diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
new file mode 100644
index 0000000..1d42aeb
--- /dev/null
+++ b/.github/workflows/publish.yml
@@ -0,0 +1,36 @@
+name: publish
+
+on:
+  push:
+    branches:
+      - main
+  release:
+    types:
+      - published
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - uses: docker/metadata-action@v5
+        id: meta
+        with:
+          images: ghcr.io/${{ github.repository }}
+      - uses: docker/build-push-action@v5
+        with:
+          push: true
+          file: ./Containerfile
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: linux/amd64
+          provenance: false
+		  
\ No newline at end of file
diff --git a/Containerfile b/Containerfile
new file mode 100644
index 0000000..c285a11
--- /dev/null
+++ b/Containerfile
@@ -0,0 +1,19 @@
+FROM golang:1.21-bullseye as builder
+RUN apt-get update && apt-get install -y upx
+
+WORKDIR /workspace
+COPY . /workspace
+RUN go mod download
+
+RUN GOOS=linux GOARCH=amd64 go build -a -o haproxy-operator main.go && \
+    upx -q haproxy-operator
+
+
+FROM gcr.io/distroless/static:nonroot
+
+WORKDIR /opt/go/
+COPY --from=builder /workspace/haproxy-operator /opt/go/haproxy-operator
+
+USER 1001:1001
+
+ENTRYPOINT ["/opt/go/haproxy-operator"]
\ No newline at end of file