diff --git a/.github/scripts/prepare_production_deployment.sh b/.github/scripts/prepare_production_deployment.sh
new file mode 100644
index 0000000..b0dbb6a
--- /dev/null
+++ b/.github/scripts/prepare_production_deployment.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+set -e
+
+# Only:
+# - Tagged commits
+# - Security env variables are available.
+echo "🚀 Preparing version $VERSION_TAG for deployment"
+
+if [ -n "$VERSION_TAG" ] && [ -n "$PROD_DEPLOYMENT_HOOK_TOKEN" ] && [ -n "$PROD_DEPLOYMENT_HOOK_URL" ]
+then
+  curl --silent --output /dev/null --write-out "%{http_code}" -X POST \
+     -F token="$PROD_DEPLOYMENT_HOOK_TOKEN" \
+     -F ref=master \
+     -F "variables[TRIGGER_RELEASE_COMMIT_TAG]=$VERSION_TAG" \
+      $PROD_DEPLOYMENT_HOOK_URL
+else
+  echo  >&2 "[ERROR] Deployment to production could not be prepared. Some Environment variables are missing"
+  exit 100
+fi
diff --git a/.github/workflows/web-ci.yml b/.github/workflows/web-ci.yml
new file mode 100644
index 0000000..819b428
--- /dev/null
+++ b/.github/workflows/web-ci.yml
@@ -0,0 +1,69 @@
+name: Deploy
+
+on:
+  push:
+    branches: [master]
+    tags: [v*]
+
+  release:
+    types: [published]
+
+jobs:
+  deploy:
+    name: Deployment
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./packages/app
+
+    steps:
+      - name: Cancel Previous Runs
+        uses: styfle/cancel-workflow-action@0.8.0
+        with:
+          access_token: ${{ github.token }}
+
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Set up node
+      - uses: actions/setup-node@v2
+        with:
+          node-version: 16
+
+      - name: Cache yarn cache
+        uses: actions/cache@v2
+        id: cache-yarn-cache
+        with:
+          path: ${{ steps.yarn-cache.outputs.dir }}
+          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
+
+      - name: Install dependencies
+        run: yarn install
+
+      - name: Build website
+        run: yarn static
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
+
+      # Script to deploy to the dev environment
+      - name: 'Deploy to S3: Dev'
+        if: github.ref == 'refs/heads/master'
+        run: aws s3 sync out s3://${{ secrets.AWS_DEV_BUCKET_NAME }}/current --delete
+
+      # Script to upload release files
+      - name: 'Upload release build files for production'
+        if: startsWith(github.ref, 'refs/tags/v')
+        run: aws s3 sync out s3://${{ env.AWS_DEV_BUCKET_NAME }}/releases/${{ github.event.release.tag_name }} --delete
+
+      # Script to prepare production deployments
+      - run: bash ./.github/scripts/prepare_production_deployment.sh
+        if: success() && startsWith(github.ref, 'refs/tags/v')
+        env:
+          PROD_DEPLOYMENT_HOOK_TOKEN: ${{ secrets.PROD_DEPLOYMENT_HOOK_TOKEN }}
+          PROD_DEPLOYMENT_HOOK_URL: ${{ secrets.PROD_DEPLOYMENT_HOOK_URL }}
+          VERSION_TAG: ${{ github.event.release.tag_name }}