diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index d0d9ca51..3514c181 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -1,6 +1,11 @@
 name: "Tests"
 
-on: [push, pull_request, workflow_dispatch]
+on:
+  workflow_dispatch:
+  pull_request:
+  push:
+    branches:
+      - main
 
 jobs:
   build: # make sure build/ci work properly and there is no faked build ncc built scripts
diff --git a/tests/action_args.test.js b/tests/action_args.test.js
index 511ccbc6..c3773dd9 100644
--- a/tests/action_args.test.js
+++ b/tests/action_args.test.js
@@ -2,7 +2,7 @@ const { run } = require("../index");
 const core = require("@actions/core");
 const exec = require("@actions/exec");
 
-jest.setTimeout(30000);
+jest.setTimeout(90000); // 90 seconds; tests were timing out in CI. https://github.com/anchore/scan-action/pull/249
 
 describe("Github action args", () => {
   it("runs with json report", async () => {
diff --git a/tests/grype_command.test.js b/tests/grype_command.test.js
index cd1446b0..91c67bdf 100644
--- a/tests/grype_command.test.js
+++ b/tests/grype_command.test.js
@@ -2,7 +2,7 @@ const githubActionsExec = require("@actions/exec");
 const githubActionsToolCache = require("@actions/tool-cache");
 const core = require("@actions/core");
 
-jest.setTimeout(30000);
+jest.setTimeout(90000); // 90 seconds; tests were timing out in CI. https://github.com/anchore/scan-action/pull/249
 
 jest.spyOn(githubActionsToolCache, "find").mockImplementation(() => {
   return "grype";
diff --git a/tests/index.test.js b/tests/index.test.js
index 67a2ee14..6459edf5 100644
--- a/tests/index.test.js
+++ b/tests/index.test.js
@@ -2,6 +2,12 @@ jest.mock("@actions/core");
 jest.mock("@actions/exec");
 jest.mock("@actions/tool-cache");
 
+beforeAll(async () => {
+  const { grypeVersion } = require("../GrypeVersion");
+  const { installGrype } = require("../index");
+  await installGrype(grypeVersion);
+});
+
 const core = require("@actions/core");
 const path = require("path");
 const fs = require("fs");
diff --git a/tests/sarif_output.test.js b/tests/sarif_output.test.js
index 94ec33d0..01666154 100644
--- a/tests/sarif_output.test.js
+++ b/tests/sarif_output.test.js
@@ -3,7 +3,7 @@ require("@microsoft/jest-sarif"); // for sarif validation
 const fs = require("fs");
 const { runScan } = require("../index");
 
-jest.setTimeout(30000);
+jest.setTimeout(90000); // 90 seconds; tests were timing out in CI. https://github.com/anchore/scan-action/pull/249
 
 const testSource = async (source, vulnerabilities) => {
   if (fs.existsSync("./vulnerabilities.json")) {