diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 43fdb0ed..8f3ccf71 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -155,7 +155,7 @@ jobs:
       - name: Update action.yml
         run: |
           echo "yq version: $(yq --version)"
-          yq '.runs.image = env(CONTAINER_IMAGE_ID)' -i action.yml
+          yq '.runs.image = "docker://" + env(CONTAINER_IMAGE_ID)' -i action.yml
           echo "Action file contents:"
           cat action.yml
 
@@ -253,6 +253,25 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
+  # The purpose of this job is to run only when the run-test-suite job runs to completion.
+  # We can use this job as a required status check in a branch protection rule without
+  # having to select each individual job that dynamically add to the test matrix.
+  test-success-placeholder:
+    name: Check if all the tests passed
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    needs:
+      - run-test-suite
+      - test-local-action
+    steps:
+      - name: Test suite success
+        if: ${{ !(contains(needs.*.result, 'failure')) }}
+        run: exit 0
+      - name: Test suite failures
+        if: ${{ contains(needs.*.result, 'failure') }}
+        run: exit 1
+
   preview-release-notes:
     if: github.event_name == 'pull_request' && github.repository == github.event.pull_request.head.repo.full_name && github.repository == 'super-linter/super-linter'
     runs-on: ubuntu-latest
diff --git a/test/linters/github_actions/actions_good_01.yml b/test/linters/github_actions/actions_good_01.yml
index a4641d2e..c70f52e9 100644
--- a/test/linters/github_actions/actions_good_01.yml
+++ b/test/linters/github_actions/actions_good_01.yml
@@ -8,7 +8,6 @@ jobs:
   github_actions_good:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
       - if: ${{ github.actor == 'dependabot[bot]' }}
         run: |
           # CMD