diff --git a/.gitea/workflows/ci-cd.yml b/.gitea/workflows/ci-cd.yml
index 4887320..75ba8e2 100644
--- a/.gitea/workflows/ci-cd.yml
+++ b/.gitea/workflows/ci-cd.yml
@@ -124,10 +124,6 @@ jobs:
         run: |
           # Install syft
           curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
-          echo "${{ secrets.HARBOR_TOKEN }}"
-          echo "${{ env.REGISTRY }}"
-          echo "${{ secrets.HARBOR_USERNAME }}"
-          echo "${{ env.IMAGE_NAME }}"
 
           # Login to registry - use the REGISTRY variable for the URL
           echo "${{ secrets.HARBOR_TOKEN }}" | docker login ${{ env.REGISTRY }} -u '${{ secrets.HARBOR_USERNAME }}' --password-stdin
@@ -142,6 +138,14 @@ jobs:
           fi
           
           echo "SBOM generated successfully"
+      
+      - name: Install ORAS CLI
+        run: |
+          ORAS_VERSION="1.1.0"
+          curl -LO https://github.com/oras-project/oras/releases/download/v${ORAS_VERSION}/oras_${ORAS_VERSION}_linux_amd64.tar.gz
+          tar -xzf oras_${ORAS_VERSION}_linux_amd64.tar.gz oras
+          chmod +x oras
+          mv oras /usr/local/bin/oras
 
       - name: Upload SBOM to Harbor via ORAS
         run: |