From ad3b1ec8ac0e5a5cbdb09e71b75a5e04230a637b Mon Sep 17 00:00:00 2001
From: Hazelnoot <acomputerdog@gmail.com>
Date: Fri, 26 Sep 2025 21:20:42 -0400
Subject: [PATCH] make sure container_scanning only runs when deploy phase is
 actually happening

---
 .gitlab-ci.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 5eb7ee5e6c..8b978c423b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -234,9 +234,8 @@ merge_image_manifests:
 # https://docs.gitlab.com/user/application_security/container_scanning/#scanning-archives-built-in-a-previous-job
 # https://docs.gitlab.com/user/application_security/detect/security_configuration/#error-chosen-stage-test-does-not-exist
 container_scanning:
-  <<: *deploy_common
   <<: *sast_common
-  stage: deploy
+  <<: *deploy_common
   variables:
     AST_ENABLE_MR_PIPELINES: 'false'
     CS_IMAGE: ${CI_REGISTRY_IMAGE}:${REGISTRY_PUSH_TAG}