diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
new file mode 100644
index 0000000..bbd33a0
--- /dev/null
+++ b/.github/workflows/ci.yaml
@@ -0,0 +1,62 @@
+name: CI
+
+on:
+  pull_request:
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+jobs:
+  prepare:
+    name: Determine image tag
+    runs-on: ubuntu-latest
+    if: |
+      github.ref_name == 'main' ||
+      startsWith(github.ref_name, 'feature/') ||
+      startsWith(github.ref_name, 'bugfix/') ||
+      (github.event_name == 'pull_request' && (startsWith(github.head_ref, 'feature/') || startsWith(github.head_ref, 'bugfix/')))
+    outputs:
+      image_tag: ${{ steps.determine-tag.outputs.image_tag }}
+      version: ${{ steps.determine-tag.outputs.version }}
+    steps:
+      - name: Determine base tag
+        id: determine-tag
+        run: |
+          if [ "${{ github.event_name }}" = "pull_request" ] ; then
+            SHORT_SHA=$(echo ${{ github.event.pull_request.head.sha }} | cut -c1-8)
+            BRANCH_NAME="${{ github.head_ref }}"
+          else
+            SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-8)
+            BRANCH_NAME="${{ github.ref_name }}"
+          fi
+
+          if [ "${{ github.ref_name }}" = "main" ] ; then
+            echo "Processing main branch"
+            echo "image_tag=dev-${SHORT_SHA}" | tee -a $GITHUB_OUTPUT
+            echo "version=dev-${SHORT_SHA}" | tee -a $GITHUB_OUTPUT
+          else
+            # This covers feature/ and bugfix/ branches
+            echo "Processing feature/bugfix branch ${BRANCH_NAME}"
+            echo "image_tag=feature-${SHORT_SHA}" | tee -a $GITHUB_OUTPUT
+            echo "version=feature-${SHORT_SHA}" | tee -a $GITHUB_OUTPUT
+          fi
+
+  build-oci-image:
+    name: Build OCI images
+    uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/docker-build.yml@feature/allow-args-for-docker-build
+    needs: prepare
+    with:
+      image-name: docker-regis.iex.ec/cvm-base
+      image-tag: ${{ needs.prepare.outputs.image_tag }}
+      dockerfile: Dockerfile
+      context: .
+      registry: docker-regis.iex.ec
+      push: true
+      security-scan: false
+      security-report: "table"
+      hadolint: false
+      platforms: linux/amd64
+      build-args: VERSION=${{ needs.prepare.outputs.version }}
+    secrets:
+      username: ${{ secrets.NEXUS_USERNAME }}
+      password: ${{ secrets.NEXUS_PASSWORD }}