diff --git a/action.yaml b/action.yaml
index 971536d..c530488 100644
--- a/action.yaml
+++ b/action.yaml
@@ -27,6 +27,14 @@ inputs:
     default: "openvex"
   custom-socket:
     description: "Custom socket address if setting up containerd image store"
+  retry_on_timeout:
+    description: "Retry on timeout error"
+    required: false
+    default: false
+  max_retries:
+    description: "Max retries on timeout error"
+    required: false
+    default: 3
 outputs:
   patched-image:
     description: 'Image reference of patched image'
diff --git a/entrypoint.sh b/entrypoint.sh
index 35c4bef..d4d734e 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -9,6 +9,8 @@ timeout=$4
 connection_format=$5
 format=$6
 output_file=$7
+retry_on_timeout=$8
+max_retries=$9
 
 # parse image into image name
 image_no_tag=$(echo "$image" | cut -d':' -f1)
@@ -40,10 +42,31 @@ case "$connection_format" in
 esac
 
 # run copa to patch image
-if copa patch -i "$image" -r ./data/"$report" -t "$patched_tag" $connection --timeout $timeout $output;
+OUTPUT_MESSAGE=$(copa patch -i "$image" -r ./data/"$report" -t "$patched_tag" $connection --timeout $timeout $output)
+if [ $? -eq 0 ]
 then
     patched_image="$image_no_tag:$patched_tag"
     echo "patched-image=$patched_image" >> "$GITHUB_OUTPUT"
+elif echo "$OUTPUT_MESSAGE" | grep -q "exceeded timeout"
+then
+    if [ "$retry_on_timeout" = "false" ]
+    then
+        echo "Error patching image $image with copa"
+        exit 1
+    else
+        retries=0
+        while [ $retries -lt $max_retries ]
+        do
+            if copa patch -i "$image" -r ./data/"$report" -t "$patched_tag" $connection --timeout $timeout $output;
+            then
+                patched_image="$image_no_tag:$patched_tag"
+                echo "patched-image=$patched_image" >> "$GITHUB_OUTPUT"
+                break
+            else
+                retries=$((retries + 1))
+            fi
+        done
+    fi
 else
     echo "Error patching image $image with copa"
     exit 1