diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index 3ce0fa61..4b9887da 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -48,11 +48,15 @@ jobs:
         id: capture-digest
         run: |
           DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' ghcr.io/${{ github.repository_owner }}/lightning-pub:latest | cut -d'@' -f2)
+          echo "DIGEST=sha256:${DIGEST}" >> $GITHUB_ENV
           echo "::set-output name=digest::sha256:${DIGEST}"
 
+      - name: Debug Print Digest
+        run: echo "Digest is ${{ steps.capture-digest.outputs.digest }}"
+
       - name: Attest build provenance
         uses: actions/attest-build-provenance@v1
         with:
           subject-digest: ${{ steps.capture-digest.outputs.digest }}
           subject-name: ghcr.io/${{ github.repository_owner }}/lightning-pub:latest
-          github-token: ${{ secrets.GITHUB_TOKEN }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file