diff --git a/.goreleaser.yml b/.goreleaser.yml
index 8049f24..0e6bb59 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -147,6 +147,16 @@ nfpms:
         dependencies:
           - pcsc-lite-libs
 
+sboms:
+  - id: archive
+    artifacts: archive
+    args: ["$artifact", "--output", "cyclonedx-json=$document"]
+    env:
+      - SYFT_GOLANG_SEARCH_LOCAL_MOD_CACHE_LICENSES=true
+  - id: binary
+    artifacts: binary
+    args: ["$artifact", "--output", "cyclonedx-json=$document"]
+
 checksum:
   name_template: "checksums.txt"
 
diff --git a/Makefile b/Makefile
index 205d243..e7bacb2 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 PKG?=github.com/smallstep/step-kms-plugin
 BINNAME?=step-kms-plugin
-GOLANG_CROSS_VERSION?=v1.21.6
+GOLANG_CROSS_VERSION?=v1.22
 
 # Set V to 1 for verbose output from the Makefile
 Q=$(if $V,,@)
diff --git a/docker/build/entrypoint.sh b/docker/build/entrypoint.sh
index e2f13d0..5ba0bc1 100755
--- a/docker/build/entrypoint.sh
+++ b/docker/build/entrypoint.sh
@@ -3,6 +3,9 @@
 set -e
 
 apt update
-apt install --no-install-recommends -y pkg-config libpcsclite-dev libpcsclite-dev:arm64
+apt install --no-install-recommends -y curl pkg-config libpcsclite-dev libpcsclite-dev:arm64
 
-exec /entrypoint.sh $@
\ No newline at end of file
+# Install syft
+curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
+
+exec /entrypoint.sh $@