diff --git a/.github/workflows/release-kib.yaml b/.github/workflows/release-kib.yaml
index bb1519c02..d87bf4b18 100644
--- a/.github/workflows/release-kib.yaml
+++ b/.github/workflows/release-kib.yaml
@@ -7,14 +7,14 @@ on:
   workflow_dispatch:
   push:
     tags:
-      - 'v*'
+      - "v*"
 
 name: Release konvoy-image-builder
 jobs:
   release-to-github:
     runs-on:
-    - self-hosted
-    - small
+      - self-hosted
+      - small
     steps:
       - uses: actions/checkout@v4
         with:
@@ -24,11 +24,11 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@v5
         with:
-          go-version-file: 'go.mod'
+          go-version-file: "go.mod"
           cache: true
 
       - name: Download GoReleaser
-        run: go install github.com/goreleaser/goreleaser@v1.15.2
+        run: go install github.com/goreleaser/goreleaser/v2@v2.2.0
 
       - name: Docker Login
         uses: docker/login-action@v3
@@ -45,6 +45,13 @@ jobs:
         env:
           DOCKER_CLI_EXPERIMENTAL: "enabled"
           GITHUB_TOKEN: ${{ secrets.MESOSPHERECI_USER_TOKEN }}
+          # notarize options
+          NOTARIZE_DARWIN_BINARY: "true"
+          MACOS_SIGN_P12: "${{ secrets.NCN_APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}"
+          MACOS_SIGN_PASSWORD: "${{ secrets.NCN_APPLE_DEVELOPER_CERTIFICATE_PASSWORD }}"
+          MACOS_NOTARY_ISSUER_ID: "${{ secrets.NCN_APPSTORECONNECT_ISSUER_ID }}"
+          MACOS_NOTARY_KEY_ID: "${{ secrets.NCN_APPSTORECONNECT_KEY_ID }}"
+          MACOS_NOTARY_KEY: "${{ secrets.NCN_APPSTORECONNECT_PRIVATE_KEY }}"
 
   bump-kib:
     runs-on: ubuntu-22.04
diff --git a/.goreleaser-podman-e2e.yml b/.goreleaser-podman-e2e.yml
index a28c3ea7b..f50ea31e2 100644
--- a/.goreleaser-podman-e2e.yml
+++ b/.goreleaser-podman-e2e.yml
@@ -1,4 +1,5 @@
 ---
+version: 2
 before:
   hooks:
     - go mod download
diff --git a/.goreleaser.yml b/.goreleaser.yml
index 33f4ea1b9..5c9bd801d 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -1,4 +1,5 @@
 ---
+version: 2
 before:
   hooks:
     - go mod download
@@ -6,7 +7,7 @@ before:
 
 # NOTE(jkoelker) the changelog is managed by `release-please`
 changelog:
-  skip: true
+  disable: true
 
 builds:
   - main: ./cmd/konvoy-image/main.go
@@ -94,3 +95,20 @@ release:
   prerelease: auto
   ids:
     - konvoy-image-bundle
+
+notarize:
+  macos:
+    - enabled: '{{ isEnvSet "NOTARIZE_DARWIN_BINARY"}}'
+      ids:
+        - konvoy-image
+        - konvoy-image-wrapper
+      sign:
+        certificate: "{{.Env.MACOS_SIGN_P12}}"
+        password: "{{.Env.MACOS_SIGN_PASSWORD}}"
+
+      notarize:
+        issuer_id: "{{.Env.MACOS_NOTARY_ISSUER_ID}}"
+        key_id: "{{.Env.MACOS_NOTARY_KEY_ID}}"
+        key: "{{.Env.MACOS_NOTARY_KEY}}"
+        wait: true
+        timeout: 20m