diff --git a/.github/workflows/release-container-image.yml b/.github/workflows/release-container-image.yml
index 7177e93..752c27f 100644
--- a/.github/workflows/release-container-image.yml
+++ b/.github/workflows/release-container-image.yml
@@ -51,10 +51,11 @@ jobs:
           podman tag dangerzone.rocks/dangerzone:$TAG "$FINAL_IMAGE_NAME"
           podman push "$FINAL_IMAGE_NAME" --digestfile=digest
           echo "digest=$(cat digest)" >> "$GITHUB_OUTPUT"
+          echo "tag=$TAG" >> "$GITHUB_OUTPUT"
 
       - name: Generate artifact attestation
         uses: actions/attest-build-provenance@v1
         with:
-          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.build-image.outputs.tag }}
           subject-digest: "${{ steps.build-image.outputs.digest }}"
           push-to-registry: true