diff --git a/.github/actions/docker-build/action.yml b/.github/actions/docker-build/action.yml
new file mode 100644
index 0000000..4ba4e53
--- /dev/null
+++ b/.github/actions/docker-build/action.yml
@@ -0,0 +1,36 @@
+name: Build and push Docker Image
+description: Build and push the docker image. Save cache to registry with configurable values
+inputs:
+  github-token:
+    description: The GITHUB_TOKEN
+    required: true
+  cache-from-ref:
+    description: Where to get the cache from (passed to the build and push action)
+
+runs:
+  using: composite
+  steps:
+    - name: Login to GitHub Container Registry
+      uses: docker/login-action@v3
+      with:
+        registry: ghcr.io
+        username: ${{ github.actor }}
+        password: ${{ inputs.github-token }}
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v4
+
+    - name: Get image metadata
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: ghcr.io/${{ github.repository }}
+
+    - name: Build and push Docker image for the web app
+      uses: docker/build-push-action@v6
+      with:
+        context: .
+        push: true
+        tags: ${{ steps.meta.outputs.tags }}
+        cache-from: type=registry,ref=${{ inputs.cache-from-ref || steps.meta.outputs.tags }}
+        cache-to: type=registry,ref=${{ steps.meta.outputs.tags }},mode=max
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9d2d824..85d7b34 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -51,3 +51,8 @@ jobs:
       - name: Check that documentation builds cleanly with MkDocs
         if: matrix.os == 'ubuntu-latest'
         run: mkdocs build --strict
+
+      - name: Test Docker build
+        uses: ./.github/actions/docker-build
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 6b513f5..5542b6e 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -15,22 +15,9 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v6
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Get image metadata
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ghcr.io/${{ github.repository }}
-      - name: Build and push Docker image for the web app
-        uses: docker/build-push-action@v6
+
+      - name: Test Docker build
+        uses: ./.github/actions/docker-build
         with:
-          context: .
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          cache-from: type=registry,ref=${{ steps.meta.outputs.tags }}
-          cache-to: type=inline
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          cache-from-ref: ghcr.io/${{ github.repository }}:main