diff --git a/.github/workflows/image_build_push.yaml b/.github/workflows/image_build_push.yaml
new file mode 100644
index 000000000..bea11d288
--- /dev/null
+++ b/.github/workflows/image_build_push.yaml
@@ -0,0 +1,13 @@
+name: Build Image and Push to Quay 
+
+on: push
+
+jobs:
+  ci:
+    name: Build Image and Push to Quay 
+    uses: uc-cdis/.github/.github/workflows/image_build_push.yaml@master
+    secrets:
+      ECR_AWS_ACCESS_KEY_ID: ${{ secrets.ECR_AWS_ACCESS_KEY_ID }}
+      ECR_AWS_SECRET_ACCESS_KEY: ${{ secrets.ECR_AWS_SECRET_ACCESS_KEY }}
+      QUAY_USERNAME: ${{ secrets.QUAY_USERNAME }}
+      QUAY_ROBOT_TOKEN: ${{ secrets.QUAY_ROBOT_TOKEN }}
diff --git a/fence/auth.py b/fence/auth.py
index 37eb9a221..18bd8f634 100644
--- a/fence/auth.py
+++ b/fence/auth.py
@@ -194,8 +194,8 @@ def wrapper(*args, **kwargs):
                 ]
             else:
                 # fall back on "providers"
-                enable_shib = "shibboleth" in config.get(
-                    "ENABLED_IDENTITY_PROVIDERS", {}
+                enable_shib = "shibboleth" in (
+                    config.get("ENABLED_IDENTITY_PROVIDERS") or {}
                 ).get("providers", {})
 
             if enable_shib and "SHIBBOLETH_HEADER" in config:
diff --git a/fence/blueprints/login/__init__.py b/fence/blueprints/login/__init__.py
index 791d69bc2..b2157bc33 100644
--- a/fence/blueprints/login/__init__.py
+++ b/fence/blueprints/login/__init__.py
@@ -178,7 +178,7 @@ def get_login_providers_info():
     # default login option
     if config.get("DEFAULT_LOGIN_IDP"):
         default_idp = config["DEFAULT_LOGIN_IDP"]
-    elif "default" in config.get("ENABLED_IDENTITY_PROVIDERS", {}):
+    elif "default" in (config.get("ENABLED_IDENTITY_PROVIDERS") or {}):
         # fall back on ENABLED_IDENTITY_PROVIDERS.default
         default_idp = config["ENABLED_IDENTITY_PROVIDERS"]["default"]
     else:
@@ -188,7 +188,7 @@ def get_login_providers_info():
     # other login options
     if config["LOGIN_OPTIONS"]:
         login_options = config["LOGIN_OPTIONS"]
-    elif "providers" in config.get("ENABLED_IDENTITY_PROVIDERS", {}):
+    elif "providers" in (config.get("ENABLED_IDENTITY_PROVIDERS") or {}):
         # fall back on "providers" and convert to "login_options" format
         enabled_providers = config["ENABLED_IDENTITY_PROVIDERS"]["providers"]
         login_options = [
diff --git a/fence/blueprints/oauth2.py b/fence/blueprints/oauth2.py
index d6c4129dc..0aaa3ffc0 100644
--- a/fence/blueprints/oauth2.py
+++ b/fence/blueprints/oauth2.py
@@ -78,8 +78,8 @@ def authorize(*args, **kwargs):
 
     login_url = None
     if not idp:
-        if not config.get("DEFAULT_LOGIN_IDP") and "default" not in config.get(
-            "ENABLED_IDENTITY_PROVIDERS", {}
+        if not config.get("DEFAULT_LOGIN_IDP") and "default" not in (
+            config.get("ENABLED_IDENTITY_PROVIDERS") or {}
         ):
             # fall back on deprecated DEFAULT_LOGIN_URL
             login_url = config.get("DEFAULT_LOGIN_URL")
diff --git a/fence/config-default.yaml b/fence/config-default.yaml
index c3471ec5c..d4c4bc8a7 100755
--- a/fence/config-default.yaml
+++ b/fence/config-default.yaml
@@ -349,7 +349,7 @@ DEFAULT_LOGIN_URL: '{{BASE_URL}}/login/google'
 LOGIN_REDIRECT_WHITELIST: []
 
 ### DEPRECATED and replaced by OPENID_CONNECT + LOGIN_OPTIONS configs
-ENABLED_IDENTITY_PROVIDERS:
+ENABLED_IDENTITY_PROVIDERS: {}
 
 
 # //////////////////////////////////////////////////////////////////////////////////////