diff --git a/.drone.yml b/.drone.yml
new file mode 100644
index 0000000..aade0d7
--- /dev/null
+++ b/.drone.yml
@@ -0,0 +1,125 @@
+---
+kind: secret
+name: docker_username
+get:
+  path: odit-registry-builder
+  name: username
+
+---
+kind: secret
+name: docker_password
+get:
+  path: odit-registry-builder
+  name: password
+
+---
+kind: secret
+name: gitea_token
+get:
+  path: odit-git-bot
+  name: apikey
+
+---
+kind: secret
+name: git_ssh
+get:
+  path: odit-git-bot
+  name: sshkey
+
+---
+kind: secret
+name: cosign_key
+get:
+  path: cosign
+  name: cosign.key
+
+---
+kind: secret
+name: cosign_password
+get:
+  path: cosign
+  name: cosign.password
+
+---
+kind: pipeline
+type: kubernetes
+name: build:latest
+steps:
+  - name: bump_patch
+    depends_on: [clone]
+    image: registry.odit.services/hub/library/node:18.2.0-alpine3.15
+    commands:
+      - apk add git
+      - git config --global push.default current
+      - git branch --set-upstream-to=origin/main main
+      - yarn
+      - yarn release:patch
+      - git pull
+  - name: push to repo
+    image: appleboy/drone-git-push
+    depends_on: [bump_patch]
+    settings:
+      commit: false
+      author_email: bot@odit.services
+      followtags: true
+      branch: main
+      remote: git@git.odit.services:odit/drone-kaniko.git
+      skip_verify: true
+      ssh_key:
+        from_secret: git_ssh
+  - name: docker release
+    image: registry.odit.services/library/drone-kaniko
+    depends_on: [clone]
+    user: 0
+    settings:
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      repo: library/drone-kaniko
+      tags:
+        - latest
+      registry: registry.odit.services
+trigger:
+  branch:
+    - main
+
+---
+kind: pipeline
+type: kubernetes
+name: build:tags
+steps:
+  - name: build_tag
+    image: registry.odit.services/library/drone-kaniko
+    user: 0
+    depends_on: [clone]
+    settings:
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      repo: library/drone-kaniko
+      tags:
+        - "${DRONE_TAG}"
+      registry: registry.odit.services
+      mtu: 1000
+  - name: sign_image
+    image: registry.odit.services/hub/library/alpine:edge
+    depends_on: [build_tag]
+    commands:
+      - apk add cosign docker
+      - echo $COSIGN_KEY | sed 's/<br>/\n/g' > cosign.key
+      - echo $DOCKER_PASSWORD | docker login registry.odit.services -u $DOCKER_USERNAME --password-stdin
+      - "cosign sign --key cosign.key registry.odit.services/library/drone-kaniko:${DRONE_TAG}"
+    environment:
+      COSIGN_KEY:
+        from_secret: cosign_key
+      COSIGN_PASSWORD:
+        from_secret: cosign_password
+      DOCKER_PASSWORD:
+        from_secret: docker_password
+      DOCKER_USERNAME:
+        from_secret: docker_username
+trigger:
+  event:
+    - tag