diff --git a/.gitignore b/.gitignore
index e5339985..ceb556c9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -77,3 +77,5 @@ tags
 # End of https://www.gitignore.io/api/go,vim,emacs,visualstudiocode
 
 .idea
+vendor
+bin
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..bc9a57ae
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,31 @@
+# Build the manager binary
+FROM golang:1.16 as builder
+
+WORKDIR /workdir
+# ENV GOPATH=/go
+# Copy the Go Modules manifests
+COPY go.mod go.sum /workdir/
+# cache deps before building and copying source so that we don't need to re-download as much
+# and so that source changes don't invalidate our downloaded layer
+RUN go mod download
+
+RUN cat go.mod
+
+# Copy the go source
+COPY cmd cmd
+COPY pkg pkg
+COPY version version
+
+RUN ls -la /workdir
+
+# Build
+RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o /workspace/manager ./cmd/manager/main.go
+
+# Use distroless as minimal base image to package the manager binary
+# Refer to https://github.com/GoogleContainerTools/distroless for more details
+FROM gcr.io/distroless/static:nonroot
+WORKDIR /
+COPY --from=builder /workspace/manager .
+USER 65532:65532
+
+ENTRYPOINT ["/manager"]
diff --git a/Makefile b/Makefile
index fe27a7e9..3fbf9cf6 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,9 @@
-SHELL=/bin/bash
+SHELL=/usr/bin/env bash -o pipefail
 NAMESPACE=default
 KUBECONFIG=/tmp/kubeconfig
+VERSION ?= latest
+IMAGE_TAG_BASE ?= quay.io/mittwald/kubernetes-secret-generator
+IMG ?= secret-generator:${VERSION}
 
 .PHONY: install
 install: ## Install all resources (RBAC and Operator)
@@ -52,11 +55,22 @@ fmt:
 	go fmt $$(go list ./...)
 
 .PHONY: kind
-kind: ## Create a kind cluster to test against
-	kind create cluster --name kind-k8s-secret-generator
-	kind get kubeconfig --name kind-k8s-secret-generator | tee ${KUBECONFIG}
+kind: ## Create a kind cluster to tefmt: ## Run go fmt against code.
+	go fmt ./...
+
+vet: ## Run go vet against code.
+	go vet ./...
 
 .PHONY: build
-build:
-	operator-sdk build --go-build-args "-ldflags -X=version.Version=${SECRET_OPERATOR_VERSION}" ${DOCKER_IMAGE}
+build: fmt vet ## Build manager binary.
+	go build -o bin/manager ./cmd/manager/main.go
+	@exit $(.SHELLSTATUS)
+
+.PHONY: docker-build
+docker-build: ## Build docker image with the manager.
+	docker build -t ${IMG} .
 	@exit $(.SHELLSTATUS)
+
+docker-push: ## Push docker image with the manager.
+	docker tag ${IMG} ${IMAGE_TAG_BASE}:${VERSION}
+	docker push ${IMAGE_TAG_BASE}