diff --git a/.github/workflows/build-self-host.yml b/.github/workflows/build-self-host.yml
index b83247bea2..5ba2f7e24b 100644
--- a/.github/workflows/build-self-host.yml
+++ b/.github/workflows/build-self-host.yml
@@ -18,6 +18,19 @@ jobs:
       - name: Checkout repo
         uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
 
+      - name: Check Branch to Publish
+        env:
+          PUBLISH_BRANCHES: "master,rc,hotfix-rc,rc-2022.12"
+        id: publish-branch-check
+        run: |
+          IFS="," read -a publish_branches <<< $PUBLISH_BRANCHES
+
+          if [[ " ${publish_branches[*]} " =~ " ${GITHUB_REF:11} " ]]; then
+            echo "is_publish_branch=true" >> $GITHUB_ENV
+          else
+            echo "is_publish_branch=false" >> $GITHUB_ENV
+          fi
+
       ########## Set up Docker ##########
       - name: Set up QEMU emulators
         uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18
@@ -35,19 +48,13 @@ jobs:
         run: az acr login -n bitwardenqa
 
       - name: Login to Azure - Prod Subscription
-        if: |
-          (github.ref == 'refs/heads/master' ||
-            github.ref == 'refs/heads/rc' ||
-            github.ref == 'refs/heads/hotfix-rc')
+        if: ${{ env.is_publish_branch == 'true' }}
         uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf
         with:
           creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
 
       - name: Retrieve secrets
-        if: |
-          (github.ref == 'refs/heads/master' ||
-            github.ref == 'refs/heads/rc' ||
-            github.ref == 'refs/heads/hotfix-rc')
+        if: ${{ env.is_publish_branch == 'true' }}
         id: retrieve-secrets
         uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af
         with:
@@ -58,10 +65,7 @@ jobs:
             dct-delegate-2-key"
 
       - name: Log into Docker
-        if: |
-          (github.ref == 'refs/heads/master' ||
-            github.ref == 'refs/heads/rc' ||
-            github.ref == 'refs/heads/hotfix-rc')
+        if: ${{ env.is_publish_branch == 'true' }}
         env:
           DOCKER_USERNAME: ${{ steps.retrieve-secrets.outputs.docker-username }}
           DOCKER_PASSWORD: ${{ steps.retrieve-secrets.outputs.docker-password }}
@@ -69,10 +73,8 @@ jobs:
 
       - name: Setup Docker Trust
         if: |
-          false
-          && (github.ref == 'refs/heads/master' ||
-            github.ref == 'refs/heads/rc' ||
-            github.ref == 'refs/heads/hotfix-rc')
+          false &&
+          ${{ env.is_publish_branch == 'true' }}
         env:
           DCT_DELEGATION_KEY_ID: "c9bde8ec820701516491e5e03d3a6354e7bd66d05fa3df2b0062f68b116dc59c"
           DCT_DELEGATE_KEY: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-key }}
@@ -118,10 +120,7 @@ jobs:
           tags: ${{ steps.tag-list.outputs.tags }}
 
       - name: Log out of Docker and disable Docker Notary
-        if: |
-          (github.ref == 'refs/heads/master' ||
-            github.ref == 'refs/heads/rc' ||
-            github.ref == 'refs/heads/hotfix-rc')
+        if: ${{ env.is_publish_branch == 'true' }}
         run: |
           docker logout
           echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV