diff --git a/.github/workflows/build-snapshot.yml b/.github/workflows/build-snapshot.yml
new file mode 100644
index 0000000..6c3ff4d
--- /dev/null
+++ b/.github/workflows/build-snapshot.yml
@@ -0,0 +1,61 @@
+name: Build snapshot
+
+on:
+  push:
+    branches:
+      - develop
+  pull_request:
+    branches: [ master ]
+
+env:
+  IMAGE_NAME: ${{ github.repository }}
+  PLATFORMS: linux/amd64,linux/arm64,linux/arm/v7
+  GH_REPO: ghcr.io
+
+jobs:
+
+  build-and-push-docker-image:
+    name: Build Docker snapshot
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        id: qemu
+        uses: docker/setup-qemu-action@v1
+        with:
+          image: tonistiigi/binfmt:latest
+          platforms: ${{ env.PLATFORMS }}
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Log into registry ${{ env.REGISTRY }}
+        uses: docker/login-action@v1
+        with:
+          registry: ${{ env.GH_REPO }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v3
+        with:
+          images: ${{ env.GH_REPO }}/${{ env.IMAGE_NAME }}
+      
+      - name: Build image and push snapshot to GitHub Container Registry
+        id: build-and-push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          platforms: ${{ env.PLATFORMS }}
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/.github/workflows/docker-registry.yml b/.github/workflows/build-tag.yml
similarity index 63%
rename from .github/workflows/docker-registry.yml
rename to .github/workflows/build-tag.yml
index a46e721..0a4384d 100644
--- a/.github/workflows/docker-registry.yml
+++ b/.github/workflows/build-tag.yml
@@ -1,47 +1,30 @@
-name: Build and Publish
+name: Build and Publish tag version
 
 on:
-  # run it on push to the default repository branch
   push:
-    branches: [master, develop]
-    # Publish semver tags as releases.
-    tags: [ 'v*.*.*' ]
-  # run it during pull request
-  pull_request:
-    branches: [ master ]
+    tags: [ '*.*.*.*' ]
 
 env:
-  # github.repository as <account>/<repo>
   IMAGE_NAME: ${{ github.repository }}
   PLATFORMS: linux/amd64,linux/arm64,linux/arm/v7
   GH_REPO: ghcr.io
 
 jobs:
 
-  # define job to build and publish docker image
   build-and-push-docker-image:
     name: Build Docker image and push to repositories
-    # run only when code is compiling and tests are passing
     runs-on: ubuntu-latest
     permissions:
       contents: read
       packages: write
-      # This is used to complete the identity challenge
-      # with sigstore/fulcio when running outside of PRs.
       id-token: write
 
-    # steps to perform in job
     steps:
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
-      # Install the cosign tool except on PR
-      # https://github.com/sigstore/cosign-installer
       - name: Install cosign
-        if: github.event_name != 'pull_request'
-        uses: sigstore/cosign-installer@1e95c1de343b5b0c23352d6417ee3e48d5bcd422
-        with:
-          cosign-release: 'v1.4.0'
+        uses: sigstore/cosign-installer@main
 
       - name: Set up QEMU
         id: qemu
@@ -50,45 +33,46 @@ jobs:
           image: tonistiigi/binfmt:latest
           platforms: ${{ env.PLATFORMS }}
 
-      # setup Docker buld action
       - name: Set up Docker Buildx
         id: buildx
         uses: docker/setup-buildx-action@v1
 
       - name: Login to DockerHub
-        if: github.event_name != 'pull_request'
         uses: docker/login-action@v1
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
-      # Login against a Docker registry except on PR
-      # https://github.com/docker/login-action
       - name: Log into registry ${{ env.REGISTRY }}
-        if: github.event_name != 'pull_request'
         uses: docker/login-action@v1
         with:
           registry: ${{ env.GH_REPO }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      # Extract metadata (tags, labels) for Docker
-      # https://github.com/docker/metadata-action
       - name: Extract Docker metadata
         id: meta
-        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        uses: docker/metadata-action@v3
         with:
           images: |
             ${{ env.IMAGE_NAME }}
             ${{ env.GH_REPO }}/${{ env.IMAGE_NAME }}
-      
+          tags: |
+            type=match,pattern=\d.\d.\d.\d
+          labels: |
+            maintainer=parrazam
+            org.opencontainers.image.title=Radicale with InfCloud
+            org.opencontainers.image.description=Radicale with InfCloud interface included
+            org.opencontainers.image.vendor=ParraSoft
+
       - name: Build image and push to Docker Hub and GitHub Container Registry
         id: build-and-push
         uses: docker/build-push-action@v2
         with:
           context: .
+          build-args: VERSION=${{ github.ref_name }}
           platforms: ${{ env.PLATFORMS }}
-          push: ${{ github.event_name != 'pull_request' }}
+          push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
 
@@ -98,7 +82,6 @@ jobs:
       # transparency data even for private images, pass --force to cosign below.
       # https://github.com/sigstore/cosign
       - name: Sign the published Docker image
-        if: ${{ github.event_name != 'pull_request' }}
         env:
           COSIGN_EXPERIMENTAL: "true"
         # This step uses the identity token to provision an ephemeral certificate