diff --git a/.github/workflows/build-and-publish-monitoring-backend.yml b/.github/workflows/build-and-publish-monitoring-backend.yml
new file mode 100644
index 0000000..1abcca7
--- /dev/null
+++ b/.github/workflows/build-and-publish-monitoring-backend.yml
@@ -0,0 +1,81 @@
+name: Publish image
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - apps/monitoring/backend/**
+
+jobs:
+  publish:
+    runs-on: ubuntu-22.04
+    env:
+      AWS_REGION: eu-west-1
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+        with:
+          platforms: all
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        with:
+          install: true
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          aws-access-key-id: ${{ secrets.AWS_APPS_STAGING_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_APPS_STAGING_SECRET_ACCESS_KEY }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      - id: ecr-login
+        name: Login to Amazon ECR
+        uses: aws-actions/amazon-ecr-login@v1
+        with:
+          registries: ${{ secrets.AWS_ECR_ACCOUNT }}
+
+      - name: Evaluate image tags
+        run: |
+          IMAGE_REPOSITORY=${{ steps.ecr-login.outputs.registry }}/${{ secrets.ECR_REPOSITORY }}
+          BRANCH_IMAGE_TAG=${{ github.ref_name }}
+          UNIQUE_IMAGE_TAG=${BRANCH_IMAGE_TAG}-$(git rev-parse --short HEAD)
+
+          IMAGE_TAGS=${IMAGE_REPOSITORY}:${BRANCH_IMAGE_TAG},${IMAGE_REPOSITORY}:${UNIQUE_IMAGE_TAG}
+
+          echo "UNIQUE_IMAGE_TAG=${UNIQUE_IMAGE_TAG}" >> $GITHUB_ENV
+          echo "IMAGE_TAGS=${IMAGE_TAGS}" >> $GITHUB_ENV
+
+      - name: Build and push
+        timeout-minutes: 20
+        uses: docker/build-push-action@v4
+        with:
+          context: ./apps/monitoring/backend
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ env.IMAGE_TAGS }}
+          target: prod
+          cache-from: type=gha,scope=buildkit-master
+          cache-to: type=gha,scope=buildkit-master
+
+    #   - name: Configure GitHub credentials
+    #     run: |
+    #       GITHUB_TOKEN=$( \
+    #         curl --request GET --url ${{ secrets.VAULT_URL}} --header "Authorization: JWT ${{ secrets.VAULT_JWT }}" | jq -r .token \
+    #       )
+    #       echo "GITHUB_TOKEN=${GITHUB_TOKEN}" >> $GITHUB_ENV
+
+    #   - name: Trigger Helm deployment
+    #     run: |
+    #       gh api /repos/saleor/saleor-cloud-deployments/dispatches \
+    #         --input - <<< '{
+    #           "event_type": "deploy-app-monitoring-staging",
+    #           "client_payload": {
+    #             "image_tag": "${{ env.UNIQUE_IMAGE_TAG }}"
+    #           }
+    #         }'