diff --git a/build/action.yml b/build/action.yml
index ed502e2..05e32b9 100644
--- a/build/action.yml
+++ b/build/action.yml
@@ -6,7 +6,7 @@ description: |
   you must first add your GitHub repository to [github-repositories-terraform](https://github.com/3lvia/github-repositories-terraform).
 inputs:
   name:
-    description: 'Name of application. This will be used as the image name. For Elvia applications, do not include the namespace.'
+    description: 'Name of application. This will be used for the image name. For Elvia applications, do not include the namespace.'
     required: true
   namespace:
     description: 'Namespace or system of the application. Required for Elvia applications.'
@@ -106,12 +106,12 @@ inputs:
     required: false
 
 outputs:
-  image-name:
+  image-name-tag:
     description: 'Name of the Docker image that was built, with tag.'
-    value: ${{ steps.get-outputs.outputs.image-name }}
-  image-digest:
+    value: ${{ steps.get-outputs.outputs.image-name-tag }}
+  image-name-digest:
     description: 'Name of the Docker image that was built, with digest.'
-    value: ${{ steps.get-outputs.outputs.image-name }}
+    value: ${{ steps.get-outputs.outputs.image-name-digest }}
 
 runs:
   using: 'composite'
@@ -168,7 +168,7 @@ runs:
     - name: Install 3lv CLI
       uses: 3lvia/cli/setup@trunk
       with:
-        version: '0.28.1' # TODO: remove this (which will get latest version) when 3lv CLI is stable
+        version: 'feat/use-full-image-deploy' # TODO: remove this (which will get latest version) when 3lv CLI is stable
 
     - name: Install Cosign if not using Elvia runner
       if: ${{ !startsWith(runner.name, 'elvia-runner-') && inputs.sign-image == 'true' }}
@@ -217,10 +217,22 @@ runs:
       shell: bash
       id: get-outputs
       run: |
-        IMAGE_NAME=$(cat /tmp/3lv-cli-output/image-name)
+        IMAGE_NAME_TAG=$(cat /tmp/3lv-cli-output/image-name)
+        IMAGE_NAME_DIGEST="${IMAGE_NAME_TAG%%:*}@$(docker manifest inspect -v "$IMAGE_NAME_TAG" | jq -r '.Descriptor.digest')"
 
-        echo "image-name=$IMAGE_NAME" >> "$GITHUB_OUTPUT"
-        echo "image-digest=$(docker inspect --format='{{index .RepoDigests 0}}' $IMAGE_NAME)" >> "$GITHUB_OUTPUT"
+        echo "image-name-tag=$IMAGE_NAME_TAG" >> "$GITHUB_OUTPUT"
+        echo "image-name-digest=$IMAGE_NAME_DIGEST" >> "$GITHUB_OUTPUT"
+
+        echo "$IMAGE_NAME_TAG" > /tmp/build-info-image-name-tag
+        echo "$IMAGE_NAME_DIGEST" > /tmp/build-info-image-name-digest
+
+    - name: Upload build information to artifact
+      uses: actions/upload-artifact@v4
+      continue-on-error: true # ignore error since we can always use default taag
+      with:
+        name: 'build-info-${{ inputs.name }}-${{ inputs.namespace }}'
+        path: '/tmp/build-info-*'
+        retention-days: 3
 
     - name: Sign image with Cosign using GitHub OIDC token
       if: ${{ inputs.sign-image == 'true' }}
diff --git a/deploy/action.yml b/deploy/action.yml
index b73d5ca..18bc3e0 100644
--- a/deploy/action.yml
+++ b/deploy/action.yml
@@ -130,7 +130,20 @@ runs:
     - name: Install 3lv CLI
       uses: 3lvia/cli/setup@trunk
       with:
-        version: '0.28.1' # TODO: remove this (which will get latest version) when 3lv CLI is stable
+        version: 'feat/use-full-image-deploy' # TODO: remove this (which will get latest version) when 3lv CLI is stable
+
+    - name: Download artifact with build information
+      uses: actions/download-artifact@v4
+      continue-on-error: true # ignore error since we can always use default taag
+      with:
+        name: 'build-info-${{ inputs.name }}-${{ inputs.namespace }}'
+
+    - name: Get image digest and tag from build information
+      shell: bash
+      continue-on-error: true # ignore error since we can always use default taag
+      run: |
+        echo "IMAGE_NAME_DIGEST=$(cat build-info-image-name-digest)" >> "$GITHUB_ENV"
+        echo "IMAGE_NAME_TAG=$(cat build-info-image-name-tag)" >> "$GITHUB_ENV"
 
     - name: Deploy
       shell: bash
@@ -139,9 +152,9 @@ runs:
           --system-name '${{ inputs.namespace }}' \
           --helm-values-file "$HELM_VALUES_FILE" \
           --environment '${{ inputs.environment }}' \
+          --image "$IMAGE" \
           --workload-type '${{ inputs.workload-type }}' \
           --runtime-cloud-provider '${{ inputs.runtime-cloud-provider }}' \
-          --image-tag "$IMAGE_TAG" \
           --add-deployment-annotation \
           --grafana-url "$GRAFANA_URL" \
           --grafana-api-key "$GRAFANA_API_KEY" \
@@ -149,9 +162,11 @@ runs:
           '${{ inputs.name }}'
       env:
         HELM_VALUES_FILE: ${{ inputs.helm-values-path == '' && inputs.helm-values-file || inputs.helm-values-path }}
-        IMAGE_TAG: ${{ inputs.override-image-tag == '' && format('{0}-{1}', github.sha, github.run_number) || inputs.override-image-tag }}
+        # Order of precedence: digest if not empty, tag if not empty, finally default to '{sha}-{run_number}'
+        IMAGE: ${{ env.IMAGE_NAME_DIGEST != '' && env.IMAGE_NAME_DIGEST || (env.IMAGE_NAME_TAG != '' && env.IMAGE_NAME_TAG || format('{0}-{1}', github.sha, github.run_number)) }}
         # Pass optional inputs as environment variables, since they can be empty.
         # The CLI does not accept empty strings passed to the flags, e.g. `--gke-project-id ''` will cause an error.
+        3LV_IMAGE_DIGEST: ${{ env.IMAGE_DIGEST }}
         3LV_AZURE_TENANT_ID: ${{ inputs.AZURE_TENANT_ID }}
         3LV_AZURE_CLIENT_ID: ${{ inputs.AZURE_CLIENT_ID }}
         3LV_AZURE_FEDERATED_TOKEN: ${{ steps.get-federated-token.outputs.token }}