diff --git a/.github/workflows/actions.yaml b/.github/workflows/actions.yaml
index fc699a26..bdc505e6 100644
--- a/.github/workflows/actions.yaml
+++ b/.github/workflows/actions.yaml
@@ -31,9 +31,3 @@ jobs:
       - uses: ./actions/helm
       - uses: ./actions/kubebuilder
       - uses: ./actions/sops
-      - uses: ./actions/sbom
-        with:
-          image: ghcr.io/fluxcd/kustomize-controller:v0.19.1
-      - name: Check SBOM
-        run:
-          cat /tmp/sbom.spdx.json | grep "fluxcd/pkg/ssa"
diff --git a/actions/sbom/action.yml b/actions/sbom/action.yml
deleted file mode 100644
index af2a8346..00000000
--- a/actions/sbom/action.yml
+++ /dev/null
@@ -1,41 +0,0 @@
-name: Generate SBOM for container images
-description: A GitHub Action for generating SBOM in spdx-json format
-author: Stefan Prodan
-branding:
-  color: blue
-  icon: command
-inputs:
-  version:
-    description: "Syft version"
-    required: false
-  image:
-    description: "container image URL"
-    required: false
-  output:
-    description: "SBOM file path"
-    required: true
-    default: "/tmp/sbom.spdx.json"
-runs:
-  using: composite
-  steps:
-    - name: "Install Anchore Syft"
-      shell: bash
-      run: |
-        SYFT_URL="https://raw.githubusercontent.com/anchore/syft/86c3c1c53176a5aad69274d4f79470d10b779a1c/install.sh"
-        SYFT_SHA256="e1d8c9f2e4c1e89780cfd7c2666be6c64b2de91af8cc13374510a1bce9c03a5e"
-        TMP_FILE=$(mktemp /tmp/syft.XXXXXX)
-
-        trap "rm ${TMP_FILE}" EXIT
-
-        curl -o "${TMP_FILE}" -sSfL "${SYFT_URL}"
-        if ! echo "${SYFT_SHA256}  ${TMP_FILE}" | sha256sum --check; then
-            echo "Checksum failed for ${SYFT_URL}."
-            exit 1
-        fi
-
-        cat "${TMP_FILE}" | sh -s -- -b /usr/local/bin ${{ inputs.version }}
-    - name: "Generate SBOM"
-      shell: bash
-      if: ${{ inputs.image }}
-      run: |
-        syft packages ${{ inputs.image }} --output spdx-json > ${{ inputs.output }}