diff --git a/.dockerignore b/.dockerignore
index 485ef47..173327b 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -126,6 +126,7 @@ celerybeat.pid
 # Environments
 .env
 .venv
+.env.*
 env/
 venv/
 ENV/
diff --git a/.github/workflows/publish-docker-image.yml b/.github/workflows/publish-docker-image.yml
new file mode 100644
index 0000000..9bc4937
--- /dev/null
+++ b/.github/workflows/publish-docker-image.yml
@@ -0,0 +1,38 @@
+name: Publish Docker Image
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  build-and-push:
+    runs-on: [ubuntu-latest]
+
+    steps:
+      - name: Check out the code
+        uses: actions/checkout@v2
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+              registry: ghcr.io
+              username: ${{github.actor}}
+              password: ${{secrets.GITHUB_TOKEN}}
+              
+      - name: Build and Push Containers
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: Dockerfile
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository }}:latest
+            ghcr.io/${{ github.repository }}:${{ github.sha }}
diff --git a/Dockerfile b/Dockerfile
index 9cd6798..7290c21 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,5 @@
 FROM python:3.10-bookworm
+LABEL org.opencontainers.image.source="https://github.com/protectai/vulnhutr"
 
 WORKDIR /usr/src/vulnhuntr
 COPY . .