diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 10341f35..60926e27 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -25,6 +25,11 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3
 
+      - name: Install Cosign
+        uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
+        with:
+          cosign-release: 'v2.2.2'
+
       - name: Log into registry
         uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc
         with:
@@ -66,3 +71,7 @@ jobs:
           sbom: true
           cache-from: type=gha
           cache-to: type=gha,mode=max
+
+      - name: Sign the image
+        run: |
+          cosign sign --key cosign.key docker.pkg.github.com/${{ github.repository }}/$IMAGE_NAME:${{ steps.meta.outputs.tags }}