diff --git a/.github/workflows/check_push_rights.yml b/.github/workflows/check_push_rights.yml
deleted file mode 100644
index f03b4d7..0000000
--- a/.github/workflows/check_push_rights.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-on:
-  workflow_call:
-    outputs:
-      have_secrets:
-        description: "In possession of ghcr.io tokens?"
-        value: ${{ jobs.check_push_rights.outputs.have_secrets }}
-
-
-# No concurrency group or cancel-in-progress here as this workflow is called from other workflows
-# so if you have a concurrency definition here it will be considered as a deadlock and job dismissed
-# The job below is also very fast, so no real need for cancel-in-progress
-
-jobs:
-  check_push_rights:
-    runs-on: ubuntu-latest
-
-    outputs:
-      have_secrets: ${{ steps.check-secrets.outputs.have_secrets }}
-
-    steps:
-
-    - name: Dump GitHub Context
-      env:
-        GITHUB_CONTEXT: ${{ toJson(github) }}
-      run: |
-        echo "$GITHUB_CONTEXT" | grep -v '"token":'
-
-    - name: GitHub Context Summary
-      run: |
-        echo "github {"
-        echo "  event_name: [${{ github.event_name }}]",
-        echo "  repository: [${{ github.repository }}]",
-        echo "  repository_owner: [${{ github.repository_owner }}]",
-        echo "  secret_source: [${{ github.secret_source }}]",
-        echo "  event.workflow: [${{ github.event.workflow}}]",
-        echo "  event.repository.fork: ${{ github.event.repository.fork }}",
-        echo "  event.repository.full_name: [${{ github.event.repository.full_name }}]",
-        echo "  event.pull_request.base.label: [${{ github.event.pull_request.base.label }}]",
-        echo "  event.pull_request.head.label: [${{ github.event.pull_request.head.label }}]"
-        echo "}"
-      shell: bash
-
-    # Check we have access to secrets for pushing to GHCR. Forks do not
-    - name: Check GITHUB_TOKEN allows GHCR push access
-      id: check-secrets
-      run: |
-          echo "# Checking [${{ github.event_name }}] event, running in [${{ github.repository }}] repository"
-
-          if [[ "${{ github.repository_owner }}" == "eclipse" ]]; then
-            # The checks here should be equal to
-            # https://github.com/eclipse/kuksa.val/blob/master/.github/workflows/check_push_rights.yml
-            # As we check owner first we do not need to have extra conditions below
-            if [[ "${{ github.event_name }}" == "push" ]]; then
-              echo "We are pushing to kuksa.val.feeders upstream, so we should have rights"
-              echo "have_secrets=true" >> $GITHUB_OUTPUT
-              exit 0
-              # if it is a pull_request and my_repo is kuksa.val.feeders I can push to GHCR,
-              # (note that some/all workflows in this repo might still opt to no push PR builds to GHCR)
-            fi
-            if [[ "${{ github.event_name }}" == "pull_request" ]]; then
-                echo "We are an internal pull request, so we should have rights"
-                echo "have_secrets=true" >> $GITHUB_OUTPUT
-                exit 0
-            fi
-            if [[ "${{ github.ref_type }}" == "tag"  ]]; then
-                echo "We are an upstream release build , so we should have rights"
-                echo "have_secrets=true" >> $GITHUB_OUTPUT
-                exit 0
-            fi
-          else
-            # non-eclipse forks could be less restrictive
-            if [[ "${{ github.secret_source }}" != "None" ]]; then
-                echo "We have a secret source [${{ github.secret_source }}], probably we should have rights"
-                echo "have_secrets=true" >> $GITHUB_OUTPUT
-                exit 0
-            fi
-            if [[ "${{ github.event.repository.fork }}" != "false" ]]; then
-                echo "We are a ${{ github.event_name }} in a forked repo, but don't have a secret source. Probably don't have rights"
-                echo "have_secrets=false" >> $GITHUB_OUTPUT
-                exit 0
-            fi
-            # assume we are a fork and have some rights to push in ghcr of that fork
-          fi
-
-          # Everything else
-          echo "Seems we do not have rights to push"
-          echo "In case this is a PR it is coming from ${{ github.event.pull_request.head.repo.full_name }} "
-          echo "have_secrets=false" >> $GITHUB_OUTPUT
-
-      shell: bash
diff --git a/.github/workflows/kuksa_csv_provider.yml b/.github/workflows/kuksa_csv_provider.yml
index 8df2439..88d9096 100644
--- a/.github/workflows/kuksa_csv_provider.yml
+++ b/.github/workflows/kuksa_csv_provider.yml
@@ -19,7 +19,6 @@ on:
   pull_request:
     paths:
       - ".github/workflows/kuksa_csv_provider.yml"
-      - ".github/workflows/check_push_rights.yml"
       - ".github/actions/post-container-location/action.yml"
       - "csv_provider/**"
   workflow_dispatch:
@@ -30,7 +29,7 @@ concurrency:
 
 jobs:
   checkrights:
-    uses: ./.github/workflows/check_push_rights.yml
+    uses: erikbosch/kuksa-actions/.github/workflows/check_push_rights.yml@main
     secrets: inherit
 
   run-csv-provider-tests:
diff --git a/.github/workflows/kuksa_dbc_feeder.yml b/.github/workflows/kuksa_dbc_feeder.yml
index de33527..6731d9a 100644
--- a/.github/workflows/kuksa_dbc_feeder.yml
+++ b/.github/workflows/kuksa_dbc_feeder.yml
@@ -19,7 +19,6 @@ on:
   pull_request:
     paths:
       - ".github/workflows/kuksa_dbc_feeder.yml"
-      - ".github/workflows/check_push_rights.yml"
       - ".github/actions/post-container-location/action.yml"
       - "dbc2val/**"
   workflow_dispatch:
@@ -30,7 +29,7 @@ concurrency:
 
 jobs:
   checkrights:
-    uses: ./.github/workflows/check_push_rights.yml
+    uses: erikbosch/kuksa-actions/.github/workflows/check_push_rights.yml@main
     secrets: inherit
 
   build-can-feeder-image:
diff --git a/.github/workflows/kuksa_gps_feeder.yml b/.github/workflows/kuksa_gps_feeder.yml
index ecbbbce..e8a40ad 100644
--- a/.github/workflows/kuksa_gps_feeder.yml
+++ b/.github/workflows/kuksa_gps_feeder.yml
@@ -6,7 +6,6 @@ on:
   pull_request:
     paths:
      - ".github/workflows/kuksa_gps_feeder.yml"
-     - ".github/workflows/check_push_rights.yml"
      - ".github/actions/post-container-location/action.yml"
      - "gps2val/**"
   workflow_dispatch:
@@ -21,7 +20,7 @@ env:
 jobs:
 
   checkrights:
-    uses: ./.github/workflows/check_push_rights.yml
+    uses: erikbosch/kuksa-actions/.github/workflows/check_push_rights.yml@main
     secrets: inherit
 
   build-self-hosted:
diff --git a/.github/workflows/someip2val_build.yml b/.github/workflows/someip2val_build.yml
index cb86c3f..303b856 100644
--- a/.github/workflows/someip2val_build.yml
+++ b/.github/workflows/someip2val_build.yml
@@ -19,7 +19,6 @@ on:
   pull_request:
     paths:
       - ".github/workflows/someip2val_build.yml"
-      - ".github/workflows/check_push_rights.yml"
       - "someip2val/**"
   workflow_dispatch:
     inputs:
@@ -35,7 +34,7 @@ concurrency:
 jobs:
 
   checkrights:
-    uses: ./.github/workflows/check_push_rights.yml
+    uses: erikbosch/kuksa-actions/.github/workflows/check_push_rights.yml@main
     secrets: inherit
 
   build: