diff --git a/.github/workflows/docker-publish-rootless-arm.yaml b/.github/workflows/docker-publish-rootless-arm.yaml
index 4d27991c..c40cd55b 100644
--- a/.github/workflows/docker-publish-rootless-arm.yaml
+++ b/.github/workflows/docker-publish-rootless-arm.yaml
@@ -37,26 +37,22 @@ jobs:
     permissions:
       contents: read
       packages: write
-      # This is used to complete the identity challenge
-      # with sigstore/fulcio when running outside of PRs.
       attestations: write
       id-token: write
 
     steps:
+      # Step 1: Checkout repository
       - name: Checkout repository
         uses: actions/checkout@v4
 
-      # Set up BuildKit Docker container builder to be able to build
-      # multi-platform images and export cache
-      # https://github.com/docker/setup-buildx-action
+      # Step 2: Set up Buildx without specifying driver
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3.0.0
         with:
           install: true  # Ensure Buildx is installed and set up properly
           use: true      # Use Buildx instance directly for this job
 
-      # Login against a Docker registry except on PR
-      # https://github.com/docker/login-action
+      # Step 3: Login to Docker registry except on PR
       - name: Log into registry ${{ env.REGISTRY }}
         if: github.event_name != 'pull_request'
         uses: docker/login-action@v3.0.0
@@ -65,8 +61,7 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      # Extract metadata (tags, labels) for Docker
-      # https://github.com/docker/metadata-action
+      # Step 4: Extract metadata for Docker images
       - name: Extract Docker metadata
         id: metadata
         uses: docker/metadata-action@v5.0.0
@@ -81,9 +76,8 @@ jobs:
             type=schedule,pattern=nightly
           flavor: |
             suffix=-rootless-arm,onlatest=true
-  
-      # Build and push Docker image with Buildx (don't push on PR)
-      # https://github.com/docker/build-push-action
+
+      # Step 5: Build and push the Docker image
       - name: Build and push Docker image
         id: build-and-push
         uses: docker/build-push-action@v5.0.0
@@ -92,15 +86,14 @@ jobs:
           push: ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.metadata.outputs.tags }}
           labels: ${{ steps.metadata.outputs.labels }}
-          platforms: linux/arm64,linux/arm/v7  # Build for both ARM64 and ARMv7 architectures
-          cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:cache  # Use registry-based caching for better cross-platform support
-          cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:cache  # Store the cache in the registry for faster builds
+          platforms: linux/arm64,linux/arm/v7
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
           build-args: |
-            VERSION=${{ github.ref_name }}  # Pass version as a build argument
-            COMMIT=${{ github.sha }}  # Pass commit SHA as a build argument
+            VERSION=${{ github.ref_name }}
+            COMMIT=${{ github.sha }}
 
-      # Attest the built image to prove build provenance
-      # https://github.com/actions/attest-build-provenance
+      # Step 6: Attest built image to prove build provenance
       - name: Attest
         uses: actions/attest-build-provenance@v1
         id: attest
@@ -108,4 +101,4 @@ jobs:
         with:
           subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           subject-digest: ${{ steps.build-and-push.outputs.digest }}
-          push-to-registry: true  # Push the attestation to the registry
+          push-to-registry: true