diff --git a/.github/labels.yml b/.github/labels.yml
new file mode 100644
index 0000000..7cb37d7
--- /dev/null
+++ b/.github/labels.yml
@@ -0,0 +1,51 @@
+- name: ":robot: bot"
+  color: "69cde9"
+  description: ""
+- name: ":bug: bug"
+  color: "b60205"
+  description: ""
+- name: ":game_die: dependencies"
+  color: "0366d6"
+  description: ""
+- name: ":memo: documentation"
+  color: "c5def5"
+  description: ""
+- name: ":busts_in_silhouette: duplicate"
+  color: "cccccc"
+  description: ""
+- name: ":sparkles: enhancement"
+  color: "0054ca"
+  description: ""
+- name: ":bulb: feature request"
+  color: "0e8a16"
+  description: ""
+- name: ":mega: feedback"
+  color: "03a9f4"
+  description: ""
+- name: ":rocket: future maybe"
+  color: "fef2c0"
+  description: ""
+- name: ":hatching_chick: good first issue"
+  color: "7057ff"
+  description: ""
+- name: ":pray: help wanted"
+  color: "4caf50"
+  description: ""
+- name: ":hand: hold"
+  color: "24292f"
+  description: ""
+- name: ":no_entry_sign: invalid"
+  color: "e6e6e6"
+  description: ""
+- name: ":interrobang: maybe bug"
+  color: "ff5722"
+  description: ""
+- name: ":thinking: needs more info"
+  color: "795548"
+  description: ""
+- name: ":question: question"
+  color: "3f51b5"
+  description: ""
+- name: ":coffin: wontfix"
+  color: "ffffff"
+  description: ""
diff --git a/.github/workflows/dockerhub-description.yml b/.github/workflows/dockerhub-description.yml
new file mode 100644
index 0000000..89f9e67
--- /dev/null
+++ b/.github/workflows/dockerhub-description.yml
@@ -0,0 +1,19 @@
+name: Docker Hub description
+on:
+  push:
+    branches: [master]
+    paths:
+      - README.md
+      - .github/workflows/dockerhub-description.yml
+jobs:
+  dockerHubDescription:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Docker Hub Description
+        uses: peter-evans/dockerhub-description@v2.1.0
+        env:
+          DOCKERHUB_USERNAME: qmcgaw
+          DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
+          DOCKERHUB_REPOSITORY: qmcgaw/cod4
diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml
new file mode 100644
index 0000000..372b8c9
--- /dev/null
+++ b/.github/workflows/labels.yml
@@ -0,0 +1,18 @@
+name: labels
+on:
+  push:
+    branches: ["master"]
+    paths:
+      - '.github/labels.yml'
+      - '.github/workflows/labels.yml'
+jobs:
+  labeler:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Labeler
+        if: success()
+        uses: crazy-max/ghaction-github-labeler@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/misspell.yml b/.github/workflows/misspell.yml
new file mode 100644
index 0000000..1311db3
--- /dev/null
+++ b/.github/workflows/misspell.yml
@@ -0,0 +1,16 @@
+name: Misspells
+on:
+  pull_request:
+    branches: [master]
+  push:
+    branches: [master]
+jobs:
+  misspell:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: reviewdog/action-misspell@master
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          locale: "US"
+          level: error
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
new file mode 100644
index 0000000..8bbca15
--- /dev/null
+++ b/.github/workflows/security.yml
@@ -0,0 +1,59 @@
+name: Security scan of Docker image
+on:
+  push:
+    branches: [master]
+    paths-ignore:
+      - .github/workflows/buildx-release.yml
+      - .github/workflows/dockerhub-description.yml
+      - .github/workflows/greetings.yml
+      - .github/workflows/labels.yml
+      - .github/workflows/misspell.yml
+      - .github/workflows/security.yml
+      - .dockerignore
+      - .gitignore
+      - docker-compose.yml
+      - LICENSE
+      - README.md
+      - title.svg
+  pull_request:
+    branches: [master]
+    paths-ignore:
+      - .github/workflows/buildx-release.yml
+      - .github/workflows/dockerhub-description.yml
+      - .github/workflows/greetings.yml
+      - .github/workflows/labels.yml
+      - .github/workflows/misspell.yml
+      - .github/workflows/security.yml
+      - .dockerignore
+      - .gitignore
+      - docker-compose.yml
+      - LICENSE
+      - README.md
+      - title.svg
+  schedule:
+    - cron: '0 9 * * *'
+jobs:
+  security-analysis:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Check for scratch
+        id: scratchCheck
+        run: echo ::set-output name=scratch::$(cat Dockerfile | grep 'FROM scratch')
+      - name: Build image
+        if: steps.scratchCheck.outputs.scratch == ''
+        run: docker build -t image .
+      - name: Phonito
+        if: steps.scratchCheck.outputs.scratch == ''
+        uses: phonito/phonito-scanner-action@master
+        with:
+          image: image
+          fail-level: LOW
+          phonito-token: ${{ secrets.PHONITO_TOKEN }}
+      - name: Trivy
+        if: steps.scratchCheck.outputs.scratch == ''
+        uses: homoluctus/gitrivy@v1.0.0
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          image: image