diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index e51698f..b6013e7 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -7,9 +7,12 @@ on:
   pull_request:
     branches:
       - main
+  push:
+    tags:
+      - 'v*.*.*' # Trigger on semantic versioning tags
 
 permissions:
-  contents: read
+  contents: write
   id-token: write
 
 jobs:
@@ -23,22 +26,57 @@ jobs:
       - uses: actions/setup-go@v5
         with:
           go-version: stable
-      - name: golangci-lint
+      - name: Run GolangCI-Lint
         uses: golangci/golangci-lint-action@v6
         with:
           version: v1.60
 
   security:
-      name: Security Scanning
-      runs-on: ubuntu-latest
-      permissions:
-        contents: read
-      env:
-        GO111MODULE: on
-      steps:
-        - name: Checkout Source
-          uses: actions/checkout@v4
-        - name: Run Gosec Security Scanner
-          uses: securego/gosec@master
-          with:
-            args: -exclude=G301, G304, G306 
\ No newline at end of file
+    name: Security Scanning
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    env:
+      GO111MODULE: on
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v4
+      - name: Run Gosec Security Scanner
+        uses: securego/gosec@master
+        with:
+          args: -exclude=G301,G304,G306
+
+  build-and-publish:
+    name: Build and Publish Binaries
+    runs-on: ubuntu-latest
+    needs:
+      - lint
+      - security
+    if: startsWith(github.ref, 'refs/tags/v')
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: stable
+      - name: Build for Linux x86_64
+        run: |
+          GOOS=linux GOARCH=amd64 go build -o cli-tool-linux-amd64
+      - name: Build for Linux ARM
+        run: |
+          GOOS=linux GOARCH=arm64 go build -o cli-tool-linux-arm64
+      - name: Upload Release Assets
+        uses: actions/upload-release-asset@v1
+        with:
+          upload_url: ${{ github.event.release.upload_url }}
+          asset_path: ./cli-tool-linux-amd64
+          asset_name: cli-tool-linux-amd64
+          asset_content_type: application/octet-stream
+      - name: Upload ARM Release Asset
+        uses: actions/upload-release-asset@v1
+        with:
+          upload_url: ${{ github.event.release.upload_url }}
+          asset_path: ./cli-tool-linux-arm64
+          asset_name: cli-tool-linux-arm64
+          asset_content_type: application/octet-stream