diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000..5f1dc8b
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,206 @@
+name: build
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+  schedule:
+    - cron: "0 0 * * 5"
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+jobs:
+  prepare_container:
+    runs-on: self-hosted
+    outputs: 
+      uid: ${{ steps.uid_step.outputs.userid }}
+      gid: ${{ steps.uid_step.outputs.groupid }}
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - uses: actions/checkout@v4
+
+      - name: Get user id/group
+        id: uid_step
+        run: |
+          echo "userid=$(id -u)" >> "$GITHUB_OUTPUT"
+          echo "groupid=$(id -g)" >> "$GITHUB_OUTPUT"
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          buildkitd-config: /etc/docker/cibuilder.toml
+
+      - name: Login to Docker Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ciserver.ci:5000
+          username: ${{ secrets.CI_CACHE_REGISTRY_LOGIN }}
+          password: ${{ secrets.CI_CACHE_REGISTRY_PASSWORD }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: docker
+          push: true
+          tags: ciserver.ci:5000/${{ github.repository_id }}:latest
+          cache-from: type=registry,ref=ciserver.ci:5000/${{ github.repository_id }}:cache
+          cache-to: type=registry,ref=ciserver.ci:5000/${{ github.repository_id }}:cache,mode=max
+          file: docker/Dockerfile
+
+  build_images:
+    needs: prepare_container
+    runs-on: self-hosted
+    container: 
+        image: ciserver.ci:5000/${{ github.repository_id }}:latest
+        credentials:
+            username: ${{ secrets.CI_CACHE_REGISTRY_LOGIN }}
+            password: ${{ secrets.CI_CACHE_REGISTRY_PASSWORD }}
+        options: --user "${{ needs.prepare_container.outputs.uid }}:${{ needs.prepare_container.outputs.gid }}"
+    outputs: 
+      build_tag: ${{ steps.tag_step.outputs.build_tag }}
+    steps:
+      - name: Checkout repo 
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+
+      - name: Fetch cache from server   
+        uses: tespkg/actions-cache/restore@v1
+        with:
+          endpoint: ciserver.ci
+          port: 9000
+          insecure: true
+          accessKey: ${{ secrets.CI_CACHE_MINIO_ACCESS }}
+          secretKey: ${{ secrets.CI_CACHE_MINIO_SECRET }}
+          bucket: cicache
+          use-fallback: false
+          key: ${{ github.repository }}
+          path: build/cache/cicache
+
+      - name: Get build tag
+        id: tag_step
+        run: |
+          build_tag=$(date +%Y-%m-%d)_$(git rev-parse --short HEAD)
+          echo "build_tag=$build_tag" >> "$GITHUB_OUTPUT"
+
+      - name: Register buildroot mirror
+        run: echo 'BR2_PRIMARY_SITE="http://ciserver.ci:8000/cimirror/buildroot_mirror"' >> configs/buildroot/rz-solidrun_defconfig
+          
+      - name: Build for RZ/G2LC
+        shell: bash
+        run: |
+          COMPRESSION_FORMAT=xz MACHINE=rzg2lc-solidrun ./runme.sh
+          COMPRESSION_FORMAT=xz DISTRO=debian MACHINE=rzg2lc-solidrun ./runme.sh
+
+      - name: Build for RZ/G2L
+        shell: bash
+        run: |
+          COMPRESSION_FORMAT=xz MACHINE=rzg2l-solidrun ./runme.sh
+          COMPRESSION_FORMAT=xz DISTRO=debian MACHINE=rzg2l-solidrun ./runme.sh
+
+      - name: Build for RZ/V2L
+        shell: bash
+        run: |
+          COMPRESSION_FORMAT=xz MACHINE=rzv2l-solidrun ./runme.sh
+          COMPRESSION_FORMAT=xz DISTRO=debian MACHINE=rzv2l-solidrun ./runme.sh
+
+      - name: Copy deploy artifacts
+        shell: bash
+        run: |
+            mkdir deploy
+            cp images/*-bootloader-*.img deploy
+            cp images/*.img.xz deploy
+            cp images/*.img.bmap deploy
+
+      - name: Deploy to the local minio storage
+        uses: yakubique/minio-upload@v1.1.3
+        with:
+          endpoint: http://ciserver.ci:9000
+          insecure: true
+          access_key: ${{ secrets.CI_CACHE_MINIO_ACCESS }}
+          secret_key: ${{ secrets.CI_CACHE_MINIO_SECRET }}
+          bucket: cipublish
+          source: ./deploy
+          target: "/${{ github.repository_id }}/${{ steps.tag_step.outputs.build_tag }}"
+          recursive: true
+
+      - name: Update cache on the server  
+        # if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
+        uses: tespkg/actions-cache/save@v1
+        with:
+          endpoint: ciserver.ci
+          port: 9000
+          insecure: true
+          accessKey: ${{ secrets.CI_CACHE_MINIO_ACCESS }}
+          secretKey: ${{ secrets.CI_CACHE_MINIO_SECRET }}
+          bucket: cicache
+          use-fallback: false
+          key: ${{ github.repository }}
+          path: build/cache/cicache
+
+      - name: Prepare mirror
+        # if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
+        shell: bash
+        run: |
+          mkdir buildroot_mirror
+          cp -r build/cache/buildroot_dl/* buildroot_mirror
+
+      - name: Update download mirror
+        uses: yakubique/minio-upload@v1.1.3
+        # if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
+        with:
+          endpoint: http://ciserver.ci:9000
+          insecure: true
+          access_key: ${{ secrets.CI_CACHE_MINIO_ACCESS }}
+          secret_key: ${{ secrets.CI_CACHE_MINIO_SECRET }}
+          bucket: cimirror
+          source: buildroot_mirror
+          target: "/"
+          recursive: true
+
+  publish_images:
+    needs: build_images
+    runs-on: self-hosted
+    if: github.event_name == 'push'
+    steps:
+      - name: Download an artifacts from MinIO
+        uses: yakubique/minio-download@v1.1.1
+        with:
+          endpoint: http://ciserver.ci:9000
+          insecure: true
+          access_key: ${{ secrets.CI_CACHE_MINIO_ACCESS }}
+          secret_key: ${{ secrets.CI_CACHE_MINIO_SECRET }}
+          bucket: cipublish
+          source: "/${{ github.repository_id }}/${{ needs.build_images.outputs.build_tag }}/"
+          target: "."
+          recursive: true
+
+      - name: Assign a build tag
+        run: |
+            mkdir -p debian
+            mkdir -p buildroot
+            cp deploy/*-bootloader-*.img debian
+            cp deploy/*-bootloader-*.img buildroot
+            cp deploy/*-debian-*.img.* debian
+            cp deploy/*-buildroot-*.img.* buildroot
+
+      - name: Upload Debian to S3
+        uses: shallwefootball/upload-s3-action@v1.3.3
+        with:
+          aws_key_id: ${{ secrets.IMAGES_S3_ACCESS }}
+          aws_secret_access_key: ${{ secrets.IMAGES_S3_SECRET }}
+          aws_bucket: ${{ secrets.IMAGES_S3_BUCKET }}
+          endpoint: ${{ secrets.IMAGES_S3_HOST }}
+          source_dir: debian
+          destination_dir: RZ/Debian/${{ needs.build_images.outputs.build_tag }}
+      
+      - name: Upload Debian to S3
+        uses: shallwefootball/upload-s3-action@v1.3.3
+        with:
+          aws_key_id: ${{ secrets.IMAGES_S3_ACCESS }}
+          aws_secret_access_key: ${{ secrets.IMAGES_S3_SECRET }}
+          aws_bucket: ${{ secrets.IMAGES_S3_BUCKET }}
+          endpoint: ${{ secrets.IMAGES_S3_HOST }}
+          source_dir: debian
+          destination_dir: RZ/Buildroot/${{ needs.build_images.outputs.build_tag }}
\ No newline at end of file