diff --git a/.github/workflows/release-to-ghcr.yaml b/.github/workflows/release-to-ghcr.yaml
new file mode 100644
index 0000000..0cafef2
--- /dev/null
+++ b/.github/workflows/release-to-ghcr.yaml
@@ -0,0 +1,127 @@
+---
+name: Release to GHCR
+
+on:
+  push:
+    branches:
+      - master
+  workflow_dispatch:
+    inputs:
+      commit_sha:
+        description: 'Git commit SHA to build and deploy'
+        required: true
+        type: string
+
+permissions:
+  contents: write # Needed to create new releases
+  packages: write # Needed to push to GHCR
+  id-token: write # Needed to create an ephemeral cross-repo token
+
+jobs:
+  get-context:
+    name: Generate release context
+    runs-on: ubuntu-latest
+    outputs:
+      new-version: ${{ steps.compute-context.outputs.new-version }}
+      current-version: ${{ steps.compute-context.outputs.current-version }}
+      version-changed: ${{ steps.compute-context.outputs.version-changed }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.commit_sha || github.sha }}
+          fetch-depth: 0 # Fetch all history for git describe to work
+
+      - name: Compute the context for this release
+        id: compute-context
+        run: |
+          current_version=$(cat package.json | jq -r .version)
+
+          # Check if the version in package.json is using semantic versioning
+          if [[ "$current_version" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            echo "Current version is a valid semantic version: $current_version"
+          else
+            echo "Current version format is not a standard semantic version: $current_version"
+            exit 1
+          fi
+
+          echo "current-version=$current_version" >> "$GITHUB_OUTPUT"
+
+          # Check if the version in package.json was changed in the last commit
+          previous_commit=$(git rev-parse HEAD~1)
+          previous_version=$(git show $previous_commit:package.json 2>/dev/null | jq -r .version || echo "")
+
+          echo "Previous version: $previous_version"
+          echo "Current version: $current_version"
+
+          if [ "$current_version" != "$previous_version" ] && [[ "$current_version" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            echo "Version changed from $previous_version to $current_version in the last commit"
+            echo "version-changed=true" >> $GITHUB_OUTPUT
+            echo "new-version=$current_version" >> $GITHUB_OUTPUT
+          else
+            echo "Version unchanged or not following semantic versioning format"
+            echo "version-changed=false" >> $GITHUB_OUTPUT
+            echo "new-version=$current_version" >> $GITHUB_OUTPUT
+          fi
+
+  create-release:
+    name: Create GitHub release
+    needs: get-context
+    if: ${{ needs.get-context.outputs.version-changed == 'true' }}
+    runs-on: ubuntu-latest
+    outputs:
+      release-id: ${{ steps.create-release.outputs.id }}
+      release-url: ${{ steps.create-release.outputs.html_url }}
+    steps:
+      - name: Create release
+        id: create-release
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const release = await github.rest.repos.createRelease({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              tag_name: `v${process.env.VERSION}`,
+              name: `v${process.env.VERSION}`,
+              body: 'Automated release created by GitHub Actions',
+              draft: false,
+              prerelease: false,
+              generate_release_notes: true
+            });
+            return release.data;
+        env:
+          VERSION: ${{ needs.get-context.outputs.new-version }}
+
+  build-and-push:
+    name: Build and push image to GHCR
+    needs: [get-context, create-release]
+    if: ${{ needs.get-context.outputs.version-changed == 'true' }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.commit_sha || github.sha }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          tags: "${{ needs.get-context.outputs.new-version }},latest"
+          build-args: |
+            BUILD_VERSION=${{ needs.get-context.outputs.new-version }}
+            BUILD_DATE=${{ github.event.repository.updated_at }}
+            VCS_REF=${{ github.sha }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/package.json b/package.json
index 47b2ff7..2328ec7 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@bitgo/advanced-wallets",
-  "version": "0.0.0-semantically-released",
+  "version": "0.0.1",
   "description": "Advanced Wallets - On-Premises Key Management with BitGo Express",
   "main": "./dist/src/index.js",
   "types": "./dist/src/index.d.ts",