diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
new file mode 100644
index 0000000..54502ce
--- /dev/null
+++ b/.github/workflows/docker-image.yml
@@ -0,0 +1,91 @@
+name: CI/CD job
+
+on:
+  push:
+    branches: ["main"]
+jobs:
+
+  push_to_registry:
+    name: Push Docker image to Docker Hub
+    runs-on: ubuntu-latest
+    outputs:
+        tag: ${{ steps.version.outputs.version }}
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v3
+
+      - name: Bump version and push tag
+        id: tag_version
+        uses: mathieudutour/github-tag-action@v6.1
+        with:
+          github_token: ${{ secrets.USER_GIT_TOKEN }}
+
+      - name: Get current date
+        id: date
+        run: echo "::set-output name=date::$(date +'%Y-%m-%dT%H:%M:%S')"
+
+      - name: Get next version
+        uses: reecetech/version-increment@2023.9.3
+        id: version
+        with:
+          scheme: semver
+          increment: patch
+      
+      - name: Create release branch
+        uses: peterjgrainger/action-create-branch@v2.0.1
+        env:
+          GITHUB_TOKEN: ${{ secrets.USER_GIT_TOKEN }}
+        with:
+          branch: "release/${{ steps.version.outputs.version }}"
+        
+      
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3.0.0
+        with:
+          username: ${{ secrets.DOCKER_USER }}
+          password: ${{ secrets.DOCKER_HUB_TOKEN }}
+          
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          buildkitd-flags: --debug
+          
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5.5.0
+        with:
+          images: ${{ secrets.DOCKER_USER }}/${{ secrets.DOCKER_REPO_NAME }}
+          tags: latest
+          labels: latest
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5.1.0
+        with:
+          context: .
+          file: ./docker/tpu/Dockerfile
+          build-args: |
+            "MINIO_ACCESS_KEY=${{ secrets.MINIO_ACCESS_KEY }}"
+            "MINIO_PUB_CERT=${{ secrets.MINIO_PUB_CERT }}"
+            "MINIO_SECRET_KEY=${{ secrets.MINIO_SECRET_KEY }}"
+          push: true
+          platforms: linux/arm64
+          tags: "altairzero/sinapse-faces:${{ steps.version.outputs.version }}"
+          labels: ${{ steps.date.outputs.date }}
+        
+  deploy:
+    name: Pull image to cluster
+    needs: push_to_registry
+    runs-on: ubuntu-latest
+    steps:
+      - name: Connect and run script
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.SSH_HOST }}
+          port: ${{ secrets.SSH_PORT }}
+          username: ${{ secrets.SSH_USER }}
+          key: ${{ secrets.SSH_PRIVATE_KEY }}
+          script: |
+            cd ${{ secrets.SSH_FOLDER }}
+            ansible-playbook -i hosts/nodes.yml --extra-vars "user=${{ secrets.DOCKER_USER }} token=${{ secrets.DOCKER_HUB_TOKEN }}" playbooks/login_slaves.yml
+            ansible-playbook -i hosts/nodes.yml --extra-vars "image=altairzero/sinapse-faces:${{needs.push_to_registry.outputs.tag}}" playbooks/pull_image.yml
+