diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 6b5b91f..96de292 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -15,7 +15,10 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
-    name: Build ruby 3.4
+    name: Build Docker image
+    permissions:
+      contents: read
+      packages: write
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -30,17 +33,17 @@ jobs:
       # Tag image separately to avoid interference with caching and so that testing step can reference the image
       - name: Build single-arch image (x86-64)
         run: |
-          docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --output=type=image,push=false --platform linux/x86_64 -f ./Dockerfile
+          docker buildx build . --builder=container --cache-from=type=registry,ref=ghcr.io/datadog/catadog --output=type=image,push=false --platform linux/x86_64 -f ./Dockerfile
       - name: Tag single-arch image (x86-64)
         run: |
-          docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --load --platform linux/x86_64 -f ./Dockerfile --tag ghrc.io/datadog/catadog
+          docker buildx build . --builder=container --cache-from=type=registry,ref=ghcr.io/datadog/catadog --load --platform linux/x86_64 -f ./Dockerfile --tag ghcr.io/datadog/catadog
       - name: Test single-arch image (x86-64)
         run: |
-          docker run --platform linux/x86_64 --rm ghrc.io/datadog/catadog /bin/sh -c 'true'
-          docker run --platform linux/x86_64 --rm ghrc.io/datadog/catadog ruby -e 'puts RUBY_DESCRIPTION'
-          docker run --platform linux/x86_64 --rm ghrc.io/datadog/catadog gem --version
-          docker run --platform linux/x86_64 --rm ghrc.io/datadog/catadog bundle --version
-          docker run --platform linux/x86_64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ghrc.io/datadog/catadog /bin/sh -c 'bundle install && bundle exec rake test'
+          docker run --platform linux/x86_64 --rm ghcr.io/datadog/catadog /bin/sh -c 'true'
+          docker run --platform linux/x86_64 --rm ghcr.io/datadog/catadog ruby -e 'puts RUBY_DESCRIPTION'
+          docker run --platform linux/x86_64 --rm ghcr.io/datadog/catadog gem --version
+          docker run --platform linux/x86_64 --rm ghcr.io/datadog/catadog bundle --version
+          docker run --platform linux/x86_64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ghcr.io/datadog/catadog /bin/sh -c 'bundle install && bundle exec rake test'
 
       # Build image for aarch64-linux, emulated under qemu
       # 
@@ -50,17 +53,17 @@ jobs:
           docker run --privileged --rm tonistiigi/binfmt --install arm64
       - name: Build single-arch image (aarch64-linux)
         run: |
-          docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --output=type=image,push=false --platform linux/aarch64 -f ./Dockerfile
+          docker buildx build . --builder=container --cache-from=type=registry,ref=ghcr.io/datadog/catadog --output=type=image,push=false --platform linux/aarch64 -f ./Dockerfile
       - name: Tag single-arch image (aarch64-linux)
         run: |
-          docker buildx build .  --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --load --platform linux/aarch64 -f ./Dockerfile --tag ghrc.io/datadog/catadog
+          docker buildx build . --builder=container --cache-from=type=registry,ref=ghcr.io/datadog/catadog --load --platform linux/aarch64 -f ./Dockerfile --tag ghcr.io/datadog/catadog
       - name: Test single-arch image (aarch64-linux)
         run: |
-          docker run --platform linux/aarch64 --rm ghrc.io/datadog/catadog /bin/sh -c 'true'
-          docker run --platform linux/aarch64 --rm ghrc.io/datadog/catadog ruby -e 'puts RUBY_DESCRIPTION'
-          docker run --platform linux/aarch64 --rm ghrc.io/datadog/catadog gem --version
-          docker run --platform linux/aarch64 --rm ghrc.io/datadog/catadog bundle --version
-          docker run --platform linux/aarch64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ghrc.io/datadog/catadog /bin/sh -c 'bundle install && bundle exec rake test'
+          docker run --platform linux/aarch64 --rm ghcr.io/datadog/catadog /bin/sh -c 'true'
+          docker run --platform linux/aarch64 --rm ghcr.io/datadog/catadog ruby -e 'puts RUBY_DESCRIPTION'
+          docker run --platform linux/aarch64 --rm ghcr.io/datadog/catadog gem --version
+          docker run --platform linux/aarch64 --rm ghcr.io/datadog/catadog bundle --version
+          docker run --platform linux/aarch64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ghcr.io/datadog/catadog /bin/sh -c 'bundle install && bundle exec rake test'
       
       # Assemble multi-arch image for a combined push to the registry
       # 
@@ -68,8 +71,8 @@ jobs:
       - name: Log in to the container registry
         if: ${{ inputs.push }}
         run: |
-          echo ${{ secrets.GITHUB_TOKEN }} | docker login ghrc.io -u ${{ github.actor }} --password-stdin
+          echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin
       - name: Build multi-arch image (x86-64, aarch64)
         if: ${{ inputs.push }}
         run: |
-          docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --output=type=image,push=true --build-arg BUILDKIT_INLINE_CACHE=1 --platform linux/x86_64,linux/aarch64 -f ./Dockerfile --tag ghrc.io/datadog/catadog
+          docker buildx build . --builder=container --cache-from=type=registry,ref=ghcr.io/datadog/catadog --output=type=image,push=true --build-arg BUILDKIT_INLINE_CACHE=1 --platform linux/x86_64,linux/aarch64 -f ./Dockerfile --tag ghcr.io/datadog/catadog