diff --git a/.github/workflows/chart-release.yml b/.github/workflows/chart-release.yml
index 60a4a6a..94b8949 100644
--- a/.github/workflows/chart-release.yml
+++ b/.github/workflows/chart-release.yml
@@ -2,10 +2,21 @@ name: Release Charts
 
 on:
   workflow_dispatch:
+  push:
+    branches:
+      - main
+      - feat/github-artifact-attestations
+    tags:
+      - "exivity-*"
 
 jobs:
   helm-release:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+      attestations: write
+
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -18,7 +29,35 @@ jobs:
           git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
           helm repo add bitnami https://charts.bitnami.com/bitnami
 
+      - name: Package Charts
+        run: |
+          mkdir -p .cr-release-packages
+          helm package charts/exivity -d .cr-release-packages
+
+          echo "✅ Created chart packages:"
+          ls -la .cr-release-packages/
+
+      - name: Create GitHub Attestations
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-path: ".cr-release-packages/*.tgz"
+
+      - name: Verify Attestations
+        run: |
+          echo "🔍 Testing attestation verification..."
+
+          # Verify the chart package
+          chart_file=$(ls .cr-release-packages/*.tgz)
+          echo "Verifying: $chart_file"
+          gh attestation verify "$chart_file" --owner ${{ github.repository_owner }}
+          echo "✅ Attestation verified successfully!"
+        env:
+          GH_TOKEN: ${{ github.token }}
+
       - name: Run chart-releaser
-        uses: exivity/chart-releaser-action@v1.1.0
+        if: startsWith(github.ref, 'refs/tags/')
+        uses: exivity/chart-releaser-action@v1.7.0
+        with:
+          skip_packaging: true
         env:
           CR_TOKEN: "${{ secrets.GH_BOT_TOKEN }}"