diff --git a/.github/workflows/release-image.yml b/.github/workflows/release-image.yml
new file mode 100644
index 0000000..1d58779
--- /dev/null
+++ b/.github/workflows/release-image.yml
@@ -0,0 +1,52 @@
+name: Release image to DockerHub
+
+on:
+  workflow_dispatch:
+  push:
+    tags: ["v*.*.*"]
+    branches:
+      - main
+
+jobs:
+  build-and-release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set tags
+        run: |
+          if ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags') }}; then
+            echo "TAGS=falkordb/code-graph-backend:latest,falkordb/code-graph-backend:${{ github.ref_name }}" >> $GITHUB_ENV
+          else
+            echo "TAGS=falkordb/code-graph-backend:edge" >> $GITHUB_ENV
+          fi
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+  
+      - name: Build image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile
+          push: false
+          tags: ${{ env.TAGS }}
+    
+      - name: Scan image for vulnerabilities
+        uses: aquasecurity/trivy-action@0.29.0
+        with:
+          image-ref: ${{ env.TAGS }}
+          format: 'table'
+          exit-code: '1'
+          severity: 'CRITICAL,HIGH'
+    
+      - name: Push image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: ${{ env.TAGS }}