diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
index 2ae0a23..3ec3a65 100644
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -1,26 +1,27 @@
 ## What?
-Explain the changes you've made
-## Why?
-The “why” tells us what business or engineering goal this change achieves
-## How?
-
-## Testing?
-[ ] Functional Testing
-
-[ ] Security
 
-[ ] Performance
+<!-- Explain the changes you've made in this pull request. Provide a brief summary of the features, bug fixes, or refactors included. -->
 
-[ ] Error Handling
+## Why?
 
-[ ] Code Quality
+<!-- Describe the business or technical reason behind these changes. What goal does this PR achieve? -->
 
-[ ] Documentation
+## How?
 
-[ ] Database
+<!-- Detail how the changes were implemented. Include specifics on the code, technologies, or processes used. -->
 
-[ ] Deployment
+## Testing?
 
-[ ] Final Review
+- [ ] Functional Testing
+- [ ] Security
+- [ ] Performance
+- [ ] Error Handling
+- [ ] Code Quality
+- [ ] Documentation
+- [ ] Database
+- [ ] Deployment
+- [ ] Final Review
 
 ## Anything Else?
+
+<!-- Add any further context, suggestions, or future considerations. -->
diff --git a/.github/workflows/cd-build-image.yml b/.github/workflows/cd-build-image.yml
new file mode 100644
index 0000000..d2b0aa0
--- /dev/null
+++ b/.github/workflows/cd-build-image.yml
@@ -0,0 +1,52 @@
+name: Build & Publish Docker Image
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  deploy:
+    if: github.event.release.target_commitish == 'main'
+    name: Build & Deploy spacedf-backend Docker Image
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.release.tag_name }}
+
+      # Login to GHCR
+      - name: Login to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Generate Docker metadata
+      - name: Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/${{ github.repository }}
+          tags: |
+            type=semver,pattern={{version}},value=${{ github.event.release.tag_name }}
+            type=semver,pattern={{major}}.{{minor}},value=${{ github.event.release.tag_name }}
+            type=semver,pattern={{major}},value=${{ github.event.release.tag_name }}
+
+      # Build & Push image
+      - name: Build & Push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          secrets: |
+            github_token=${{ secrets.GH_PAT }}
diff --git a/Dockerfile b/Dockerfile
index 21a3900..23b4fab 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,21 +1,24 @@
 FROM python:3.10-alpine
+
 ENV PYTHONUNBUFFERED=1
+ENV DJANGO_SETTINGS_MODULE="auth_service.settings"
 
-# Allows docker to cache installed dependencies between builds
-RUN apk add build-base libffi-dev curl
-COPY ./auth-service/requirements.txt requirements.txt
-RUN pip install -r requirements.txt
-COPY ./django-common-utils django-common-utils
-RUN pip install ../django-common-utils
+RUN apk add --no-cache \
+    build-base \
+    libffi-dev \
+    curl \
+    git
 
-# Adds our application code to the image
-COPY ./auth-service auth-service
+# Install private repo using BuildKit secret
+RUN --mount=type=secret,id=github_token \
+    pip install --no-cache-dir \
+    git+https://$(cat /run/secrets/github_token)@github.com/Space-DF/django-common-utils.git@dev
 
-WORKDIR /auth-service
 
-EXPOSE 80
+WORKDIR /app
 
-ENV DJANGO_SETTINGS_MODULE="auth_service.settings"
+COPY . .
+RUN pip install -r ./requirements.txt
 
 RUN ["chmod", "+x", "./docker-entrypoint.sh"]