diff --git a/.github/workflows/reusable-docker-build.yaml b/.github/workflows/reusable-docker-build.yaml
index 723f9c6..e36678d 100644
--- a/.github/workflows/reusable-docker-build.yaml
+++ b/.github/workflows/reusable-docker-build.yaml
@@ -163,6 +163,9 @@ jobs:
           push: true
           tags: ${{ steps.docker_meta.outputs.tags }}
           labels: ${{ steps.docker_meta.outputs.labels }}
+          # add attestations for provenance and sbom
+          provenance: true
+          sbom: true
       -
         # If PR, put image tags in the PR comments
         # from https://github.com/marketplace/actions/create-or-update-comment