diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 67926fc..6ecf393 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -4,6 +4,7 @@ on:
   push:
     branches:
       - 'main'
+      - 'hiep/signer-build'
     tags:
       - '*'
 
@@ -53,3 +54,19 @@ jobs:
       - name: Run Gosec (covenant-signer)
         working-directory: ./covenant-signer
         run: gosec ./...
+  
+  docker_pipeline_covenant_signer:
+    needs: ["go_sec_covenant_signer"]
+    uses: babylonlabs-io/.github/.github/workflows/reusable_docker_pipeline.yml@v0.10.2
+    secrets: inherit
+    with:
+      publish: true
+      dockerfile: ./covenant-signer/Dockerfile
+      dockerContext: ./covenant-signer 
+      repoName: covenant-signer
+      docker_scan: true
+    permissions:
+      # required for all workflows
+      security-events: write
+      # required to fetch internal or private CodeQL packs
+      packages: read
\ No newline at end of file