diff --git a/.github/workflows/docker-buid-publish.yml b/.github/workflows/docker-buid-publish.yml
index ed843f2..1bd100e 100644
--- a/.github/workflows/docker-buid-publish.yml
+++ b/.github/workflows/docker-buid-publish.yml
@@ -115,7 +115,7 @@ jobs:
         env:
           # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
           TAGS: ${{ steps.meta.outputs.tags }}
-          DIGEST: ${{ build-and-push-nocache.outputs.digest }}
+          DIGEST: ${{ steps.build-and-push-nocache.outputs.digest }}
         # This step uses the identity token to provision an ephemeral certificate
         # against the sigstore community Fulcio instance.
         run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}