diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 2ba08fa9..8f5f7708 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,68 +1,18 @@
 stages:
   - scan
 
-cache:
-  paths:
-    - .sonar/cache
-    - .cache
-
-# ============================================================
-# 🧠 Step 1: Security Scan dengan gosec (tidak hentikan pipeline)
-# ============================================================
-gosec_scan:
-  stage: scan
-  image: golang:1.24
-  script:
-    - apt-get update && apt-get install -y jq
-    - go install github.com/securego/gosec/v2/cmd/gosec@latest
-    - echo "🔍 Menjalankan scan keamanan Go..."
-    - gosec -fmt=json -out=gosec-report.json ./... || true
-    - echo "📄 Jumlah issue terdeteksi:" && cat gosec-report.json | jq '.Issues | length'
-  artifacts:
-    when: always
-    paths:
-      - gosec-report.json
-    expire_in: 1 week
-  allow_failure: false
-  only:
-    - devops-ec2
-
-# ============================================================
-# 🧱 Step 2: Analisis SonarQube (gabung hasil gosec)
-# ============================================================
-sonarqube_analysis:
+sonarqube_scan:
   stage: scan
   image: sonarsource/sonar-scanner-cli:latest
   script:
-    - apk add --no-cache jq
-    - echo "🚀 Menjalankan analisis SonarQube..."
-    - if [ -f "go.mod" ]; then go test ./... -coverprofile=coverage.out || true; fi
-
-    # Konversi hasil gosec ke format SonarQube Generic Issue
-    - echo "🧩 Mengonversi hasil gosec untuk SonarQube..."
-    - |
-      jq -r '.Issues[] | {engineId: "gosec", ruleId: .rule_id, primaryLocation: {message: .details, filePath: .file, textRange: {startLine: .line}}, type: "VULNERABILITY", severity: .severity}' gosec-report.json |
-      jq -s '{issues: .}' > gosec-generic-report.json
-
-    # Kirim analisis ke SonarQube
+    - echo "🚀 Menjalankan analisis ke SonarQube..."
     - sonar-scanner \
         -Dsonar.projectKey="mbu-lti-backend" \
         -Dsonar.projectName="MBU LTI Backend" \
         -Dsonar.sources="." \
         -Dsonar.host.url="https://status.mbugroup.id/sonar" \
         -Dsonar.login="sqp_57fbffb8337608c331091dd1544569df613a2d3f" \
-        -Dsonar.externalIssuesReportPaths="gosec-generic-report.json" \
-        -Dsonar.go.coverage.reportPaths="coverage.out" \
         -Dsonar.sourceEncoding="UTF-8" \
         -Dsonar.verbose=true
-  dependencies:
-    - gosec_scan
-  artifacts:
-    when: always
-    paths:
-      - .scannerwork
-      - gosec-generic-report.json
-      - coverage.out
-    expire_in: 1 week
   only:
     - devops-ec2
\ No newline at end of file