diff --git a/src/pkg/packager/actions/actions.go b/src/pkg/packager/actions/actions.go
index ee66b84c39..3d979ffcac 100644
--- a/src/pkg/packager/actions/actions.go
+++ b/src/pkg/packager/actions/actions.go
@@ -22,13 +22,13 @@ import (
 )
 
 // Run runs all provided actions.
-func Run(defaultCfg types.ZarfComponentActionDefaults, actions []types.ZarfComponentAction, variableConfig *variables.VariableConfig) error {
+func Run(ctx context.Context, defaultCfg types.ZarfComponentActionDefaults, actions []types.ZarfComponentAction, variableConfig *variables.VariableConfig) error {
 	if variableConfig == nil {
 		variableConfig = template.GetZarfVariableConfig()
 	}
 
 	for _, a := range actions {
-		if err := runAction(defaultCfg, a, variableConfig); err != nil {
+		if err := runAction(ctx, defaultCfg, a, variableConfig); err != nil {
 			return err
 		}
 	}
@@ -36,10 +36,8 @@ func Run(defaultCfg types.ZarfComponentActionDefaults, actions []types.ZarfCompo
 }
 
 // Run commands that a component has provided.
-func runAction(defaultCfg types.ZarfComponentActionDefaults, action types.ZarfComponentAction, variableConfig *variables.VariableConfig) error {
+func runAction(ctx context.Context, defaultCfg types.ZarfComponentActionDefaults, action types.ZarfComponentAction, variableConfig *variables.VariableConfig) error {
 	var (
-		ctx        context.Context
-		cancel     context.CancelFunc
 		cmdEscaped string
 		out        string
 		err        error
@@ -56,7 +54,7 @@ func runAction(defaultCfg types.ZarfComponentActionDefaults, action types.ZarfCo
 		}
 
 		// Convert the wait to a command.
-		if cmd, err = convertWaitToCmd(*action.Wait, action.MaxTotalSeconds); err != nil {
+		if cmd, err = convertWaitToCmd(ctx, *action.Wait, action.MaxTotalSeconds); err != nil {
 			return err
 		}
 
@@ -85,9 +83,9 @@ func runAction(defaultCfg types.ZarfComponentActionDefaults, action types.ZarfCo
 	// Persist the spinner output so it doesn't get overwritten by the command output.
 	spinner.EnablePreserveWrites()
 
-	actionDefaults := actionGetCfg(defaultCfg, action, variableConfig.GetAllTemplates())
+	actionDefaults := actionGetCfg(ctx, defaultCfg, action, variableConfig.GetAllTemplates())
 
-	if cmd, err = actionCmdMutation(cmd, actionDefaults.Shell); err != nil {
+	if cmd, err = actionCmdMutation(ctx, cmd, actionDefaults.Shell); err != nil {
 		spinner.Errorf(err, "Error mutating command: %s", cmdEscaped)
 	}
 
@@ -128,7 +126,8 @@ retryCmd:
 		// If no timeout is set, run the command and return or continue retrying.
 		if actionDefaults.MaxTotalSeconds < 1 {
 			spinner.Updatef("Waiting for \"%s\" (no timeout)", cmdEscaped)
-			if err := tryCmd(context.TODO()); err != nil {
+			//TODO (schristoff): Make it so tryCmd can take a normal ctx
+			if err := tryCmd(context.Background()); err != nil {
 				continue retryCmd
 			}
 
@@ -144,7 +143,7 @@ retryCmd:
 
 		// Otherwise, try running the command.
 		default:
-			ctx, cancel = context.WithTimeout(context.Background(), duration)
+			ctx, cancel := context.WithTimeout(ctx, duration)
 			defer cancel()
 			if err := tryCmd(ctx); err != nil {
 				continue retryCmd
@@ -169,7 +168,7 @@ retryCmd:
 }
 
 // convertWaitToCmd will return the wait command if it exists, otherwise it will return the original command.
-func convertWaitToCmd(wait types.ZarfComponentActionWait, timeout *int) (string, error) {
+func convertWaitToCmd(_ context.Context, wait types.ZarfComponentActionWait, timeout *int) (string, error) {
 	// Build the timeout string.
 	timeoutString := fmt.Sprintf("--timeout %ds", *timeout)
 
@@ -205,7 +204,7 @@ func convertWaitToCmd(wait types.ZarfComponentActionWait, timeout *int) (string,
 }
 
 // Perform some basic string mutations to make commands more useful.
-func actionCmdMutation(cmd string, shellPref exec.Shell) (string, error) {
+func actionCmdMutation(_ context.Context, cmd string, shellPref exec.Shell) (string, error) {
 	zarfCommand, err := utils.GetFinalExecutableCommand()
 	if err != nil {
 		return cmd, err
@@ -236,7 +235,7 @@ func actionCmdMutation(cmd string, shellPref exec.Shell) (string, error) {
 }
 
 // Merge the ActionSet defaults with the action config.
-func actionGetCfg(cfg types.ZarfComponentActionDefaults, a types.ZarfComponentAction, vars map[string]*variables.TextTemplate) types.ZarfComponentActionDefaults {
+func actionGetCfg(_ context.Context, cfg types.ZarfComponentActionDefaults, a types.ZarfComponentAction, vars map[string]*variables.TextTemplate) types.ZarfComponentActionDefaults {
 	if a.Mute != nil {
 		cfg.Mute = *a.Mute
 	}
diff --git a/src/pkg/packager/creator/normal.go b/src/pkg/packager/creator/normal.go
index 2b32ac1ff1..ea9f6d24c9 100644
--- a/src/pkg/packager/creator/normal.go
+++ b/src/pkg/packager/creator/normal.go
@@ -136,7 +136,7 @@ func (pc *PackageCreator) Assemble(ctx context.Context, dst *layout.PackagePaths
 		onCreate := component.Actions.OnCreate
 
 		onFailure := func() {
-			if err := actions.Run(onCreate.Defaults, onCreate.OnFailure, nil); err != nil {
+			if err := actions.Run(ctx, onCreate.Defaults, onCreate.OnFailure, nil); err != nil {
 				message.Debugf("unable to run component failure action: %s", err.Error())
 			}
 		}
@@ -146,7 +146,7 @@ func (pc *PackageCreator) Assemble(ctx context.Context, dst *layout.PackagePaths
 			return fmt.Errorf("unable to add component %q: %w", component.Name, err)
 		}
 
-		if err := actions.Run(onCreate.Defaults, onCreate.OnSuccess, nil); err != nil {
+		if err := actions.Run(ctx, onCreate.Defaults, onCreate.OnSuccess, nil); err != nil {
 			onFailure()
 			return fmt.Errorf("unable to run component success action: %w", err)
 		}
@@ -359,7 +359,7 @@ func (pc *PackageCreator) addComponent(ctx context.Context, component types.Zarf
 	}
 
 	onCreate := component.Actions.OnCreate
-	if err := actions.Run(onCreate.Defaults, onCreate.Before, nil); err != nil {
+	if err := actions.Run(ctx, onCreate.Defaults, onCreate.Before, nil); err != nil {
 		return fmt.Errorf("unable to run component before action: %w", err)
 	}
 
@@ -521,7 +521,7 @@ func (pc *PackageCreator) addComponent(ctx context.Context, component types.Zarf
 		spinner.Success()
 	}
 
-	if err := actions.Run(onCreate.Defaults, onCreate.After, nil); err != nil {
+	if err := actions.Run(ctx, onCreate.Defaults, onCreate.After, nil); err != nil {
 		return fmt.Errorf("unable to run component after action: %w", err)
 	}
 
diff --git a/src/pkg/packager/deploy.go b/src/pkg/packager/deploy.go
index 0bc5fcfedb..5f2f2f4ab3 100644
--- a/src/pkg/packager/deploy.go
+++ b/src/pkg/packager/deploy.go
@@ -194,7 +194,7 @@ func (p *Packager) deployComponents(ctx context.Context) (deployedComponents []t
 		onDeploy := component.Actions.OnDeploy
 
 		onFailure := func() {
-			if err := actions.Run(onDeploy.Defaults, onDeploy.OnFailure, p.variableConfig); err != nil {
+			if err := actions.Run(ctx, onDeploy.Defaults, onDeploy.OnFailure, p.variableConfig); err != nil {
 				message.Debugf("unable to run component failure action: %s", err.Error())
 			}
 		}
@@ -222,7 +222,7 @@ func (p *Packager) deployComponents(ctx context.Context) (deployedComponents []t
 			}
 		}
 
-		if err := actions.Run(onDeploy.Defaults, onDeploy.OnSuccess, p.variableConfig); err != nil {
+		if err := actions.Run(ctx, onDeploy.Defaults, onDeploy.OnSuccess, p.variableConfig); err != nil {
 			onFailure()
 			return deployedComponents, fmt.Errorf("unable to run component success action: %w", err)
 		}
@@ -324,7 +324,7 @@ func (p *Packager) deployComponent(ctx context.Context, component types.ZarfComp
 		return charts, err
 	}
 
-	if err = actions.Run(onDeploy.Defaults, onDeploy.Before, p.variableConfig); err != nil {
+	if err = actions.Run(ctx, onDeploy.Defaults, onDeploy.Before, p.variableConfig); err != nil {
 		return charts, fmt.Errorf("unable to run component before action: %w", err)
 	}
 
@@ -359,7 +359,7 @@ func (p *Packager) deployComponent(ctx context.Context, component types.ZarfComp
 		}
 	}
 
-	if err = actions.Run(onDeploy.Defaults, onDeploy.After, p.variableConfig); err != nil {
+	if err = actions.Run(ctx, onDeploy.Defaults, onDeploy.After, p.variableConfig); err != nil {
 		return charts, fmt.Errorf("unable to run component after action: %w", err)
 	}
 
diff --git a/src/pkg/packager/remove.go b/src/pkg/packager/remove.go
index dbfbf7d690..59583cee28 100644
--- a/src/pkg/packager/remove.go
+++ b/src/pkg/packager/remove.go
@@ -169,12 +169,12 @@ func (p *Packager) removeComponent(ctx context.Context, deployedPackage *types.D
 
 	onRemove := c.Actions.OnRemove
 	onFailure := func() {
-		if err := actions.Run(onRemove.Defaults, onRemove.OnFailure, nil); err != nil {
+		if err := actions.Run(ctx, onRemove.Defaults, onRemove.OnFailure, nil); err != nil {
 			message.Debugf("Unable to run the failure action: %s", err)
 		}
 	}
 
-	if err := actions.Run(onRemove.Defaults, onRemove.Before, nil); err != nil {
+	if err := actions.Run(ctx, onRemove.Defaults, onRemove.Before, nil); err != nil {
 		onFailure()
 		return nil, fmt.Errorf("unable to run the before action for component (%s): %w", c.Name, err)
 	}
@@ -206,12 +206,12 @@ func (p *Packager) removeComponent(ctx context.Context, deployedPackage *types.D
 		}
 	}
 
-	if err := actions.Run(onRemove.Defaults, onRemove.After, nil); err != nil {
+	if err := actions.Run(ctx, onRemove.Defaults, onRemove.After, nil); err != nil {
 		onFailure()
 		return deployedPackage, fmt.Errorf("unable to run the after action: %w", err)
 	}
 
-	if err := actions.Run(onRemove.Defaults, onRemove.OnSuccess, nil); err != nil {
+	if err := actions.Run(ctx, onRemove.Defaults, onRemove.OnSuccess, nil); err != nil {
 		onFailure()
 		return deployedPackage, fmt.Errorf("unable to run the success action: %w", err)
 	}
diff --git a/src/pkg/packager/sources/oci.go b/src/pkg/packager/sources/oci.go
index f22547d520..78276d33af 100644
--- a/src/pkg/packager/sources/oci.go
+++ b/src/pkg/packager/sources/oci.go
@@ -78,7 +78,7 @@ func (s *OCISource) LoadPackage(ctx context.Context, dst *layout.PackagePaths, f
 
 		spinner.Success()
 
-		if err := ValidatePackageSignature(dst, s.PublicKeyPath); err != nil {
+		if err := ValidatePackageSignature(ctx, dst, s.PublicKeyPath); err != nil {
 			return pkg, nil, err
 		}
 	}
@@ -140,7 +140,7 @@ func (s *OCISource) LoadPackageMetadata(ctx context.Context, dst *layout.Package
 			spinner.Success()
 		}
 
-		if err := ValidatePackageSignature(dst, s.PublicKeyPath); err != nil {
+		if err := ValidatePackageSignature(ctx, dst, s.PublicKeyPath); err != nil {
 			if errors.Is(err, ErrPkgSigButNoKey) && skipValidation {
 				message.Warn("The package was signed but no public key was provided, skipping signature validation")
 			} else {
diff --git a/src/pkg/packager/sources/tarball.go b/src/pkg/packager/sources/tarball.go
index 9cbbf1b071..822dbd330e 100644
--- a/src/pkg/packager/sources/tarball.go
+++ b/src/pkg/packager/sources/tarball.go
@@ -33,7 +33,7 @@ type TarballSource struct {
 }
 
 // LoadPackage loads a package from a tarball.
-func (s *TarballSource) LoadPackage(_ context.Context, dst *layout.PackagePaths, filter filters.ComponentFilterStrategy, unarchiveAll bool) (pkg types.ZarfPackage, warnings []string, err error) {
+func (s *TarballSource) LoadPackage(ctx context.Context, dst *layout.PackagePaths, filter filters.ComponentFilterStrategy, unarchiveAll bool) (pkg types.ZarfPackage, warnings []string, err error) {
 	spinner := message.NewProgressSpinner("Loading package from %q", s.PackageSource)
 	defer spinner.Stop()
 
@@ -106,7 +106,7 @@ func (s *TarballSource) LoadPackage(_ context.Context, dst *layout.PackagePaths,
 
 		spinner.Success()
 
-		if err := ValidatePackageSignature(dst, s.PublicKeyPath); err != nil {
+		if err := ValidatePackageSignature(ctx, dst, s.PublicKeyPath); err != nil {
 			return pkg, nil, err
 		}
 	}
@@ -138,7 +138,7 @@ func (s *TarballSource) LoadPackage(_ context.Context, dst *layout.PackagePaths,
 }
 
 // LoadPackageMetadata loads a package's metadata from a tarball.
-func (s *TarballSource) LoadPackageMetadata(_ context.Context, dst *layout.PackagePaths, wantSBOM bool, skipValidation bool) (pkg types.ZarfPackage, warnings []string, err error) {
+func (s *TarballSource) LoadPackageMetadata(ctx context.Context, dst *layout.PackagePaths, wantSBOM bool, skipValidation bool) (pkg types.ZarfPackage, warnings []string, err error) {
 	if s.Shasum != "" {
 		if err := helpers.SHAsMatch(s.PackageSource, s.Shasum); err != nil {
 			return pkg, nil, err
@@ -184,7 +184,7 @@ func (s *TarballSource) LoadPackageMetadata(_ context.Context, dst *layout.Packa
 			spinner.Success()
 		}
 
-		if err := ValidatePackageSignature(dst, s.PublicKeyPath); err != nil {
+		if err := ValidatePackageSignature(ctx, dst, s.PublicKeyPath); err != nil {
 			if errors.Is(err, ErrPkgSigButNoKey) && skipValidation {
 				message.Warn("The package was signed but no public key was provided, skipping signature validation")
 			} else {
diff --git a/src/pkg/packager/sources/validate.go b/src/pkg/packager/sources/validate.go
index 427d05708a..1c7914ea69 100644
--- a/src/pkg/packager/sources/validate.go
+++ b/src/pkg/packager/sources/validate.go
@@ -6,6 +6,7 @@ package sources
 
 import (
 	"bufio"
+	"context"
 	"errors"
 	"fmt"
 	"io/fs"
@@ -28,7 +29,7 @@ var (
 )
 
 // ValidatePackageSignature validates the signature of a package
-func ValidatePackageSignature(paths *layout.PackagePaths, publicKeyPath string) error {
+func ValidatePackageSignature(ctx context.Context, paths *layout.PackagePaths, publicKeyPath string) error {
 	// If the insecure flag was provided ignore the signature validation
 	if config.CommonOptions.Insecure {
 		return nil
@@ -52,7 +53,7 @@ func ValidatePackageSignature(paths *layout.PackagePaths, publicKeyPath string)
 	}
 
 	// Validate the signature with the key we were provided
-	if err := utils.CosignVerifyBlob(paths.ZarfYAML, paths.Signature, publicKeyPath); err != nil {
+	if err := utils.CosignVerifyBlob(ctx, paths.ZarfYAML, paths.Signature, publicKeyPath); err != nil {
 		return fmt.Errorf("package signature did not match the provided key: %w", err)
 	}
 
diff --git a/src/pkg/utils/cosign.go b/src/pkg/utils/cosign.go
index ae8e553cda..eb16d6159f 100644
--- a/src/pkg/utils/cosign.go
+++ b/src/pkg/utils/cosign.go
@@ -179,7 +179,7 @@ func Sget(ctx context.Context, image, key string, out io.Writer) error {
 }
 
 // CosignVerifyBlob verifies the zarf.yaml.sig was signed with the key provided by the flag
-func CosignVerifyBlob(blobRef string, sigRef string, keyPath string) error {
+func CosignVerifyBlob(ctx context.Context, blobRef string, sigRef string, keyPath string) error {
 	keyOptions := options.KeyOpts{KeyRef: keyPath}
 	cmd := &verify.VerifyBlobCmd{
 		KeyOpts:    keyOptions,
@@ -188,7 +188,7 @@ func CosignVerifyBlob(blobRef string, sigRef string, keyPath string) error {
 		Offline:    true,
 		IgnoreTlog: true,
 	}
-	err := cmd.Exec(context.TODO(), blobRef)
+	err := cmd.Exec(ctx, blobRef)
 	if err == nil {
 		message.Successf("Package signature validated!")
 	}
diff --git a/src/pkg/utils/exec/exec.go b/src/pkg/utils/exec/exec.go
index a3957edd31..4ac90b6a92 100644
--- a/src/pkg/utils/exec/exec.go
+++ b/src/pkg/utils/exec/exec.go
@@ -42,12 +42,12 @@ func PrintCfg() Config {
 
 // Cmd executes a given command with given config.
 func Cmd(command string, args ...string) (string, string, error) {
-	return CmdWithContext(context.TODO(), Config{}, command, args...)
+	return CmdWithContext(context.Background(), Config{}, command, args...)
 }
 
 // CmdWithPrint executes a given command with given config and prints the command.
 func CmdWithPrint(command string, args ...string) error {
-	_, _, err := CmdWithContext(context.TODO(), PrintCfg(), command, args...)
+	_, _, err := CmdWithContext(context.Background(), PrintCfg(), command, args...)
 	return err
 }