diff --git a/.github/workflows/install-frsca.yaml b/.github/workflows/install-frsca.yaml
index 184ef538..917c61b8 100644
--- a/.github/workflows/install-frsca.yaml
+++ b/.github/workflows/install-frsca.yaml
@@ -46,15 +46,10 @@ jobs:
       - name: Try the cluster !
         run: kubectl get pods -A
       - name: Initialize FRSCA
-        env:
-          REGISTRY: "registry.registry"
         run: |
           make setup-frsca
       - name: Run buildpacks pipeline
-        env:
-          REGISTRY: "registry.registry"
         run: |
-          make registry-proxy >/dev/null &
           ./platform/wait-for-pipelinerun.sh -m example-buildpacks -n example-buildpacks-
           # tail PipelineRun logs
           tkn pr logs --last -f
@@ -83,12 +78,9 @@ jobs:
           tkn tr describe --last -o json | jq -r '.metadata.annotations["chains.tekton.dev/signed"]'
           cosign verify --insecure-ignore-tlog --key k8s://tekton-chains/signing-secrets "${IMAGE_URL}"
           cosign verify-attestation --insecure-ignore-tlog --type slsaprovenance --key k8s://tekton-chains/signing-secrets "${IMAGE_URL}"
-          kill %?registry-proxy
+          kubectl delete pr --all -A
       - name: Run sample pipeline to test kyverno
-        env:
-          REGISTRY: "registry.registry"
         run: |
-          make registry-proxy >/dev/null &
           ./platform/wait-for-pipelinerun.sh -m example-sample-pipeline -n example-sample-pipeline-
           # tail PipelineRun logs
           tkn pr logs --last -f
@@ -114,9 +106,124 @@ jobs:
           echo "TASK_RUN=${TASK_RUN}"
           echo "IMAGE_URL=${IMAGE_URL}"
           crane ls "$(echo -n ${IMAGE_URL} | sed 's|:[^/]*$||')"
-
           cosign verify --insecure-ignore-tlog --key k8s://tekton-chains/signing-secrets "${IMAGE_URL}"
           cosign verify-attestation --insecure-ignore-tlog --type slsaprovenance --key k8s://tekton-chains/signing-secrets "${IMAGE_URL}"
-
           kubectl wait --timeout=5m --for=condition=ready pods -l app=picalc -n prod
-          kill %?registry-proxy
+          kubectl delete pr --all -A
+      - name: Run go pipeline
+        run: |
+          ./platform/wait-for-pipelinerun.sh -m example-golang-pipeline -n example-golang-
+          tkn pr logs --last -f
+          if [ "$(tkn pr describe --last -o jsonpath='{.status.conditions[?(@.type == "Succeeded")].status}')" != "True" ]; then
+            tkn pr describe --last
+            exit 1
+          fi
+          sleep 60
+          TASK_RUNS=($(tkn pr describe --last -o jsonpath='{.status.childReferences}' | jq -r '.[] | select(.kind | match("TaskRun")) | .name'))
+          echo "TASK_RUNS=${TASK_RUNS[@]}"
+          TASK_RUN="none"; IMAGE_URL="none"
+          for tr in "${TASK_RUNS[@]}"; do
+            image=$(tkn tr describe "${tr}" -o jsonpath='{.status.results}' | jq -r '.[] | select(.name == "IMAGE_URL") | .value')
+            if [ -n "${image}" ]; then
+              TASK_RUN="${tr}"
+              IMAGE_URL="${image}"
+              break
+            fi
+          done
+          if [ "${REGISTRY}" = "registry.registry" ]; then
+            IMAGE_URL="$(echo "${IMAGE_URL}" | sed 's#'${REGISTRY}'#127.0.0.1:5000#')"
+          fi
+          crane ls "$(echo -n ${IMAGE_URL} | sed 's|:[^/]*$||')"
+          cosign verify --insecure-ignore-tlog --key k8s://tekton-chains/signing-secrets "${IMAGE_URL}"
+          cosign verify-attestation --insecure-ignore-tlog --type slsaprovenance --key k8s://tekton-chains/signing-secrets "${IMAGE_URL}"
+          kubectl delete pr --all -A
+      - name: Run IBM tutorial pipeline
+        run: |
+          ./platform/wait-for-pipelinerun.sh -m example-ibm-tutorial -n example-ibm-tutorial-
+          tkn pr logs --last -f
+          if [ "$(tkn pr describe --last -o jsonpath='{.status.conditions[?(@.type == "Succeeded")].status}')" != "True" ]; then
+            tkn pr describe --last
+            exit 1
+          fi
+          sleep 60
+          TASK_RUNS=($(tkn pr describe --last -o jsonpath='{.status.childReferences}' | jq -r '.[] | select(.kind | match("TaskRun")) | .name'))
+          echo "TASK_RUNS=${TASK_RUNS[@]}"
+          TASK_RUN="none"; IMAGE_URL="none"
+          for tr in "${TASK_RUNS[@]}"; do
+            image=$(tkn tr describe "${tr}" -o jsonpath='{.status.results}' | jq -r '.[] | select(.name == "IMAGE_URL") | .value')
+            if [ -n "${image}" ]; then
+              TASK_RUN="${tr}"
+              IMAGE_URL="${image}"
+              break
+            fi
+          done
+          if [ "${REGISTRY}" = "registry.registry" ]; then
+            IMAGE_URL="$(echo "${IMAGE_URL}" | sed 's#'${REGISTRY}'#127.0.0.1:5000#')"
+          fi
+          crane ls "$(echo -n ${IMAGE_URL} | sed 's|:[^/]*$||')"
+          cosign verify --insecure-ignore-tlog --key k8s://tekton-chains/signing-secrets "${IMAGE_URL}"
+          cosign verify-attestation --insecure-ignore-tlog --type slsaprovenance --key k8s://tekton-chains/signing-secrets "${IMAGE_URL}"
+          kubectl delete pr --all -A
+      - name: Run gradle pipeline
+        run: |
+          ./platform/wait-for-pipelinerun.sh -m example-gradle-pipeline -n example-gradle-
+          tkn pr logs --last -f
+          if [ "$(tkn pr describe --last -o jsonpath='{.status.conditions[?(@.type == "Succeeded")].status}')" != "True" ]; then
+            tkn pr describe --last
+            exit 1
+          fi
+          sleep 60
+          TASK_RUNS=($(tkn pr describe --last -o jsonpath='{.status.childReferences}' | jq -r '.[] | select(.kind | match("TaskRun")) | .name'))
+          echo "TASK_RUNS=${TASK_RUNS[@]}"
+          TASK_RUN="none"; IMAGE_URL="none"
+          for tr in "${TASK_RUNS[@]}"; do
+            image=$(tkn tr describe "${tr}" -o jsonpath='{.status.results}' | jq -r '.[] | select(.name == "IMAGE_URL") | .value')
+            if [ -n "${image}" ]; then
+              TASK_RUN="${tr}"
+              IMAGE_URL="${image}"
+              break
+            fi
+          done
+          if [ "${REGISTRY}" = "registry.registry" ]; then
+            IMAGE_URL="$(echo "${IMAGE_URL}" | sed 's#'${REGISTRY}'#127.0.0.1:5000#')"
+          fi
+          crane ls "$(echo -n ${IMAGE_URL} | sed 's|:[^/]*$||')"
+          cosign verify --insecure-ignore-tlog --key k8s://tekton-chains/signing-secrets "${IMAGE_URL}"
+          cosign verify-attestation --insecure-ignore-tlog --type slsaprovenance --key k8s://tekton-chains/signing-secrets "${IMAGE_URL}"
+          kubectl delete pr --all -A
+      - name: Run maven pipeline
+        run: |
+          ./platform/wait-for-pipelinerun.sh -m example-maven -n example-maven-
+          tkn pr logs --last -f
+          if [ "$(tkn pr describe --last -o jsonpath='{.status.conditions[?(@.type == "Succeeded")].status}')" != "True" ]; then
+            tkn pr describe --last
+            exit 1
+          fi
+          kubectl delete pr --all -A
+      - name: Run cosign pipeline
+        run: |
+          ./platform/wait-for-pipelinerun.sh -m example-cosign -n ko-pipelinerun-
+          tkn pr logs --last -f
+          if [ "$(tkn pr describe --last -o jsonpath='{.status.conditions[?(@.type == "Succeeded")].status}')" != "True" ]; then
+            tkn pr describe --last
+            exit 1
+          fi
+          sleep 60
+          TASK_RUNS=($(tkn pr describe --last -o jsonpath='{.status.childReferences}' | jq -r '.[] | select(.kind | match("TaskRun")) | .name'))
+          echo "TASK_RUNS=${TASK_RUNS[@]}"
+          TASK_RUN="none"; IMAGE_URL="none"
+          for tr in "${TASK_RUNS[@]}"; do
+            image=$(tkn tr describe "${tr}" -o jsonpath='{.status.results}' | jq -r '.[] | select(.name == "IMAGE_URL") | .value')
+            if [ -n "${image}" ]; then
+              TASK_RUN="${tr}"
+              IMAGE_URL="${image}"
+              break
+            fi
+          done
+          if [ "${REGISTRY}" = "registry.registry" ]; then
+            IMAGE_URL="$(echo "${IMAGE_URL}" | sed 's#'${REGISTRY}'#127.0.0.1:5000#')"
+          fi
+          crane ls "$(echo -n ${IMAGE_URL} | sed 's|:[^/]*$||')"
+          cosign verify --insecure-ignore-tlog --key k8s://tekton-chains/signing-secrets "${IMAGE_URL}"
+          cosign verify-attestation --insecure-ignore-tlog --type slsaprovenance --key k8s://tekton-chains/signing-secrets "${IMAGE_URL}"
+          kubectl delete pr --all -A
diff --git a/examples/cosign/task-ko.yaml b/examples/cosign/task-ko.yaml
index f478327c..67bcad5f 100644
--- a/examples/cosign/task-ko.yaml
+++ b/examples/cosign/task-ko.yaml
@@ -20,7 +20,7 @@ spec:
       default: ""
     - name: KO_IMAGE
       description: The name of the Ko image
-      default: "ghcr.io/google/ko:14b4fe1c7c6c3246120f271e163ca00367108c04"
+      default: "ghcr.io/ko-build/ko:5a95f8abc540475366126d6c34baf7014794315c"
     - name: SOURCE_SUBPATH
       description: >-
         A subpath within checked out source where the source to build is
@@ -49,6 +49,7 @@ spec:
         export LDFLAGS=""
         export GIT_HASH="test"
         export GIT_VERSION="test"
+        export GOFLAGS="-buildvcs=false"
         KO_IMAGE=$(ko build \
           --base-import-paths \
           "$(params.SOURCE_SUBPATH)")
diff --git a/examples/examples.cue b/examples/examples.cue
index 14169b30..08a61c8a 100644
--- a/examples/examples.cue
+++ b/examples/examples.cue
@@ -43,7 +43,7 @@ for pr in frsca.pipelineRun {
 	frsca: persistentVolumeClaim: "\(pr.metadata.generateName)source-ws-pvc": {
 		spec: {
 			accessModes: ["ReadWriteOnce"]
-			resources: requests: storage: "500Mi"
+			resources: requests: storage: "750Mi"
 		}
 	}
 }
@@ -62,7 +62,7 @@ for name, tt in frsca.triggerTemplate {
 	frsca: persistentVolumeClaim: "\(name)-source-ws-pvc": {
 		spec: {
 			accessModes: ["ReadWriteOnce"]
-			resources: requests: storage: "500Mi"
+			resources: requests: storage: "750Mi"
 		}
 	}
 }