diff --git a/.github/workflows/aiden-runner.yaml b/.github/workflows/aiden-runner.yaml
new file mode 100644
index 0000000..670329e
--- /dev/null
+++ b/.github/workflows/aiden-runner.yaml
@@ -0,0 +1,106 @@
+# a pipeline to create container image on changes to aiden-runner.rb file
+name: aiden-runner
+on:
+  push:
+    branches:
+      - main
+    paths:
+    - 'aiden-runner.rb'
+    - aiden-runner/Dockerfile
+    - .github/workflows/aiden-runner.yaml
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: stackgenhq/aiden-runner
+jobs:
+  build:
+    outputs:
+      image_tag: ${{ steps.meta.outputs.tags }}
+      version: ${{ steps.version.outputs.VERSION }}
+    permissions:
+      contents: read
+      packages: write
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - platform: linux/amd64
+            runner: ubuntu-latest
+            tag-suffix: -amd64
+          - platform: linux/arm64
+            runner: ubuntu-22.04-arm
+            tag-suffix: -arm64
+    runs-on: ${{ matrix.runner }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+          sparse-checkout: |
+            aiden-runner
+            aiden-runner.rb
+      - name: Get aiden-runner version
+        id: version
+        run: |
+          VERSION="$(awk '$1 == \"version\" { print $2; exit }' aiden-runner.rb | tr -d '\"')"
+          test -n "$VERSION" || { echo "Error: Failed to extract version from aiden-runner.rb"; exit 1; }
+          echo "$VERSION" | grep -Eq '^[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?(\+[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?$' || { echo "Error: Extracted version is not valid semver: $VERSION"; exit 1; }
+          echo "VERSION=$VERSION" >> "$GITHUB_OUTPUT"
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=raw,value=${{ steps.version.outputs.VERSION }}
+            type=raw,value=latest
+          flavor: |
+            suffix=${{ matrix.tag-suffix }},onlatest=false
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Docker Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: ./aiden-runner
+          platforms: ${{ matrix.platform }}
+          tags: ${{ steps.meta.outputs.tags }}
+          push: true
+          provenance: false
+          labels: ${{ steps.meta.outputs.labels }}
+          build-args: |-
+            AIDEN_RUNNER_VERSION=${{ steps.version.outputs.VERSION }}
+
+  create_manifest:
+    name: Create manifest
+    runs-on: ubuntu-22.04
+    needs: build
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Create manifest
+        run: |
+          docker buildx imagetools create \
+            -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest \
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest-amd64 \
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest-arm64
+
+          docker buildx imagetools create \
+            -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.build.outputs.version }} \
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.build.outputs.version }}-amd64 \
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.build.outputs.version }}-arm64
diff --git a/aiden-runner/Dockerfile b/aiden-runner/Dockerfile
new file mode 100644
index 0000000..b1fa374
--- /dev/null
+++ b/aiden-runner/Dockerfile
@@ -0,0 +1,31 @@
+FROM alpine AS download_binary
+
+ARG AIDEN_RUNNER_VERSION
+ARG TARGETOS
+ARG TARGETARCH
+
+# install wget
+RUN apk update && \
+    apk add --no-cache wget && \
+    rm -rf /var/cache/apk/*
+
+RUN URL="https://releases.stackgen.com/binaries/aios-remote/v${AIDEN_RUNNER_VERSION}/aiden-runner_${AIDEN_RUNNER_VERSION}_${TARGETOS}_${TARGETARCH}.tar.gz" && \
+    wget --fail -O aiden-runner.tar.gz "$URL" || { echo "Error: failed to download aiden-runner from $URL" >&2; exit 1; } && \
+    tar -xzf aiden-runner.tar.gz && \
+    test -f aiden-runner || { echo "Error: extracted archive does not contain aiden-runner binary" >&2; exit 1; } && \
+    mv aiden-runner /tmp/aiden-runner && \
+    chmod +x /tmp/aiden-runner && \
+    rm -f aiden-runner.tar.gz
+
+FROM alpine:latest
+
+RUN apk update && \
+    apk add --no-cache ca-certificates && \
+    rm -rf /var/cache/apk/* && \
+    addgroup -S stackgen && adduser -S stackgen -G stackgen -u 1000 -h /home/stackgen
+
+COPY --from=download_binary --chown=stackgen:stackgen /tmp/aiden-runner /usr/local/bin/aiden-runner
+
+USER stackgen
+
+ENTRYPOINT ["/usr/local/bin/aiden-runner"]