diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
new file mode 100644
index 0000000..f5409d5
--- /dev/null
+++ b/.github/workflows/main.yml
@@ -0,0 +1,60 @@
+name: CI
+
+# Controls when the action will run. Triggers the workflow on push to master or development 
+# with a tag like v1.0.0 or v1.0.0-dev
+on:
+  push:
+    tags: 
+      - v[0-9]+.[0-9]+.[0-9]+
+      - v[0-9]+.[0-9]+.[0-9]+-[a-zA-Z]+
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - uses: actions/checkout@v2
+      
+      - name: Get Version
+        id: get_version
+        uses: battila7/get-version-action@v2.0.0
+      
+      - name: install buildx
+        id: buildx
+        uses: crazy-max/ghaction-docker-buildx@v1
+        with:
+          version: latest
+
+      - name: Docker Login
+        # You may pin to the exact commit or the version.
+        # uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
+        uses: docker/login-action@v1.10.0
+        with:
+          registry: ${{ secrets.DR_URL }}
+          # Username used to log against the Docker registry
+          username: ${{ secrets.DH_USERNAME }}
+          # Password or personal access token used to log against the Docker registry
+          password: ${{ secrets.DH_PASSWORD }}
+          # Log out from the Docker registry at the end of a job
+          logout: true
+
+      - name: Docker Build & Push
+        env:
+          IMAGE_TAG: ${{ steps.get_version.outputs.version-without-v }}
+        run: |
+          docker buildx build --push \
+          --tag ${{ secrets.DR_URL }}/quartermaster:$IMAGE_TAG \
+          --platform linux/amd64,linux/arm/v7,linux/arm64 . 
+      - name: Update deployment file
+        run: TAG=${{ steps.get_version.outputs.version-without-v }} && sed -i 's|<IMAGE>|${{ secrets.DR_URL }}/quartermaster:'${TAG}'|' $GITHUB_WORKSPACE/deployment.yml
+
+      - uses: azure/k8s-set-context@v1
+        with:
+          method: kubeconfig
+          kubeconfig: ${{ secrets.KUBE_CONFIG }}
+        id: setcontext
+
+      - name: Deploy to Kubernetes
+        run: kubectl apply -f $GITHUB_WORKSPACE/deployment.yml
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..b5dba10
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,32 @@
+FROM node:lts-alpine as frontend
+
+WORKDIR /frontend
+
+COPY pkg/ui/frontend/package*.json ./
+RUN npm install
+COPY pkg/ui/frontend .
+RUN npm run build
+
+FROM golang:1.17-alpine as dev
+
+WORKDIR /go/src/Quartermaster
+COPY ./go.mod .
+COPY ./go.sum .
+
+RUN go mod download
+
+COPY . .
+COPY --from=frontend /frontend/dist pkg/ui/frontend/dist
+RUN go build -tags prod -o quartermaster cmd/quartermaster/main.go
+
+CMD [ "go", "run", "cmd/quartermaster/main.go"]
+
+from alpine
+
+WORKDIR /bin
+
+COPY --from=dev /go/src/Quartermaster/quartermaster ./quartermaster
+RUN mkdir -p /internal/postgres/migrations
+COPY --from=dev /go/src/Quartermaster/internal/postgres/migrations /internal/postgres/migrations
+
+CMD [ "quartermaster" ]
diff --git a/deployment.yml b/deployment.yml
new file mode 100644
index 0000000..820fd8c
--- /dev/null
+++ b/deployment.yml
@@ -0,0 +1,105 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: quartermaster
+  namespace: quartermaster
+  labels:
+    app: quartermaster
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: quartermaster
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 1
+  minReadySeconds: 120
+  template:
+    metadata:
+      labels:
+        app: quartermaster
+    spec:
+      containers:
+        - name: pgbouncer
+          image: timoha/pgbouncer:1.15.0
+          resources:
+            requests:
+              memory: "256Mi"
+              cpu: "0.5"
+            limits:
+              memory: "512Mi"
+              cpu: "1"
+          env:
+            - name: DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: quartermaster
+                  key: pgbouncer_url
+            - name: SERVER_TLS_SSLMODE
+              valueFrom:
+                secretKeyRef:
+                  name: quartermaster
+                  key: pgbouncer_ssl
+            - name: AUTH_TYPE
+              valueFrom:
+                secretKeyRef:
+                  name: quartermaster
+                  key: pgbouncer_auth
+          ports:
+            - containerPort: 5432
+        - name: quartermaster
+          image: <IMAGE>
+          resources:
+            requests:
+              memory: "512Mi"
+              cpu: "1"
+            limits:
+              memory: "1Gi"
+              cpu: "2"
+          ports:
+            - containerPort: 8000
+          env:
+            - name: DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: quartermaster
+                  key: database_url
+      imagePullSecrets:
+        - name: registry-1
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: quartermaster-service
+  namespace: quartermaster
+  labels:
+    app: quartermaster
+spec:
+  selector:
+    app: quartermaster
+  ports:
+    - protocol: TCP
+      name: http
+      port: 8000
+      targetPort: 8000
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: quartermaster
+  namespace: quartermaster
+spec:
+  rules:
+  - host: quartermaster.djpianalto.com
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: quartermaster-service
+            port:
+              number: 8000
+
diff --git a/go.mod b/go.mod
index 58a847f..384ef71 100644
--- a/go.mod
+++ b/go.mod
@@ -18,6 +18,5 @@ require (
 	github.com/gobuffalo/here v0.6.5 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e // indirect
 	go.uber.org/atomic v1.9.0 // indirect
 )