diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index b84db87b..fd4ad947 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -11,6 +11,8 @@ jobs:
 
     permissions:
       contents: write
+      id-token: write
+      attestations: write
 
     steps:
       - uses: actions/checkout@v4
@@ -27,8 +29,18 @@ jobs:
       - name: Test camblet-driver Debian package
         run: sudo apt install -y ../camblet-driver_${{github.ref_name}}_all.deb
 
+      - name: Generate artifact attestation for deb package
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-path: '../camblet-driver_*.deb'
+
       - name: Build camblet-driver RedHat package
         run: make rpm
+        with:
+          subject-path: 'rpmbuild/RPMS/noarch/camblet-driver-*.rpm'
+
+      - name: Generate artifact attestation for rpm package
+        uses: actions/attest-build-provenance@v1
 
       - name: Release
         uses: ncipollo/release-action@v1