diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 37448d56..499dcf87 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -35,21 +35,20 @@ jobs:
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Build main sliding sync image
-        if: github.ref_name == 'main'
-        id: docker_build_sliding_sync
-        uses: docker/build-push-action@v4
+      - name: Generate docker image tags
+        id: metadata
+        uses: docker/metadata-action@v5
         with:
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-          context: .
-          platforms: ${{ env.PLATFORMS }}
-          push: true
+          images: |
+            name=ghcr.io/${{ github.repository_owner }}/${{ github.repository }}
           tags: |
-            ghcr.io/${{ env.GHCR_NAMESPACE }}/sliding-sync:main
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{raw}}
+            type=sha
+            type=raw,value=latest,enable=${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') }}
 
       - name: Build release Sliding Sync image
-        if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
         id: docker_build_sliding_sync_release
         uses: docker/build-push-action@v4
         with:
@@ -58,9 +57,8 @@ jobs:
           context: .
           platforms: ${{ env.PLATFORMS }}
           push: true
-          tags: |
-            ghcr.io/${{ env.GHCR_NAMESPACE }}/sliding-sync:latest
-            ghcr.io/${{ env.GHCR_NAMESPACE }}/sliding-sync:${{ github.ref_name }}
+          tags: ${{ steps.metadata.outputs.tags }}
+          labels: ${{ steps.metadata.outputs.labels }}
 
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master