diff --git a/.github/workflows/ci-docker-publish.yml b/.github/workflows/ci-docker-publish.yml
index 56456065f..f98966f4a 100644
--- a/.github/workflows/ci-docker-publish.yml
+++ b/.github/workflows/ci-docker-publish.yml
@@ -23,28 +23,29 @@ jobs:
         with:
           submodules: recursive
 
-      # Setup gcloud CLI
-      - uses: google-github-actions/setup-gcloud@94337306dda8180d967a56932ceb4ddcf01edae7
+      # Login to GCR
+      - name: Login to GCR
+        uses: docker/login-action@v2
         with:
-          service_account_key: ${{ secrets.GCR_SA_KEY }}
-          project_id: ${{ secrets.GCR_PROJECT }}
+          registry: gcr.io
+          username: _json_key
+          password: ${{ secrets.GCR_SA_KEY }}
 
-      # Configure docker to use the gcloud command-line tool as a credential helper
-      - run: |-
-          gcloud --quiet auth configure-docker
+      # Use docker buildx
+      - name: Use docker buildx
+        uses: docker/setup-buildx-action@v2
+        id: buildx
+        with:
+          install: true
 
-      # Build the Docker image
-      - name: Build
-        run: |-
-          DOCKER_BUILDKIT=1 docker build \
-            --tag "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" \
-            --build-arg GITHUB_SHA="$GITHUB_SHA" \
-            --build-arg GITHUB_REF="$GITHUB_REF" \
-            .
-          docker tag "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" "gcr.io/$PROJECT_ID/$IMAGE:latest"
-
-      # Push the Docker image to Google Container Registry
-      - name: Publish
-        run: |-
-          docker push "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA"
-          docker push "gcr.io/$PROJECT_ID/$IMAGE:latest"
+      # Build and push the image, leveraging layer caching
+      - name: Build and Push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: true
+          tags: |
+            gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA
+            gcr.io/$PROJECT_ID/$IMAGE:latest
+          cache-from: type=gha
+          cache-to: type=gha,mode=max