diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
new file mode 100644
index 0000000..a38b796
--- /dev/null
+++ b/.github/workflows/main.yml
@@ -0,0 +1,58 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - "*"
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  ci:
+    runs-on: ubuntu-latest
+    env:
+      GIT_SHA: ${{ github.sha }}
+      GIT_REF: ${{ github.ref }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      # Run go tests
+      - name: Run tests
+        if: ${{ !startsWith(github.ref, 'refs/tags/v') }}
+        run: make test
+
+      - name: Docker login
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Build or pull image
+      - name: Build image
+        if: ${{ !startsWith(github.ref, 'refs/tags/v') }}
+        run: make build-image
+
+      - name: Pull image
+        if: ${{ startsWith(github.ref, 'refs/tags/v') }}
+        run: make pull-image
+
+      # Test the image
+      - name: Test image
+        run: make test-image
+
+      # Push or promote image
+      - name: Push image
+        if: ${{ !startsWith(github.ref, 'refs/tags/v') }}
+        run: |
+          make push-image
+
+      - name: Promote image
+        if: ${{ startsWith(github.ref, 'refs/tags/v') }}
+        run: |
+          make promote-image
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..0eb3096
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,25 @@
+FROM golang:1.18.10-bullseye as builder
+
+ARG coredns_version=1.10.1
+ARG plugin_name=kubenodes
+ARG plugin_repo=github.com/infobloxopen/kubenodes
+
+RUN go mod download github.com/coredns/coredns@v${coredns_version}
+
+WORKDIR $GOPATH/pkg/mod/github.com/coredns/coredns@v${coredns_version}
+RUN go mod download
+
+RUN sed -i "/kubernetes/i ${plugin_name}:${plugin_repo}" plugin.cfg && \
+    echo "kubeapi:github.com/coredns/kubeapi" >> plugin.cfg && \
+    go get ${plugin_repo}
+
+RUN make coredns && \
+    mv coredns /tmp/coredns
+
+FROM scratch
+
+COPY --from=builder /etc/ssl/certs /etc/ssl/certs
+COPY --from=builder /tmp/coredns /coredns
+
+EXPOSE 53 53/udp
+ENTRYPOINT ["/coredns"]
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..3a11b93
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,29 @@
+GIT_SHA ?= $(shell echo `git rev-parse --verify HEAD^{commit}`)
+GITHUB_REPOSITORY ?= example/kubenodes
+IMAGE_NAME ?= ghcr.io/${GITHUB_REPOSITORY}-coredns
+TEST_IMAGE = ${IMAGE_NAME}:${GIT_SHA}
+
+default: build-image
+
+test:
+	go test
+
+build-image:
+	docker build -t ${TEST_IMAGE} .
+
+push-image:
+	docker push ${TEST_IMAGE}
+
+pull-image:
+	docker pull ${TEST_IMAGE}
+
+test-image:
+	docker run --rm ${TEST_IMAGE} -plugins | grep kubenodes
+
+RELEASE_IMAGE = ${IMAGE_NAME}:$(subst refs/tags/,,${GIT_REF})
+promote-image:
+ifndef GIT_REF
+	$(error GIT_REF is not set)
+endif
+	docker tag ${TEST_IMAGE} ${RELEASE_IMAGE}
+	docker push ${RELEASE_IMAGE}