diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b92cefb..bd5dd27 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -86,6 +86,8 @@ jobs:
     runs-on: ubuntu-latest
     needs: [ compile ]
     steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
       - name: Run Trivy vulnerability scanner in repo mode
         uses: aquasecurity/trivy-action@master
         with:
@@ -94,7 +96,6 @@ jobs:
           template: '@/contrib/sarif.tpl'
           output: 'trivy-results.sarif'
           severity: 'HIGH,CRITICAL'
-          exit-code: '1'
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v1
         with: