diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000000000000000000000000000000000000..7923a46efd5e77212098a7afe7669a1d7b6bc7a5
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,72 @@
+variables:
+  DOCKER_DRIVER: overlay2
+  BUILD_IMAGE_NAME: "$CI_REGISTRY_IMAGE/branches/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA"
+  RELEASE_IMAGE_NAME: "$CI_REGISTRY_IMAGE/releases/$TERRAFORM_VERSION"
+
+services:
+  - docker:19.03.5-dind
+
+stages:
+  - build
+  - test
+  - release
+
+.dind: &dind
+  image: docker:19.03.5
+  before_script:
+    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
+
+.build: &build
+  <<: &dind
+  stage: build
+  script:
+    - docker build --tag "$BUILD_IMAGE_NAME" --file "Dockerfile.$TERRAFORM_VERSION" .
+    - docker push "$BUILD_IMAGE_NAME"
+
+.test-unit: &test-unit
+  stage: test
+  image: "$BUILD_IMAGE_NAME"
+  script:
+    - terraform --version
+
+.release: &release
+  <<: &dind
+  stage: release
+  script:
+    - docker pull "$BUILD_IMAGE_NAME"
+    - docker tag "$BUILD_IMAGE_NAME" "$RELEASE_IMAGE_NAME"
+    - docker push "$RELEASE_IMAGE_NAME"
+  only:
+    - master
+
+.terraform-0.11: &terraform-0.11
+  variables:
+    TERRAFORM_VERSION: "0.11"
+
+.terraform-0.12: &terraform-0.12
+  variables:
+    TERRAFORM_VERSION: "0.12"
+
+build 0.11:
+  <<: &terraform-0.11
+  <<: &build
+
+build 0.12:
+  <<: &terraform-0.12
+  <<: &build
+
+test-unit 0.11:
+  <<: &terraform-0.11
+  <<: &test-unit
+
+test-unit 0.12:
+  <<: &terraform-0.12
+  <<: &test-unit
+
+release 0.11:
+  <<: &terraform-0.11
+  <<: &release
+
+release 0.12:
+  <<: &terraform-0.12
+  <<: &release
diff --git a/Dockerfile.0.11 b/Dockerfile.0.11
new file mode 100644
index 0000000000000000000000000000000000000000..1937e8287290913058b59fb343d73a3c47120869
--- /dev/null
+++ b/Dockerfile.0.11
@@ -0,0 +1,2 @@
+FROM hashicorp/terraform:0.11.13
+RUN apk add --no-cache jq
diff --git a/Dockerfile.0.12 b/Dockerfile.0.12
new file mode 100644
index 0000000000000000000000000000000000000000..79d3eed41b8786ef63110be8c647f7565d51d21b
--- /dev/null
+++ b/Dockerfile.0.12
@@ -0,0 +1,36 @@
+FROM alpine:3.9 AS base
+
+FROM base AS build-base
+RUN apk add --no-cache curl
+
+FROM build-base AS kubectl
+ARG KUBECTL_VERSION
+ARG KUBECTL_CHECKSUM
+ARG SOURCE=https://dl.k8s.io/v$KUBECTL_VERSION/kubernetes-client-linux-amd64.tar.gz
+ARG TARGET=/kubernetes-client.tar.gz
+RUN curl -fLSs "$SOURCE" -o "$TARGET"
+RUN sha512sum "$TARGET"
+RUN echo "$KUBECTL_CHECKSUM *$TARGET" | sha512sum -c -
+RUN tar -xvf "$TARGET" -C /
+
+FROM build-base AS helm
+ARG HELM_VERSION
+ARG HELM_CHECKSUM
+ARG SOURCE=https://storage.googleapis.com/kubernetes-helm/helm-v$HELM_VERSION-linux-amd64.tar.gz
+ARG TARGET=/helm.tar.gz
+RUN curl -fLSs "$SOURCE" -o "$TARGET"
+RUN sha256sum "$TARGET"
+RUN echo "$HELM_CHECKSUM *$TARGET" | sha256sum -c -
+RUN mkdir -p /helm
+RUN tar -xvf "$TARGET" -C /helm
+
+FROM build-base AS stage
+WORKDIR /stage
+ENV PATH=$PATH:/stage/usr/bin
+COPY --from=kubectl /kubernetes/client/bin/kubectl ./usr/bin/
+COPY --from=helm /helm/linux-amd64/helm ./usr/bin/
+COPY --from=helm /helm/linux-amd64/tiller ./usr/bin/
+
+FROM base
+RUN apk add --no-cache ca-certificates git
+COPY --from=stage /stage/ /