diff --git a/.github/workflows/flux-containers.yaml b/.github/workflows/flux-containers.yaml
new file mode 100644
index 0000000000000..99099f43072f1
--- /dev/null
+++ b/.github/workflows/flux-containers.yaml
@@ -0,0 +1,105 @@
+---
+  # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+  name: "Flux Containers"
+
+  on:
+    pull_request:
+      branches: ["main"]
+      paths: ["kubernetes/**"]
+
+  concurrency:
+    group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
+    cancel-in-progress: true
+
+  jobs:
+    changed-files:
+      name: Get Changed Files
+      runs-on: ubuntu-latest
+      outputs:
+        matrix: ${{ steps.changed-files.outputs.all_changed_and_modified_files }}
+      steps:
+        - name: Generate Token
+          uses: actions/create-github-app-token@v1
+          id: app-token
+          with:
+            app-id: "${{ secrets.BOT_APP_ID }}"
+            private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
+
+        - name: Checkout
+          uses: actions/checkout@v4
+          with:
+            token: "${{ steps.app-token.outputs.token }}"
+            fetch-depth: 0
+
+        - name: Get changed files
+          id: changed-files
+          uses: tj-actions/changed-files@v41
+          with:
+            files: kubernetes/**
+            dir_names_max_depth: 2
+            dir_names: true
+            escape_json: false
+            json: true
+            quotepath: false
+            safe_output: false
+
+        - name: List all changed files
+          run: echo "${{ steps.changed-files.outputs.all_changed_and_modified_files }}"
+
+    flux-containers:
+      name: Flux Containers
+      runs-on: ubuntu-latest
+      needs: ["changed-files"]
+      permissions:
+        pull-requests: write
+      strategy:
+        matrix:
+          paths: ${{ fromJSON(needs.changed-files.outputs.matrix) }}
+        max-parallel: 4
+        fail-fast: false
+      steps:
+        - name: Generate Token
+          uses: actions/create-github-app-token@v1
+          id: app-token
+          with:
+            app-id: "${{ secrets.BOT_APP_ID }}"
+            private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
+
+        - name: Setup System Tools
+          shell: bash
+          run: sudo apt-get -qq update && sudo apt-get -qq install --no-install-recommends -y curl git
+
+        - name: Checkout Live Branch
+          uses: actions/checkout@v4
+          with:
+            token: "${{ steps.app-token.outputs.token }}"
+            ref: main
+            path: default
+
+        - name: Checkout PR branch
+          uses: actions/checkout@v4
+          with:
+            token: "${{ steps.app-token.outputs.token }}"
+            path: pull
+
+        - name: Gather images in default branch
+          uses: docker://ghcr.io/allenporter/flux-local:main
+          with:
+            args: >-
+              --log-level DEBUG
+              get cluster
+              --path /github/workspace/default/${{ matrix.paths }}
+              --enable-images
+              --output json
+              --output-file default.json
+
+        - name: Gather images in pull request branch
+          uses: docker://ghcr.io/allenporter/flux-local:main
+          with:
+            args: >-
+              --log-level DEBUG
+              get cluster
+              --path /github/workspace/pull/${{ matrix.paths }}
+              --enable-images
+              --output json
+              --output-file pull.json