diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c283f3f91..c4dd6bcbf 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -122,7 +122,7 @@ jobs:
           docker-compose pull -q
           docker-compose up --no-start
           docker-compose start postgresql redis
-          docker-compose run -u root --entrypoint /bin/bash server -c "apt-get update && apt-get install -y --no-install-recommends git && pip install --no-cache -r requirements-dev.txt && ./manage.py test authentik"
+          docker-compose run -u root server test
   sentry-release:
     if: ${{ github.event_name == 'release' }}
     needs:
diff --git a/Dockerfile b/Dockerfile
index c96023674..b07ffc8a5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,7 +8,7 @@ WORKDIR /app/
 
 RUN pip install pipenv && \
     pipenv lock -r > requirements.txt && \
-    pipenv lock -rd > requirements-dev.txt
+    pipenv lock -r --dev-only > requirements-dev.txt
 
 # Stage 2: Build web API
 FROM openapitools/openapi-generator-cli as api-builder
@@ -28,7 +28,7 @@ COPY ./web /static/
 COPY --from=api-builder /local/web/api /static/api
 
 ENV NODE_ENV=production
-RUN cd /static && npm i --production=false && npm run build
+RUN cd /static && npm i && npm run build
 
 # Stage 4: Build go proxy
 FROM golang:1.16.5 AS builder
@@ -76,6 +76,7 @@ RUN apt-get update && \
 COPY ./authentik/ /authentik
 COPY ./pyproject.toml /
 COPY ./xml /xml
+COPY ./tests /tests
 COPY ./manage.py /
 COPY ./lifecycle/ /lifecycle
 COPY --from=builder /work/authentik /authentik-proxy
diff --git a/lifecycle/bootstrap.sh b/lifecycle/bootstrap.sh
index a8641a7e5..8ba483b88 100755
--- a/lifecycle/bootstrap.sh
+++ b/lifecycle/bootstrap.sh
@@ -9,16 +9,18 @@ function check_if_root {
         return
     fi
     SOCKET="/var/run/docker.sock"
+    GROUP="authentik"
     if [[ -e "$SOCKET" ]]; then
         # Get group ID of the docker socket, so we can create a matching group and
         # add ourselves to it
         DOCKER_GID=$(stat -c '%g' $SOCKET)
         getent group $DOCKER_GID || groupadd -f -g $DOCKER_GID docker
         usermod -a -G $DOCKER_GID authentik
+        GROUP="authentik:docker"
     fi
     # Fix permissions of backups and media
     chown -R authentik:authentik /media /backups
-    chpst -u authentik:authentik:docker env HOME=/authentik $1
+    chpst -u authentik:$GROUP env HOME=/authentik $1
 }
 
 if [[ "$1" == "server" ]]; then
@@ -32,6 +34,11 @@ elif [[ "$1" == "restore" ]]; then
     python -m manage dbrestore ${@:2}
 elif [[ "$1" == "bash" ]]; then
     /bin/bash
+elif [[ "$1" == "test" ]]; then
+    pip install --no-cache -r requirements-dev.txt
+    touch /unittest.xml
+    chown authentik:authentik /unittest.xml
+    check_if_root "python -m manage test authentik"
 else
     python -m manage "$@"
 fi