diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..757fee3
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1 @@
+/.idea
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..983f873
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,19 @@
+# Build image
+FROM alpine:latest AS build
+
+# Build requirements
+RUN apk add --no-cache ca-certificates
+
+# Copy binary
+COPY dist/linux_amd64/keyvault-certdeploy /
+
+# ---
+
+# Runtime image
+FROM scratch
+LABEL maintainer="Matthias Blaser <mb@emgag.com>"
+
+COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
+COPY --from=build /keyvault-certdeploy /keyvault-certdeploy
+
+CMD ["/keyvault-certdeploy"]
\ No newline at end of file
diff --git a/Makefile b/Makefile
index 68837aa..fc89cba 100644
--- a/Makefile
+++ b/Makefile
@@ -3,6 +3,7 @@ OUT := keyvault-certdeploy
 PKG := github.com/emgag/keyvault-certdeploy
 PKG_LIST := $(shell go list ${PKG}/... )
 GO_FILES := $(shell find . -name '*.go' )
+VERSION := $(shell git describe --always --dirty --tags)
 
 all: build
 
@@ -36,4 +37,10 @@ clean:
 	-@rm -vf ${OUT}
 	-@rm -vrf dist
 
-
+docker:
+	docker build \
+		-t emgag/keyvault-certdeploy:${VERSION} \
+		-t emgag/keyvault-certdeploy:latest\
+		.
+	docker push emgag/keyvault-certdeploy:${VERSION}
+	docker push emgag/keyvault-certdeploy:latest
diff --git a/README.md b/README.md
index eaf1ea2..65a1c7e 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,10 @@
 
 [![Build Status](https://travis-ci.org/emgag/keyvault-certdeploy.svg?branch=master)](https://travis-ci.org/emgag/keyvault-certdeploy)
 [![Go Report Card](https://goreportcard.com/badge/github.com/emgag/keyvault-certdeploy)](https://goreportcard.com/report/github.com/emgag/keyvault-certdeploy)
+[![Docker Pulls](https://img.shields.io/docker/pulls/emgag/keyvault-certdeploy.svg)](https://hub.docker.com/r/emgag/keyvault-certdeploy)
+[![Image Layers](https://images.microbadger.com/badges/image/emgag/keyvault-certdeploy.svg)](https://microbadger.com/images/emgag/keyvault-certdeploy "Get your own image badge on microbadger.com")
+[![Latest Version](https://images.microbadger.com/badges/version/emgag/keyvault-certdeploy.svg)](https://microbadger.com/images/emgag/keyvault-certdeploy "Get your own version badge on microbadger.com")
+
 
 **keyvault-certdeploy** is a helper tool used to facilitate X.509 certificate deployment to Linux VMs with [Azure Key Vault](https://azure.microsoft.com/en-us/services/key-vault/). Unlike the built-in method via VM secrets, it does support RSA and ECDSA certificates, local deployment and update hooks. It can be used to push certificates to Key Vault from a Let's Encrypt deployment hook and to refresh VM certificates on boot or to periodically poll for updates via cronjob. 
 
@@ -130,18 +134,24 @@ Certificates are pushed to the vault as an unencrypted, single PEM-formated file
 
 ## Build
 
-On Linux:
+### On Linux
 
 ```
-$ mkdir keyvault-certdeploy && cd keyvault-certdeploy
-$ export GOPATH=$PWD
-$ go get -d github.com/emgag/keyvault-certdeploy
-$ cd src/github.com/emgag/keyvault-certdeploy
-$ make install
+$ go get -u github.com/emgag/keyvault-certdeploy
 ```
 
 will download the source and build binary called _keyvault-certdeploy_ in $GOPATH/bin.
 
+### Using Docker
+
+```
+$ go get -u github.com/goreleaser/goreleaser
+$ $(go env GOPATH)/bin/goreleaser --snapshot --rm-dist
+$ docker build -t keyvault-certdeploy:latest .
+```
+
+will build a Docker image.
+
 ## License
 
 keyvault-certdeploy is licensed under the [MIT License](http://opensource.org/licenses/MIT).
\ No newline at end of file