diff --git a/action.yml b/action.yml
index 47e528c..81f6f39 100644
--- a/action.yml
+++ b/action.yml
@@ -25,6 +25,10 @@ runs:
     - shell: bash
       run: |
         docker pull ghcr.io/home-assistant/amd64-builder:${{ steps.version.outputs.version }}
+        cosign verify \
+          --certificate-oidc-issuer https://token.actions.githubusercontent.com \
+          --certificate-identity-regexp https://github.com/home-assistant/builder/.* \
+          ghcr.io/home-assistant/amd64-builder:${{ steps.version.outputs.version }}
 
     - shell: bash
       id: builder
diff --git a/build.yaml b/build.yaml
index c8d9882..9233890 100644
--- a/build.yaml
+++ b/build.yaml
@@ -5,6 +5,9 @@ build_from:
   armhf: "ghcr.io/home-assistant/armhf-base:3.18"
   amd64: "ghcr.io/home-assistant/amd64-base:3.18"
   i386: "ghcr.io/home-assistant/i386-base:3.18"
+cosign:
+  base_identity: https://github.com/home-assistant/docker-base/.*
+  identity: https://github.com/home-assistant/builder/.*
 args:
   YQ_VERSION: "v4.13.2"
   COSIGN_VERSION: "2.2.3"