diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
new file mode 100644
index 0000000..bf1567a
--- /dev/null
+++ b/.github/workflows/docker.yml
@@ -0,0 +1,52 @@
+name: docker
+
+on:
+  push:
+    branches:
+      - main
+
+permissions:
+  contents: read
+  id-token: write
+
+jobs:
+  build-docker-image:
+    name: Build and push Docker image
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        fips_mode: [enabled, disabled]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_RO_TOKEN }}
+
+      - name: Configure AWS credentials
+        if: ${{ github.event_name == 'push' }}
+        uses: aws-actions/configure-aws-credentials@v5
+        with:
+          role-to-assume: ${{ vars.ECR_TESTING_ROLE_ARN }}
+          aws-region: us-east-1
+
+      - name: Login to Amazon ECR
+        if: ${{ github.event_name == 'push' }}
+        uses: aws-actions/amazon-ecr-login@v2
+
+      - name: Set VERSION env
+        run: echo "VERSION=$(cat splitio/version.go | grep 'Version =' | awk '{print $4}' | tr -d '"')" >> $GITHUB_ENV
+
+      - name: Docker Build and Push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: "infra/sidecar.Dockerfile"
+          push: true
+          tags: |
+            ${{ vars.ECR_TESTING_URL }}/splitd/sidecar${{ matrix.fips_mode == 'enabled' && '-fips' || ''}}:${{ env.VERSION }}
+          build-args: |
+            FIPS_MODE=${{ matrix.fips_mode }}
diff --git a/.github/workflows/unstable.yml b/.github/workflows/unstable.yml
new file mode 100644
index 0000000..72b3aa4
--- /dev/null
+++ b/.github/workflows/unstable.yml
@@ -0,0 +1,51 @@
+name: unstable
+on:
+  push:
+    branches-ignore:
+      - main
+
+permissions:
+  contents: read
+  id-token: write
+
+jobs:
+  push-docker-image:
+    name: Build and Push Docker Image
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        fips_mode: [enabled, disabled]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_RO_TOKEN }}
+
+      - name: Configure AWS credentials
+        if: ${{ github.event_name == 'push' }}
+        uses: aws-actions/configure-aws-credentials@v5
+        with:
+          role-to-assume: ${{ vars.ECR_TESTING_ROLE_ARN }}
+          aws-region: us-east-1
+
+      - name: Login to ECR
+        if: ${{ github.event_name == 'push' }}
+        uses: aws-actions/amazon-ecr-login@v2
+
+      - name: Get short hash
+        run: echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
+
+      - name: Docker Build and Push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: "infra/sidecar.Dockerfile"
+          push: true
+          tags: |
+            ${{ vars.ECR_TESTING_URL }}/splitd/sidecar${{ matrix.fips_mode == 'enabled' && '-fips' || '' }}:${{ env.SHORT_SHA }}
+          build-args: |
+            FIPS_MODE=${{ matrix.fips_mode }}