diff --git a/.goreleaser.yaml b/.goreleaser.yaml
index 00aad83..38a327d 100644
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -6,6 +6,13 @@ before:
     - go mod tidy
     - go mod download
     - rm -rf cmd/hauler/binaries
+    - mkdir -p cmd/hauler/binaries
+    - wget -P cmd/hauler/binaries/ https://github.com/hauler-dev/cosign/releases/download/{{ .Env.cosign_version }}/cosign-linux-amd64
+    - wget -P cmd/hauler/binaries/ https://github.com/hauler-dev/cosign/releases/download/{{ .Env.cosign_version }}/cosign-linux-arm64
+    - wget -P cmd/hauler/binaries/ https://github.com/hauler-dev/cosign/releases/download/{{ .Env.cosign_version }}/cosign-darwin-amd64
+    - wget -P cmd/hauler/binaries/ https://github.com/hauler-dev/cosign/releases/download/{{ .Env.cosign_version }}/cosign-darwin-arm64
+    - wget -P cmd/hauler/binaries/ https://github.com/hauler-dev/cosign/releases/download/{{ .Env.cosign_version }}/cosign-windows-amd64.exe
+    - wget -P cmd/hauler/binaries/ https://github.com/hauler-dev/cosign/releases/download/{{ .Env.cosign_version }}/cosign-windows-arm64.exe
 
 release:
   prerelease: auto
@@ -26,9 +33,6 @@ builds:
       - arm64
     ldflags:
       - -s -w -X {{ .Env.vpkg }}.gitVersion={{ .Version }} -X {{ .Env.vpkg }}.gitCommit={{ .ShortCommit }} -X {{ .Env.vpkg }}.gitTreeState={{if .IsGitDirty}}dirty{{else}}clean{{end}} -X {{ .Env.vpkg }}.buildDate={{ .Date }}
-    hooks:
-      pre:
-        - wget -P cmd/hauler/binaries/ https://github.com/hauler-dev/cosign/releases/download/{{ .Env.cosign_version }}/cosign-{{ .Os }}-{{ .Arch }}{{ if eq .Os "windows" }}.exe{{ end }}
     env:
       - CGO_ENABLED=0
 
diff --git a/Dockerfile b/Dockerfile
index f0ebbab..18b49fc 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,6 +9,11 @@ COPY . /build
 WORKDIR /build
 RUN make build
 
+ARG TARGETOS
+ARG TARGETARCH
+
+RUN cp /build/dist/hauler_${TARGETOS}_${TARGETARCH}*/hauler /hauler
+
 RUN echo "hauler:x:1001:1001::/home/hauler:" > /etc/passwd \
 && echo "hauler:x:1001:hauler" > /etc/group \
 && mkdir /home/hauler \
@@ -19,8 +24,6 @@ RUN echo "hauler:x:1001:1001::/home/hauler:" > /etc/passwd \
 # release stage
 FROM scratch AS release
 
-ARG TARGETARCH
-
 COPY --from=builder /var/lib/ca-certificates/ca-bundle.pem /etc/ssl/certs/ca-certificates.crt
 COPY --from=builder /etc/passwd /etc/passwd
 COPY --from=builder /etc/group /etc/group
@@ -29,7 +32,7 @@ COPY --from=builder --chown=hauler:hauler /tmp/. /tmp
 COPY --from=builder --chown=hauler:hauler /store/. /store
 COPY --from=builder --chown=hauler:hauler /registry/. /registry
 COPY --from=builder --chown=hauler:hauler /fileserver/. /fileserver
-COPY --from=builder --chown=hauler:hauler /build/dist/hauler_linux_${TARGETARCH}/hauler /
+COPY --from=builder --chown=hauler:hauler /hauler /hauler
 
 USER hauler
 ENTRYPOINT [ "/hauler" ]
@@ -37,13 +40,11 @@ ENTRYPOINT [ "/hauler" ]
 # debug stage
 FROM alpine AS debug
 
-ARG TARGETARCH
-
 COPY --from=builder /var/lib/ca-certificates/ca-bundle.pem /etc/ssl/certs/ca-certificates.crt
 COPY --from=builder /etc/passwd /etc/passwd
 COPY --from=builder /etc/group /etc/group
 COPY --from=builder --chown=hauler:hauler /home/hauler/. /home/hauler
-COPY --from=builder --chown=hauler:hauler /build/dist/hauler_linux_${TARGETARCH}/hauler /
+COPY --from=builder --chown=hauler:hauler /hauler /hauler
 
 RUN apk --no-cache add curl