diff --git a/.github/workflows/CI-build.yml b/.github/workflows/CI-build.yml
index bdd7b02..0fe097d 100644
--- a/.github/workflows/CI-build.yml
+++ b/.github/workflows/CI-build.yml
@@ -2,11 +2,19 @@ name: Build with Bun
 
 on:
    push:
+      branches: [master]
    pull_request:
+      branches: [master]
+
+env:
+   REGISTRY: ghcr.io
 
 jobs:
    build:
       runs-on: ubuntu-latest
+      permissions:
+         contents: read # Required for actions/checkout
+         packages: write # Required to publish docker image
 
       steps:
          - name: Checkout code
@@ -34,3 +42,24 @@ jobs:
            with:
               name: server-app
               path: packages/server/dist
+
+         - name: Set up Docker Buildx
+           uses: docker/setup-buildx-action@v3
+
+         - name: Log in to GitHub container registry
+           uses: docker/login-action@v3
+           with:
+              registry: ${{ env.REGISTRY }}
+              username: ${{ github.actor }}
+              password: ${{ github.token }}
+
+         - name: Lowercase the repo name and username as container tags must be lowercase
+           run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}
+
+         - name: Build and push container image to registry
+           id: push
+           uses: docker/build-push-action@v5
+           with:
+              push: ${{ github.event_name == 'push' }} # always build the container (incl. Pull Requests), but only push to the registry on code push
+              tags: ${{ env.REGISTRY }}/${{ env.REPO }}:${{ github.sha }}
+              file: ./Dockerfile