diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
new file mode 100644
index 0000000..2f5715d
--- /dev/null
+++ b/.github/workflows/release.yaml
@@ -0,0 +1,52 @@
+name: Create release
+on:
+  push:
+    tags:
+      - 'v*'
+
+permissions:
+  contents: read
+env:
+  REGISTRY: ghcr.io
+  DOCKERFILE: ${{ github.workspace }}/goreleaser.dockerfile
+
+jobs:
+  release:
+    permissions:
+      contents: 'write'
+      id-token: 'write'
+      pull-requests: 'read'
+      repository-projects: 'write'
+      packages: 'write'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Prepare
+        id: prep
+        run: |
+          VERSION=sha-${GITHUB_SHA::8}
+          if [[ $GITHUB_REF == refs/tags/* ]]; then
+            VERSION=${GITHUB_REF/refs\/tags\//}
+          fi
+          echo ::set-output name=BUILD_DATE::$(date -u +'%Y-%m-%dT%H:%M:%SZ')
+          echo ::set-output name=VERSION::${VERSION}
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Install Helm
+        uses: azure/setup-helm@v4
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v5
+        with:
+          version: latest
+          args: release --release-notes=docs/release_notes/${{ steps.prep.outputs.VERSION }}.md --skip-validate
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and release the helm charts
+        run: |
+          helm registry login ghcr.io -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }}
+          helm package --version ${{ steps.prep.outputs.VERSION }} --app-version ${{ steps.prep.outputs.VERSION }} ./deploy/charts/bitwarden-sdk-server
+          helm push ${{ github.event.repository.name }}-${{ steps.prep.outputs.VERSION }}.tgz oci://ghcr.io/external-secrets/charts
diff --git a/.gitignore b/.gitignore
index 096d81a..ef66526 100644
--- a/.gitignore
+++ b/.gitignore
@@ -21,3 +21,4 @@
 go.work
 go.work.sum
 bin/
+dist/
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
new file mode 100644
index 0000000..c9be7c4
--- /dev/null
+++ b/.goreleaser.yaml
@@ -0,0 +1,32 @@
+# This is an example .goreleaser.yml file with some sensible defaults.
+# Make sure to check the documentation at https://goreleaser.com
+archives:
+  - name_template: >-
+      {{ .ProjectName }}_
+      {{- title .Os }}_
+      {{- if eq .Arch "amd64" }}x86_64
+      {{- else if eq .Arch "386" }}i386
+      {{- else }}{{ .Arch }}{{ end }}
+checksum:
+  name_template: 'checksums.txt'
+snapshot:
+  name_template: "{{ incpatch .Version }}-next"
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - '^docs:'
+      - '^test:'
+# for more information on what this target does: https://goreleaser.com/errors/docker-build/
+dockers:
+  - id: linux-build
+    image_templates:
+    - "{{ .Env.REGISTRY }}/external-secrets/bitwarden-sdk-server:{{ .Tag }}"
+    - "{{ .Env.REGISTRY }}/external-secrets/bitwarden-sdk-server:latest"
+    # GOOS of the built binary that should be used.
+    goos: linux
+    # GOARCH of the built binary that should be used.
+    goarch: amd64
+    dockerfile: Dockerfile
+    build_flag_templates:
+    - "--platform=linux/amd64"
diff --git a/deploy/.helmignore b/deploy/charts/bitwarden-sdk-server/.helmignore
similarity index 100%
rename from deploy/.helmignore
rename to deploy/charts/bitwarden-sdk-server/.helmignore
diff --git a/deploy/Chart.yaml b/deploy/charts/bitwarden-sdk-server/Chart.yaml
similarity index 100%
rename from deploy/Chart.yaml
rename to deploy/charts/bitwarden-sdk-server/Chart.yaml
diff --git a/deploy/templates/NOTES.txt b/deploy/charts/bitwarden-sdk-server/templates/NOTES.txt
similarity index 100%
rename from deploy/templates/NOTES.txt
rename to deploy/charts/bitwarden-sdk-server/templates/NOTES.txt
diff --git a/deploy/templates/_helpers.tpl b/deploy/charts/bitwarden-sdk-server/templates/_helpers.tpl
similarity index 100%
rename from deploy/templates/_helpers.tpl
rename to deploy/charts/bitwarden-sdk-server/templates/_helpers.tpl
diff --git a/deploy/templates/deployment.yaml b/deploy/charts/bitwarden-sdk-server/templates/deployment.yaml
similarity index 100%
rename from deploy/templates/deployment.yaml
rename to deploy/charts/bitwarden-sdk-server/templates/deployment.yaml
diff --git a/deploy/templates/service.yaml b/deploy/charts/bitwarden-sdk-server/templates/service.yaml
similarity index 100%
rename from deploy/templates/service.yaml
rename to deploy/charts/bitwarden-sdk-server/templates/service.yaml
diff --git a/deploy/templates/serviceaccount.yaml b/deploy/charts/bitwarden-sdk-server/templates/serviceaccount.yaml
similarity index 100%
rename from deploy/templates/serviceaccount.yaml
rename to deploy/charts/bitwarden-sdk-server/templates/serviceaccount.yaml
diff --git a/deploy/templates/tests/test-connection.yaml b/deploy/charts/bitwarden-sdk-server/templates/tests/test-connection.yaml
similarity index 100%
rename from deploy/templates/tests/test-connection.yaml
rename to deploy/charts/bitwarden-sdk-server/templates/tests/test-connection.yaml
diff --git a/deploy/values.yaml b/deploy/charts/bitwarden-sdk-server/values.yaml
similarity index 100%
rename from deploy/values.yaml
rename to deploy/charts/bitwarden-sdk-server/values.yaml
diff --git a/goreleaser.dockerfile b/goreleaser.dockerfile
new file mode 100644
index 0000000..994fa1a
--- /dev/null
+++ b/goreleaser.dockerfile
@@ -0,0 +1,9 @@
+FROM gcr.io/distroless/static:nonroot
+WORKDIR /
+COPY bitwarden-sdk-server /bitwarden-sdk-server
+USER 65532:65532
+
+EXPOSE 9998
+ENV CGO_ENABLED=1
+ENV BW_SECRETS_MANAGER_STATE_PATH='/state'
+ENTRYPOINT [ "/bitwarden-sdk-server", "serve" ]