diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 21a27f0..ab93546 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -82,8 +82,15 @@ jobs:
             c86c21ea-98cf-4ca9-b730-b2400146a3a5 > COSIGN_PASSWORD
 
       - name: Sign the container image
+        env:
+          TAGS: ${{ steps.meta.outputs.tags }}
+          DIGEST: ${{ steps.build-push.outputs.digest }}
         run: |
-          cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY }}/${{ github.repository }}/${{ matrix.image }}@${{ steps.build-push.outputs.digest }} ${{ steps.meta.outputs.tags }}
+          images=""
+          for tag in ${TAGS}; do
+            images+="${tag}@${DIGEST} "
+          done
+          cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${images}
 
       - name: Cleanup old images
         uses: actions/delete-package-versions@v5
diff --git a/cosign.pub b/cosign.pub
new file mode 100644
index 0000000..79e7a2b
--- /dev/null
+++ b/cosign.pub
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELZQY2cPsUJ0+GXC/u9GJfKiZ8sNZ
+8idmUGhvnsTm5DjO3HFXueefNZuDZ163kujPfGkFuQ+kR1/KXYVXEhn9kA==
+-----END PUBLIC KEY-----