diff --git a/pipelines/compliance.yml b/pipelines/compliance.yml
index 37ec2cc..7fae861 100644
--- a/pipelines/compliance.yml
+++ b/pipelines/compliance.yml
@@ -35,6 +35,10 @@ sonarqube:
 generate_sbom:
   extends: .generate_sbom
   stage: validate
+  needs:
+    - job: docker-build
+      optional: true
+      artifacts: true
   rules:
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/' || $CI_MERGE_REQUEST_IID
 
diff --git a/scripts/scanner/grype.sh b/scripts/scanner/grype.sh
index fa549db..436d1b4 100644
--- a/scripts/scanner/grype.sh
+++ b/scripts/scanner/grype.sh
@@ -5,5 +5,5 @@
 for i in syft/*.sbom.json;
 do filename=${i%*.sbom.json};
   filename=${filename##/};
-  grype syft/$i -o json --file syft/$filename.cve.json;
+  grype $i -o json --file $filename.cve.json;
 done