diff --git a/.ci/podman.mk b/.ci/podman.mk
index fb68db6..6f2bdcd 100644
--- a/.ci/podman.mk
+++ b/.ci/podman.mk
@@ -26,7 +26,7 @@ scan: build
 	@echo "Scanning $(IMAGE):$(TAG) using Trivy"
 	@trivy $(TRIVY_OPTS) $(IMAGE):$(TAG)
 
-push: scan
+push: build
 	@aws ecr-public get-login-password --region $(REGION) | docker login --username AWS --password-stdin $(REGISTRY)
 	@docker tag $(IMAGE):$(TAG) $(REGISTRY)/$(IMAGE):$(TAG) $(REGISTRY)/$(IMAGE):latest
 	docker push $(REGISTRY)/$(IMAGE):$(TAG)
diff --git a/.ci/vars/buildPodman.groovy b/.ci/vars/buildPodman.groovy
index 96a9c23..8479c1d 100644
--- a/.ci/vars/buildPodman.groovy
+++ b/.ci/vars/buildPodman.groovy
@@ -1,6 +1,6 @@
 // Common container builder by ZeroDownTime
 
-def call(Map config) {
+def call(Map config=[:]) {
     pipeline {
       agent {
         node {
@@ -49,7 +49,7 @@ def call(Map config) {
             ]
 
             // Scan again and fail on CRITICAL vulns
-            sh 'TRIVY_EXIT_CODE=1 TRIVY_SEVERITY=CRITICAL make scan'
+            sh "[ \"${config.trivyFail}\" == \"NONE\" ] || TRIVY_EXIT_CODE=1 TRIVY_SEVERITY=${config.trivyFail} make scan"
           }
         }
 
@@ -59,6 +59,7 @@ def call(Map config) {
             sh 'make push'
           }
         }
+
       }
     }
   }