diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index e93dd4b..6f2933a 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -12,9 +12,12 @@ on:
         type: string
 
 env:
-  IMAGE_REGISTRY: ghcr.io
-  IMAGE_REPO: gardener/ingress-gce
+  IMAGE_REGISTRY: europe-docker.pkg.dev
+  IMAGE_REPO: gardener-project/releases/gardener/ingress-gce
   IMAGE_TAG: ${{ inputs.release_tag }}
+  GCP_PROJECT_ID: gardener-project
+  GCP_SERVICE_ACCOUNT: ocm-ci-opensource@gardener-project.iam.gserviceaccount.com
+  WORKLOAD_IDENTITY_PROVIDER: projects/694386720375/locations/global/workloadIdentityPools/github-actions/providers/github-actions-provider
   PLATFORMS: linux/amd64,linux/arm64
 
 defaults:
@@ -31,30 +34,38 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout the gardener/ingress-gce repository
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # https://github.com/actions/checkout/releases/tag/v4.1.7
+        uses: actions/checkout@v4
 
       - name: Checkout the kubernetes/ingress-gce repository
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # https://github.com/actions/checkout/releases/tag/v4.1.7
+        uses: actions/checkout@v4
         with:
           repository: 'kubernetes/ingress-gce'
           path: './ingress-gce'
           persist-credentials: false
           ref: '${{ inputs.ingress_gce_version }}'
 
+      - name: Authenticate against Google-Artifact-Registry
+        id: auth
+        uses: google-github-actions/auth@v2
+        with:
+          token_format: access_token
+          project_id: ${{ env.GCP_PROJECT_ID }}
+          service_account: ${{ env.GCP_SERVICE_ACCOUNT }}
+          workload_identity_provider: ${{ env.WORKLOAD_IDENTITY_PROVIDER }}
       - name: Login to registry
-        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # https://github.com/docker/login-action/releases/tag/v3.3.0
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.IMAGE_REGISTRY }}
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          username: oauth2accesstoken
+          password: ${{ steps.auth.outputs.access_token }}
 
       - name: Docker setup buildx
-        uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # https://github.com/docker/setup-buildx-action/releases/tag/v3.6.1
+        uses: docker/setup-buildx-action@v3
         with:
           platforms: ${{ env.PLATFORMS }}
 
       - name: Build and push Docker images
-        uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # https://github.com/docker/build-push-action/releases/tag/v6.7.0
+        uses: docker/build-push-action@v6
         with:
           context: .
           tags: |
@@ -63,7 +74,7 @@ jobs:
           platforms: ${{ env.PLATFORMS }}
 
       - name: Create new release
-        uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # https://github.com/ncipollo/release-action/releases/tag/v1.14.0
+        uses: ncipollo/release-action@v1
         with:
           tag: ${{ inputs.release_tag }}
           makeLatest: true