diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml
new file mode 100644
index 0000000..e2e92b1
--- /dev/null
+++ b/.github/workflows/create-release.yml
@@ -0,0 +1,22 @@
+# Push image to GHCR and Helm Chart to helm-charts-registry
+name: Release Image and Helm Chart
+on:
+  push:
+    tags:
+      - '[0-9]+.[0-9]+.[0-9]+-[0-9]+'
+jobs:
+
+  release_image:
+    name: "Publish image and scan with trivy"
+    permissions:
+      packages: write
+      security-events: write
+      contents: read
+    uses: dBildungsplattform/dbp-github-workflows/.github/workflows/image-publish-trivy.yaml@7
+    with:
+      image_name: "clammit"
+      run_trivy_scan: true
+      image_tag_generation: version_git_tag
+      container_registry: "ghcr.io"
+      fail_on_vulnerabilites: false
+      report_location: "Dockerfile"