diff --git a/.github/workflows/container-build.yml b/.github/workflows/container-build.yml
index 5286824f4..8411e414f 100644
--- a/.github/workflows/container-build.yml
+++ b/.github/workflows/container-build.yml
@@ -59,5 +59,21 @@ jobs:
       - name: creds
         run: gcloud auth configure-docker --quiet
 
+      - name: Formatted labels
+        id: labels
+        run: |
+          FORMATED_LABELS="FORMATED_LABELS='--image-label commit-hash=$GITHUB_SHA"
+
+          BRANCH_NUMBER=$(gh pr list --state all --search "sha:$GITHUB_SHA" --label "breaking-change" | awk '{print $1}')
+          echo "Branch Number: $BRANCH_NUMBER" 
+
+          # Check if a pull request number was found
+          if [ -n "$BRANCH_NUMBER" ]; then
+            FORMATED_LABELS+=" --image-label breaking-change=true"
+          fi
+          echo $FORMATED_LABELS >> $GITHUB_OUTPUT
+
       - name: container
-        run: KO_PREFIX=gcr.io/projectsigstore/fulcio/ci/fulcio make sign-keyless-ci
+        run: |
+          echo "Formated Label: ${{ steps.labels.outputs.FORMATED_LABELS }}"
+          KO_PREFIX=gcr.io/projectsigstore/fulcio/ci/fulcio FORMATED_LABEL=${{ steps.labels.outputs.FORMATED_LABELS }} make sign-keyless-ci
diff --git a/Makefile b/Makefile
index 1c95803fc..9024d2be9 100644
--- a/Makefile
+++ b/Makefile
@@ -122,7 +122,7 @@ $(PROTOC-API-LINTER): $(TOOLS_DIR)/go.mod
 ko:
 	# fulcio
 	LDFLAGS="$(LDFLAGS)" GIT_HASH=$(GIT_HASH) GIT_VERSION=$(GIT_VERSION) \
-	KO_DOCKER_REPO=$(KO_PREFIX)/fulcio ko resolve --bare \
+	KO_DOCKER_REPO=$(KO_PREFIX)/fulcio ko resolve $(FORMATED_LABEL) --bare \
 		--platform=linux/amd64 --tags $(GIT_VERSION) --tags $(GIT_HASH) \
 		--image-refs fulcioImagerefs --filename config/ > $(FULCIO_YAML)