diff --git a/.drone.yml b/.drone.yml
index 3f3d6f9..1986e0c 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -12,20 +12,46 @@ steps:
       from_secret: registry_username
     password:
       from_secret: registry_password
-    repo: scm.project42.io/elia/trivy
+    repo: scm.project42.io/elia/tricks
+    dry_run: true
+    squash: true
+    compress: true
+    tags:
+    - "${DRONE_COMMIT_SHA:0:8}"
+
+- name: build-container
+  image: plugins/docker
+  settings:
+    registry: scm.project42.io
+    dockerfile: Dockerfile
+    username:
+      from_secret: registry_username
+    password:
+      from_secret: registry_password
+    repo: scm.project42.io/elia/tricks
     dry_run: false
     squash: true
     compress: true
     tags:
     - pre-scan
     - "${DRONE_COMMIT_SHA:0:8}"
+  depends_on:
+    - test-build-container
 
+trigger:
+  exclude:
+    event:
+      - promote
+
+---
+kind: pipeline
+name: scan
+
+steps:
 - name: trivy-scan
   image: scm.project42.io/elia/trivy:production
   commands:
-    - /usr/local/bin/trivy image --image-src remote scm.project42.io/elia/trivy:"${DRONE_COMMIT_SHA:0:8}"
-  depends_on:
-    - test-build-container
+    - trivy image --image-src remote scm.project42.io/elia/tricks:"${DRONE_COMMIT_SHA:0:8}"
 
 - name: retag-container
   image: ghcr.io/oras-project/oras:v1.0.0
@@ -35,10 +61,13 @@ steps:
     REGISTRY_PASSWORD:
       from_secret: registry_password
   commands:
-    - oras cp --from-username "$REGISTRY_USERNAME" --from-password "$REGISTRY_PASSWORD" --to-username "$REGISTRY_USERNAME" --to-password "$REGISTRY_PASSWORD" "scm.project42.io/elia/trivy:${DRONE_COMMIT_SHA:0:8}"  scm.project42.io/elia/trivy:post-scan
+    - oras cp --from-username "$REGISTRY_USERNAME" --from-password "$REGISTRY_PASSWORD" --to-username "$REGISTRY_USERNAME" --to-password "$REGISTRY_PASSWORD" "scm.project42.io/elia/tricks:${DRONE_COMMIT_SHA:0:8}"  scm.project42.io/elia/tricks:post-scan
   depends_on:
     - trivy-scan
 
+depends_on:
+  - test
+
 trigger:
   exclude:
     event:
@@ -57,7 +86,7 @@ steps:
     REGISTRY_PASSWORD:
       from_secret: registry_password
   commands:
-    - oras cp --from-username "$REGISTRY_USERNAME" --from-password "$REGISTRY_PASSWORD" --to-username "$REGISTRY_USERNAME" --to-password "$REGISTRY_PASSWORD" "scm.project42.io/elia/trivy:${DRONE_COMMIT_SHA:0:8}"  scm.project42.io/elia/trivy:production
+    - oras cp --from-username "$REGISTRY_USERNAME" --from-password "$REGISTRY_PASSWORD" --to-username "$REGISTRY_USERNAME" --to-password "$REGISTRY_PASSWORD" "scm.project42.io/elia/tricks:${DRONE_COMMIT_SHA:0:8}"  scm.project42.io/elia/tricks:production
   when:
     event:
     - promote
@@ -65,7 +94,7 @@ steps:
     - production
 
 depends_on:
-  - test
+  - scan
 
 trigger:
   event:
diff --git a/Dockerfile b/Dockerfile
index 38ac8e8..2859151 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,6 +4,11 @@ MAINTAINER Elia El Lazkani <git@lazkani.io>
 ARG ORAS_VERSION="1.0.0"
 
 RUN apk add --virtual .build-deps curl && \
+    curl -LO "https://github.com/oras-project/oras/releases/download/v${ORAS_VERSION}/oras_${ORAS_VERSION}_linux_amd64.tar.gz" && \
+    mkdir -p oras-install/ && \
+    tar -zxf oras_${ORAS_VERSION}_*.tar.gz -C oras-install/ && \
+    mv oras-install/oras /usr/local/bin/ && \
+    rm -rf oras_${ORAS_VERSION}_*.tar.gz oras-install/ && \
     export TRIVY_VERSION=$(wget -qO - "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') && \
     echo $TRIVY_VERSION && \
     curl -LO "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" && \
@@ -12,5 +17,3 @@ RUN apk add --virtual .build-deps curl && \
     mv trivy-install /opt/trivy && \
     ln -s /opt/trivy/trivy /usr/local/bin/trivy && \
     apk del .build-deps
-
-ENTRYPOINT ["/usr/local/bin/trivy"]