diff --git a/.github/workflows/pr-plan.yml b/.github/workflows/pr-plan.yml
new file mode 100644
index 0000000..15d1c4e
--- /dev/null
+++ b/.github/workflows/pr-plan.yml
@@ -0,0 +1,40 @@
+name: PR-checks
+
+on:
+  push:
+    branches: ["develop"]
+  pull_request:
+    branches: ["develop"]
+
+jobs:
+  scanner:
+    permissions:
+      id-token: write
+      contents: write
+      pull-requests: write
+    runs-on: X64
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v4
+        with:
+          node-version-file: ".nvmrc"
+      - uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.CVS_MGMT_AWS_ROLE }}
+          aws-region: ${{ secrets.DVSA_AWS_REGION }}
+          role-session-name: "cvs-tsk-retro-gen-init"
+      - uses: aws-actions/aws-secretsmanager-get-secrets@v1
+        with:
+          secret-ids: sonarqube-gha
+          parse-json-secrets: true
+      - name: Install dependencies
+        run: npm ci
+      - name: Run SonarQube scanner
+        run: |
+          npm run test && \
+          npm run sonar-scanner -- \
+          -Dsonar.host.url=${{ env.SONARQUBE_GHA_URL }} \
+          -Dsonar.token=${{ env.SONARQUBE_GHA_TOKEN }} \
+          -Dsonar.login=${{ env.SONARQUBE_GHA_TOKEN }} \
+          -Dsonar.projectName=${{ github.repository }} \
+          -Dsonar.projectVersion=1.0.${{ github.run_id }}
\ No newline at end of file
diff --git a/package-lock.json b/package-lock.json
index b1ec510..e02944e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -32,6 +32,7 @@
         "serverless": "^2.45.0",
         "serverless-plugin-tracing": "^2.0.0",
         "serverless-plugin-typescript": "^1.1.9",
+        "sonar-scanner": "^3.1.0",
         "ts-jest": "^29.1.1",
         "ts-node-register": "^1.0.0",
         "tslint": "^5.20.1",
@@ -13989,6 +13990,16 @@
       "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==",
       "dev": true
     },
+    "node_modules/sonar-scanner": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/sonar-scanner/-/sonar-scanner-3.1.0.tgz",
+      "integrity": "sha512-KD7W3wHCKJKAakhn8ckxNYTxkdb1cnJa3ot0NVvO8CCeJjb0yvF0fW2yGdI09zMHsqxCRsl4dLtyCL2SUv47WA==",
+      "dev": true,
+      "hasInstallScript": true,
+      "bin": {
+        "sonar-scanner": "index.js"
+      }
+    },
     "node_modules/sort-keys": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/sort-keys/-/sort-keys-1.1.2.tgz",
@@ -27293,6 +27304,12 @@
         }
       }
     },
+    "sonar-scanner": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/sonar-scanner/-/sonar-scanner-3.1.0.tgz",
+      "integrity": "sha512-KD7W3wHCKJKAakhn8ckxNYTxkdb1cnJa3ot0NVvO8CCeJjb0yvF0fW2yGdI09zMHsqxCRsl4dLtyCL2SUv47WA==",
+      "dev": true
+    },
     "sort-keys": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/sort-keys/-/sort-keys-1.1.2.tgz",
diff --git a/package.json b/package.json
index 27661ef..afd2b15 100644
--- a/package.json
+++ b/package.json
@@ -52,6 +52,7 @@
     "serverless": "^2.45.0",
     "serverless-plugin-tracing": "^2.0.0",
     "serverless-plugin-typescript": "^1.1.9",
+    "sonar-scanner": "^3.1.0",
     "ts-jest": "^29.1.1",
     "ts-node-register": "^1.0.0",
     "tslint": "^5.20.1",
@@ -69,4 +70,4 @@
       "pre-push": "npm run prepush"
     }
   }
-}
\ No newline at end of file
+}