diff --git a/.chainloop.yml b/.chainloop.yml
new file mode 100644
index 000000000..c589ea4be
--- /dev/null
+++ b/.chainloop.yml
@@ -0,0 +1,2 @@
+# defines files to be added to the attestation
+attestation: {}
diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml
index 3ffd14e5f..09f149ab6 100644
--- a/.github/workflows/maven-build.yml
+++ b/.github/workflows/maven-build.yml
@@ -36,7 +36,7 @@ jobs:
 
   collect-metadata:
     runs-on: ubuntu-latest
-    name: "Security and Compliance Checks"
+    name: Generate metadata
     needs: build
     steps:
       - name: Download all workflow run artifacts
@@ -57,3 +57,15 @@ jobs:
         with:
           name: metadata
           path: metadata/*
+
+  # Send metadata to Chainloop
+  chainloop:
+    name: Chainloop
+    uses: chainloop-dev/labs/.github/workflows/chainloop.yml@a75dff2ef342a1e5c5e1ec5c42fb99f3d1bc03cb
+    needs: collect-metadata
+    # with:
+    #   contract_revision: 3
+    secrets:
+      api_token: ${{ secrets.CHAINLOOP_ROBOT_ACCOUNT }}
+      signing_key: ${{ secrets.PRIVATE_KEY }}
+      signing_key_password: ${{ secrets.PRIVATE_KEY_PASSWORD }}
\ No newline at end of file