diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index d2c5102..787c2ea 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -75,6 +75,8 @@ jobs:
     runs-on: ubuntu-latest
     needs: [ compile ]
     steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
       - name: Run Trivy vulnerability scanner in repo mode
         uses: aquasecurity/trivy-action@master
         with: