diff --git a/.forgejo/workflows/ci.yml b/.forgejo/workflows/ci.yml
index b84140e..368aeb1 100644
--- a/.forgejo/workflows/ci.yml
+++ b/.forgejo/workflows/ci.yml
@@ -1,7 +1,5 @@
 name: CI/CD Pipeline with Secure Ephemeral PiP
 
-#x-podman-client: &podman_client quay.io/podman/stable@sha256:482bce3a829893f0dc3bf497c9a7609341fca11b34e35a92d308eb971ad61adb
-
 on:
   push:
     branches: [main]
@@ -25,6 +23,7 @@ env:
   RUST_IMG_DIGEST: ${{ secrets.RUST_IMG_DIGEST }}         # e.g., docker.io/library/rust@sha256:...
   NODE_IMG_DIGEST: ${{ secrets.NODE_IMG_DIGEST }}         # e.g., docker.io/library/node@sha256:...
   POSTGRES_IMG_DIGEST: ${{ secrets.POSTGRES_IMG_DIGEST }} # e.g., docker.io/library/postgres@sha256:...
+  PODMAN_CLIENT_IMG_DIGEST: quay.io/podman/stable@sha256:482bce3a829893f0dc3bf497c9a7609341fca11b34e35a92d308eb971ad61adb
   PODMAN_SOCK: /run/user/999/podman/podman.sock
 
 jobs:
@@ -32,10 +31,7 @@ jobs:
     runs-on: [ci]
 
     container:
-      image: *podman_client 
-
-    env:
-      PODMAN_CLIENT_IMG_DIGEST: *podman_client
+      image: quay.io/podman/stable@sha256:482bce3a829893f0dc3bf497c9a7609341fca11b34e35a92d308eb971ad61adb
 
     steps:
       - uses: actions/checkout@v4
@@ -142,10 +138,7 @@ jobs:
     needs: test-backend
 
     container:
-      image: *podman_client
-
-    env:
-      PODMAN_CLIENT_IMG_DIGEST: *podman_client
+      image: quay.io/podman/stable@sha256:482bce3a829893f0dc3bf497c9a7609341fca11b34e35a92d308eb971ad61adb
 
     steps:
       - uses: actions/checkout@v4
@@ -204,10 +197,7 @@ jobs:
     needs: test-frontend
 
     container:
-      image: *podman_client
-
-    env:
-      PODMAN_CLIENT_IMG_DIGEST: *podman_client
+      image: quay.io/podman/stable@sha256:482bce3a829893f0dc3bf497c9a7609341fca11b34e35a92d308eb971ad61adb
 
     steps:
       - uses: actions/checkout@v4
@@ -275,10 +265,7 @@ jobs:
     needs: test-frontend
 
     container:
-      image: *podman_client
-
-    env:
-      PODMAN_CLIENT_IMG_DIGEST: *podman_client
+      image: quay.io/podman/stable@sha256:482bce3a829893f0dc3bf497c9a7609341fca11b34e35a92d308eb971ad61adb
 
     steps:
       - uses: actions/checkout@v4
@@ -347,10 +334,7 @@ jobs:
     if: success()
 
     container:
-      image: *podman_client
-
-    env:
-      PODMAN_CLIENT_IMG_DIGEST: *podman_client
+      image: quay.io/podman/stable@sha256:482bce3a829893f0dc3bf497c9a7609341fca11b34e35a92d308eb971ad61adb
 
     steps:
       - uses: actions/checkout@v4