diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml
index 7d1179b..b8b18a3 100644
--- a/.github/workflows/artifacts.yaml
+++ b/.github/workflows/artifacts.yaml
@@ -9,10 +9,6 @@ on:
         default: false
         type: boolean
 
-permissions:
-  contents: read
-  packages: write
-
 jobs:
   container-image:
     name: Container-Image
@@ -90,7 +86,7 @@ jobs:
           for tag in ${TAGS}; do
             images+="${tag}@${DIGEST} "
           done
-          cosign sign --yes --key $COSIGN_PRIVATE_KEY --password-stdin $images <<< $COSIGN_PASSWORD
+          cosign sign --yes --key ${{ secrets.COSIGN_KEY }} $images
       
       - name: Upload image artifact
         uses: actions/upload-artifact@v4
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 9f47994..fc184e6 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -14,5 +14,5 @@ jobs:
     with:
       publish: true
     permissions:
-      contents: read
+      contents: write
       packages: write