diff --git a/.github/workflows/image.yaml b/.github/workflows/image.yaml
index 6f27a8646c..2eabe8a95c 100644
--- a/.github/workflows/image.yaml
+++ b/.github/workflows/image.yaml
@@ -18,7 +18,7 @@ jobs:
       - uses: actions/setup-go@v1
         with:
           go-version: 1.17.x
-      - uses: sigstore/cosign-installer@v2.1.0
+      - uses: sigstore/cosign-installer@v2.2.0
 
       # Build ko from HEAD, build and push an image tagged with the commit SHA,
       # then keylessly sign it with cosign.
diff --git a/.github/workflows/kind-e2e.yaml b/.github/workflows/kind-e2e.yaml
index 9afc03f474..699712442c 100644
--- a/.github/workflows/kind-e2e.yaml
+++ b/.github/workflows/kind-e2e.yaml
@@ -33,7 +33,7 @@ jobs:
         registry-authority: ${{ env.REGISTRY_NAME }}:${{ env.REGISTRY_PORT }}
 
     - name: Install Cosign
-      uses: sigstore/cosign-installer@v2.1.0
+      uses: sigstore/cosign-installer@v2.2.0
       with:
         cosign-release: 'v1.5.1'