diff --git a/.github/workflows/aquasec-container-scanner.yml b/.github/workflows/aquasec-container-scanner.yml
index e763edb..6677198 100644
--- a/.github/workflows/aquasec-container-scanner.yml
+++ b/.github/workflows/aquasec-container-scanner.yml
@@ -25,14 +25,15 @@ jobs:
     - name: Docker login Aqua Registry
       run: docker login registry.aquasec.com -u ${{ secrets.AQUAREG_USER }} -p ${{ secrets.AQUAREG_PSWD }}
 
+    - name: Tag image with Registry
+      run: docker tag my-demo-image:${{ github.sha }} $IMAGE_REGISTRY/my-demo-image:${{ github.sha }}
+
       # Scanner authenticates to the server (-H) using a token (-A) but this can be replaced with user and password auth
       # image is registered if found compliant (--register-compliant) as belonging to the final registry (--registry).
       # the --local flag indicates a locally built image not available in the registry yet
     - name: Scan image
       run: docker run --rm -v /var/run/docker.sock:/var/run/docker.sock registry.aquasec.com/scanner:2022.4 scan -H ${{ secrets.AQUA_SERVER }} -n -A ${{ secrets.TOKEN }} --local --text --register-compliant --registry $IMAGE_REGISTRY my-demo-image:${{ github.sha }}
 
-    - name: Tag image with Registry
-      run: docker tag my-demo-image:${{ github.sha }} $IMAGE_REGISTRY/my-demo-image:${{ github.sha }}
 
     - name: Push to Registry
-      run: echo "docker push"
\ No newline at end of file
+      run: echo "docker push"