diff --git a/.github/workflows/dockerimage.yml b/.github/workflows/dockerimage.yml
index 8a08d6e..50c6c62 100644
--- a/.github/workflows/dockerimage.yml
+++ b/.github/workflows/dockerimage.yml
@@ -61,11 +61,14 @@ jobs:
           TAGS: ${{ steps.meta.outputs.tags }}
           DIGEST: ${{ steps.build-and-push.outputs.digest }}
           COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
-        run: \echo "${TAGS}" | \xargs -I {} cosign sign --key <(\echo "${COSIGN_PRIVATE_KEY}") --yes "{}@${DIGEST}" \
+        run: |
+          \echo "${COSIGN_PRIVATE_KEY}" > cosign.key
+          \echo "${TAGS}" | \xargs -I {} cosign sign --key cosign.key --yes "{}@${DIGEST}" \
             -a "workflow=${{ github.workflow }}" \
             -a "repo=${{ github.repository }}" \
             -a "branch=${{ github.ref_name }}" \
             -a "ref=${{ github.sha }}"
+          \rm -f cosign.key
       - name: Test the Docker image
         working-directory: ${{ env.IMAGE }}
         run: docker compose -f docker-compose.test.yml run sut