diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 10ae86404a4..906fc45f273 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -131,6 +131,12 @@ jobs:
           DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
         run: |
           echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin
+              
+      - name: Import GPG key
+        uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
+        with:
+          gpg_private_key: ${{ secrets.GPG_SIGNING_KEY }}
+          passphrase: ${{ secrets.GPG_SIGNING_KEY_PASSWORD }}
 
       - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0
@@ -140,6 +146,11 @@ jobs:
           args: release --clean --timeout 60m
         env:
           GITHUB_TOKEN: ${{ secrets.PERSONAL_GITHUB_TOKEN }}
+          SIGN_RELEASE_GPG_PRIVATE_KEY: ${{ secrets.SIGN_RELEASE_GPG_PRIVATE_KEY }}
+          SIGN_RELEASE_GPG_PASSPHRASE: ${{ secrets.SIGN_RELEASE_GPG_PASSPHRASE }}
+          SIGN_RELEASE_GPG_KEY_ID: 4AEE18F83AFDEB23
+
+
 
   is-not-beta-release:
     name: check if release is a beta release
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
index bafca0c1271..5014d7082b7 100644
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -775,3 +775,17 @@ scoops:
 
 snapshot:
   version_template: "{{ incpatch .Version }}-next"
+  
+signs:
+  - artifacts: checksum
+    cmd: gpg
+    args: [
+      "--batch",
+      "--yes",
+      "--armor",
+      "--pinentry-mode", "loopback",
+      "--passphrase", "{{ .Env.SIGN_RELEASE_GPG_PASSPHRASE }}",
+      "--local-user", "{{ .Env.SIGN_RELEASE_GPG_KEY_ID }}",
+      "--output", "${signature}",
+      "--detach-sign", "${artifact}"
+    ]