diff --git a/cmd/lock.go b/cmd/lock.go
index 895e03b..391df18 100644
--- a/cmd/lock.go
+++ b/cmd/lock.go
@@ -70,22 +70,26 @@ func lock(cmd *cobra.Command, _ []string) error {
 	}
 
 	// get the digest of the base image
-	if !skipImageLocking && cfg.Spec.From != containerutil.MagicImageScratch {
+	if cfg.Spec.From != containerutil.MagicImageScratch {
 		baseDigest, err := crane.Digest(airutil.ExpandEnv(cfg.Spec.From), crane.WithAuthFromKeychain(ociutil.KeyChain(ociutil.Auth{})))
 		if err != nil {
 			return err
 		}
 
+		resolved := cfg.Spec.From
+		if !skipImageLocking {
+			resolved = cfg.Spec.From + "@" + baseDigest
+		} else {
+			log.Info("warning: this build may not be reproducible - image locking is disabled")
+		}
+
 		lockFile.Packages[""] = lockfile.Package{
 			Name:      cfg.Spec.From,
-			Resolved:  cfg.Spec.From + "@" + baseDigest,
+			Resolved:  resolved,
 			Integrity: baseDigest,
 			Type:      aybv1.PackageOCI,
 		}
 	}
-	if skipImageLocking {
-		log.Info("warning: this build may not be reproducible - image locking is disabled")
-	}
 
 	type expandedRepo struct {
 		URL      string