee497998d2e372b3b6a77 Mon Sep 17 00:00:00 2001
From: Brad Davidson <brad.davidson@rancher.com>
Date: Wed, 4 Sep 2024 22:46:43 +0000
Subject: [PATCH] Fix /trivy action running against target branch instead of PR
 branch

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
---
 .github/workflows/trivy.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
index a5aff758d7..80d0fa312d 100644
--- a/.github/workflows/trivy.yaml
+++ b/.github/workflows/trivy.yaml
@@ -16,7 +16,7 @@ jobs:
     - name: Checkout PR code
       uses: actions/checkout@v4
       with:
-        ref: ${{ github.event.issue.pull_request.head.ref }}
+        ref: refs/pull/${{ github.event.issue.number }}/head
     
     - name: Comment Status on PR
       run: |
@@ -45,4 +45,4 @@ jobs:
     - name: Report Failure
       if: ${{ failure() }}
       run: |
-        gh issue comment ${{ github.event.issue.number }} --edit-last -b ":x: Trivy scan action failed, check logs :x:"
\ No newline at end of file
+        gh issue comment ${{ github.event.issue.number }} --edit-last -b ":x: Trivy scan action failed, check logs :x:"