diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 00000000..52c9f5a2
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,111 @@
+name: CI
+on:
+  push:
+    paths:
+      - .github/workflows/ci.yml
+      - app/**
+      - bootstrap/**
+      - config/**
+      - database/**
+      - docker/**
+      - public/**
+      - resources/**
+      - routes/**
+      - storage/**
+      - tests/**
+      - .dockerignore
+      - .env.travis
+      - artisan
+      - composer.json
+      - composer.lock
+      - Dockerfile
+      - phpunit.xml
+      - server.php
+  pull_request:
+    paths:
+      - .github/workflows/ci.yml
+      - app/**
+      - bootstrap/**
+      - config/**
+      - database/**
+      - docker/**
+      - public/**
+      - resources/**
+      - routes/**
+      - storage/**
+      - tests/**
+      - .dockerignore
+      - .env.travis
+      - artisan
+      - composer.json
+      - composer.lock
+      - Dockerfile
+      - phpunit.xml
+      - server.php
+
+jobs:
+  verify:
+    runs-on: ubuntu-latest
+    env:
+      DOCKER_BUILDKIT: "1"
+    steps:
+      - uses: actions/checkout@v2.3.4
+
+      - name: Build test image
+        run: docker build --target test -t test-container .
+
+      - name: Run tests in test container
+        run: |
+          touch coverage.txt
+          docker run --rm \
+          test-container
+
+      - name: Build final image
+        run: docker build .
+
+  publish:
+    needs: [verify]
+    if: github.event_name == 'push'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2.3.4
+
+      - uses: docker/setup-qemu-action@v1
+      - uses: docker/setup-buildx-action@v1
+
+      - uses: docker/login-action@v1
+        with:
+          username: 2fauth
+          password: ${{ secrets.DOCKERHUB_PASSWORD }}
+
+      - name: Set variables
+        id: vars
+        env:
+          EVENT_NAME: ${{ github.event_name }}
+        run: |
+          BRANCH=${GITHUB_REF#refs/heads/}
+          TAG=${GITHUB_REF#refs/tags/}
+          echo ::set-output name=commit::$(git rev-parse --short HEAD)
+          echo ::set-output name=created::$(date -u +%Y-%m-%dT%H:%M:%SZ)
+          if [ "$TAG" != "$GITHUB_REF" ]; then
+            echo ::set-output name=version::$TAG
+            echo ::set-output name=platforms::linux/amd64,linux/386,linux/arm64,linux/arm/v6,linux/arm/v7
+          elif [ "$BRANCH" = "master" ]; then
+            echo ::set-output name=version::latest
+            echo ::set-output name=platforms::linux/amd64,linux/386,linux/arm64,linux/arm/v6,linux/arm/v7
+          else
+            echo ::set-output name=version::$BRANCH
+            echo ::set-output name=platforms::linux/amd64
+          fi
+
+      - name: Build and push final image
+        uses: docker/build-push-action@v2.6.1
+        with:
+          platforms: ${{ steps.vars.outputs.platforms }}
+          build-args: |
+            CREATED=${{ steps.vars.outputs.created }}
+            COMMIT=${{ steps.vars.outputs.commit }}
+            VERSION=${{ steps.vars.outputs.version }}
+          tags: |
+            2fauth/2fauth:${{ steps.vars.outputs.version }}
+          push: true
\ No newline at end of file