diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 86a998c..54b43e1 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -61,15 +61,36 @@ jobs:
       run: echo "TAG=$(git describe --tags)" >> $GITHUB_ENV
 
     -
-      name: build and push
+      name: build image
       uses: docker/build-push-action@v4
       with:
         context: ./docker
         file: ./docker/Dockerfile
         build-args: TAG=${{ env.TAG }}
-        push: true
+        push: false
         tags: |
           ${{ github.repository }}:latest
           ${{ github.repository }}:${{ env.TAG }}
           ghcr.io/${{ github.repository }}:latest
           ghcr.io/${{ github.repository }}:${{ env.TAG }}
+
+    - name: trivy image scan
+      uses: aquasecurity/trivy-action@0.0.7
+      with:
+        image-ref: ${{ github.repository }}:latest
+        exit-code: 0
+        severity: UNKNOWN,LOW,MEDIUM
+
+    -
+      name: push image
+      uses: docker/build-push-action@v4
+      with:
+        context: ./docker
+        file: ./docker/Dockerfile
+        build-args: TAG=${{ env.TAG }}
+        push: true
+        tags: |
+          ${{ github.repository }}:latest
+          ${{ github.repository }}:${{ env.TAG }}
+          ghcr.io/${{ github.repository }}:latest
+          ghcr.io/${{ github.repository }}:${{ env.TAG }}
\ No newline at end of file
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
deleted file mode 100644
index 604dc84..0000000
--- a/.github/workflows/trivy.yml
+++ /dev/null
@@ -1,46 +0,0 @@
-name: trivy-scanning
-
-on:
-  push:
-    branches: [ "master" ]
-  pull_request:
-    branches: [ "master" ]
-  schedule:
-    - cron: '41 16 * * 0'
-
-permissions: write-all
-
-jobs:
-  trivy-scanning-job:
-    name: trivy-sec-scan
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@master
-        with:
-          scan-type: 'fs'
-          ignore-unfixed: true
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          severity: 'HIGH,CRITICAL'
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
-        with:
-          sarif_file: 'trivy-results.sarif'
-
-      - name: Build an image from Dockerfile
-        run: |
-          cd docker && docker build -t ${{ github.repository }}:${{ github.sha }} .
-
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
-        with:
-
-          image-ref: '${{ github.repository }}:${{ github.sha }}'
-          format: 'table'
-          vuln-type: 'os,library'
-          severity: 'CRITICAL,HIGH'
\ No newline at end of file