diff --git a/.github/workflows/dockerhub-latest-image.yml b/.github/workflows/dockerhub-latest-image.yml
index 0eb6456e827c..0c1df1ca0290 100644
--- a/.github/workflows/dockerhub-latest-image.yml
+++ b/.github/workflows/dockerhub-latest-image.yml
@@ -6,6 +6,8 @@ on:
 jobs:
   publish-image-to-dockerhub:
     name: publish to DockerHub
+    permissions:
+      id-token: write # To be able to get OIDC ID token to sign images.
     # prevent job running from forked repository, otherwise
     # 1. running on the forked repository would fail as missing necessary secret.
     # 2. running on the forked repository would use unnecessary GitHub Action time.
@@ -36,6 +38,10 @@ jobs:
         uses: actions/setup-go@v3
         with:
           go-version: 1.19.5
+      - name: Install Cosign
+        uses: sigstore/cosign-installer@v3.0.3
+        with:
+          cosign-release: 'v1.13.1'
       - name: install QEMU
         uses: docker/setup-qemu-action@v2
       - name: install Buildx
@@ -49,4 +55,6 @@ jobs:
         env:
           REGISTRY: karmada
           VERSION: latest
+          COSIGN_EXPERIMENTAL: 1
+          SIGN_IMAGE: 1
         run: make mp-image-${{ matrix.target }}
diff --git a/.github/workflows/dockerhub-released-image.yml b/.github/workflows/dockerhub-released-image.yml
index 20241cab942d..e169299bdb06 100644
--- a/.github/workflows/dockerhub-released-image.yml
+++ b/.github/workflows/dockerhub-released-image.yml
@@ -6,6 +6,8 @@ on:
 jobs:
   publish-image-to-dockerhub:
     name: publish to DockerHub
+    permissions:
+      id-token: write # To be able to get OIDC ID token to sign images.
     strategy:
       matrix:
         target:
@@ -32,6 +34,10 @@ jobs:
         uses: actions/setup-go@v3
         with:
           go-version: 1.19.5
+      - name: Install Cosign
+        uses: sigstore/cosign-installer@v3.0.3
+        with:
+          cosign-release: 'v1.13.1'
       - name: install QEMU
         uses: docker/setup-qemu-action@v2
       - name: install Buildx
@@ -45,4 +51,6 @@ jobs:
         env:
           REGISTRY: karmada
           VERSION: ${{ github.ref_name }}
+          COSIGN_EXPERIMENTAL: 1
+          SIGN_IMAGE: 1
         run: make mp-image-${{ matrix.target }}
diff --git a/hack/docker.sh b/hack/docker.sh
index a45d570c7ff2..ee8e9a6cef26 100755
--- a/hack/docker.sh
+++ b/hack/docker.sh
@@ -20,11 +20,13 @@ set -o pipefail
 #   REGISTRY          image registry
 #   VERSION           image version
 #   DOCKER_BUILD_ARGS additional arguments to the docker build command
+#   SIGN_IMAGE        enabled sign image with cosign, disabled by default.
 # Examples:
 #   hack/docker.sh karmada-aggregated-apiserver
 #   BUILD_PLATFORMS=linux/amd64 hack/docker.sh karmada-aggregated-apiserver
 #   OUTPUT_TYPE=registry BUILD_PLATFORMS=linux/amd64,linux/arm64 hack/docker.sh karmada-aggregated-apiserver
 #   DOCKER_BUILD_ARGS="--build-arg https_proxy=${https_proxy}" hack/docker.sh karmada-aggregated-apiserver"
+#   SIGN_IMAGE="1"
 
 REPO_ROOT=$(dirname "${BASH_SOURCE[0]}")/..
 source "${REPO_ROOT}/hack/util.sh"
@@ -32,6 +34,7 @@ source "${REPO_ROOT}/hack/util.sh"
 REGISTRY=${REGISTRY:-"docker.io/karmada"}
 VERSION=${VERSION:="unknown"}
 DOCKER_BUILD_ARGS=${DOCKER_BUILD_ARGS:-}
+SIGN_IMAGE=${SIGN_IMAGE:-"0"}
 
 function build_images() {
   local -r target=$1
@@ -66,6 +69,7 @@ function build_local_image() {
 
   if [[ "$output_type" == "registry" ]]; then
     docker push "${image_name}"
+    signImage ${image_name}
   fi
 }
 
@@ -85,9 +89,18 @@ function build_cross_image() {
           --tag "${image_name}" \
           --file "${REPO_ROOT}/cluster/images/buildx.Dockerfile" \
           "${REPO_ROOT}/_output/bin"
+  signImage ${image_name}
   set +x
 }
 
+function signImage(){
+  if [ $SIGN_IMAGE = "1" ];then
+    local -r target=$1
+    echo "Signing image: "${target}
+    cosign sign --yes ${target}
+  fi
+}
+
 function isCross() {
   local platforms=$1