diff --git a/.github/workflows/go.yaml b/.github/workflows/go.yaml
index b78591e..71524e9 100644
--- a/.github/workflows/go.yaml
+++ b/.github/workflows/go.yaml
@@ -14,6 +14,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
       - uses: actions/setup-go@v2
         with:
           go-version: "~1.17"
@@ -21,6 +23,10 @@ jobs:
       - uses: codecov/codecov-action@v2
         with:
           files: coverage.out
+      - uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
   build:
     name: Build
     runs-on: ${{ matrix.os }}
@@ -33,3 +39,22 @@ jobs:
         with:
           go-version: "~1.17"
       - run: go build ./cmd/changeloguru
+  golangci-lint:
+    name: golangci-lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: golangci/golangci-lint-action@v2
+        with:
+          version: latest
+  semgrep:
+    name: semgrep
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: returntocorp/semgrep-action@v1
+        with:
+          config: >-
+            p/security-audit
+            p/secrets
+            p/golang
diff --git a/.github/workflows/golangci-lint.yaml b/.github/workflows/golangci-lint.yaml
deleted file mode 100644
index 39265bd..0000000
--- a/.github/workflows/golangci-lint.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-name: golangci-lint
-
-on:
-  push:
-    branches:
-      - main
-  pull_request:
-    branches:
-      - main
-
-jobs:
-  lint:
-    name: golangci-lint
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: golangci/golangci-lint-action@v2
-        with:
-          version: latest
diff --git a/.github/workflows/semgrep.yaml b/.github/workflows/semgrep.yaml
deleted file mode 100644
index 7ff29c2..0000000
--- a/.github/workflows/semgrep.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-name: semgrep
-
-on:
-  push:
-    branches:
-      - main
-  pull_request:
-    branches:
-      - main
-
-jobs:
-  lint:
-    name: semgrep
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: returntocorp/semgrep-action@v1
-        with:
-          config: >-
-            p/security-audit
-            p/secrets
-            p/golang
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000..0fd1125
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,10 @@
+sonar.projectKey=haunt98_changeloguru
+sonar.projectName=changeloguru
+
+sonar.sources=.
+sonar.exclusions=**/*_test.go
+
+sonar.tests=.
+sonar.test.inclusions=**/*_test.go
+
+sonar.go.coverage.reportPaths=coverage.out