swap no-scan logic for nightlybuild to branch, not event

.github/workflows/nightlybuild.yml

@@ -1,4 +1,4 @@
-# NB: When run via workflow_dispatch, image scanning and distribution to other clouds does not happen
+# NB: When run in a non-main branch (via workflow_dispatch), image scanning and distribution to other clouds does not happen
 # on the basis that in this case a fatimage must be built and will be scanned.
 name: Build nightly image
 on:
@@ -108,7 +108,7 @@ jobs:
           echo "image-id=$IMAGE_ID" >> "$GITHUB_OUTPUT"
 
       - name: Download image
-        if: github.event_name == 'schedule'
+        if: githib.ref_name == 'main'
         run: |
           . venv/bin/activate
           sudo mkdir /mnt/images
@@ -117,23 +117,23 @@ jobs:
           openstack image save --file /mnt/images/${{ steps.manifest.outputs.image-name }}.qcow2 ${{ steps.manifest.outputs.image-id }}
 
       - name: Set up QEMU
-        if: github.event_name == 'schedule'
+        if: githib.ref_name == 'main'
         uses: docker/setup-qemu-action@v3
 
       - name: Install libguestfs
         run: |
           sudo apt -y update
           sudo apt -y install libguestfs-tools
-        if: github.event_name == 'schedule'
+        if: githib.ref_name == 'main'
 
       - name: Mount image
-        if: github.event_name == 'schedule'
+        if: githib.ref_name == 'main'
         run: |
           sudo mkdir -p './${{ steps.manifest.outputs.image-name }}'
           sudo guestmount -a /mnt/images/${{ steps.manifest.outputs.image-name }}.qcow2 -i --ro -o allow_other './${{ steps.manifest.outputs.image-name }}'
         
       - name: Run Trivy vulnerability scanner
-        if: github.event_name == 'schedule'
+        if: githib.ref_name == 'main'
         uses: aquasecurity/[email protected]
         with:
           scan-type: fs
@@ -146,14 +146,14 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Upload Trivy scan results to GitHub Security tab
-        if: github.event_name == 'schedule'
+        if: githib.ref_name == 'main'
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: "${{ steps.manifest.outputs.image-name }}.sarif"
           category: "${{ matrix.build.label }}"
 
       - name: Fail if scan has CRITICAL vulnerabilities
-        if: github.event_name == 'schedule'
+        if: githib.ref_name == 'main'
         uses: aquasecurity/[email protected]
         with:
           scan-type: fs
@@ -168,14 +168,14 @@ jobs:
 
 
       - name: Delete new image if Trivy scan fails
-        if: github.event_name == 'schedule' && failure() && steps.packer_build.outcome == 'success' # Runs if the Trivy scan found crit vulnerabilities or failed
+        if: githib.ref_name == 'main' && failure() && steps.packer_build.outcome == 'success' # Runs if the Trivy scan found crit vulnerabilities or failed
         run: |
           . venv/bin/activate
           echo "Deleting new image due to critical vulnerabilities or scan failure ..."
           openstack image delete "${{ steps.manifest.outputs.image-id }}"
 
       - name: Delete old image
-        if: github.event_name == 'schedule'
+        if: githib.ref_name == 'main'
         run: |
           . venv/bin/activate
           IMAGE_COUNT=$(openstack image list --name ${{ steps.manifest.outputs.image-name }} -f value -c ID | wc -l)
@@ -190,7 +190,7 @@ jobs:
   upload:
     name: upload-nightly-targets
     needs: build
-    if: github.event_name == 'schedule'
+    if: githib.ref_name == 'main'
     concurrency:
       group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.builds.label }}-${{ matrix.target_cloud }}
       cancel-in-progress: true