diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 949a1e0..ad64015 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -104,11 +104,18 @@ jobs:
       with:
           context: .
           push: true
-          tags: ciromota/nessus-scanner:latest
+          tags: ${{ steps.docker_meta.outputs.tags }}
 
     - name: Sign image with Cosign
       env:
+        TAGS: ${{ steps.docker_meta.outputs.tags }}
         COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
         COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
-      run: cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ steps.digest.outputs.image_sha }}
+        DIGEST: ${{ steps.build-and-push.outputs.digest }}
+      run: |
+          images=""
+          for tag in ${TAGS}; do
+            images+="${tag}@${DIGEST} "
+          done
+          cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${images}