diff --git a/.github/workflows/snyk-scan.yml b/.github/workflows/snyk-scan.yml
new file mode 100644
index 0000000..315ba8b
--- /dev/null
+++ b/.github/workflows/snyk-scan.yml
@@ -0,0 +1,48 @@
+# This workflow sets up Snyk scans
+
+name: Snyk Scan
+
+on:
+  push:
+    branches: ["main" ]
+  pull_request:
+    branches: ["main"]
+
+permissions:
+  contents: read
+
+jobs:
+  snyk:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - name: Set up Snyk CLI to check for security issues
+        uses: snyk/actions/setup@master
+
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+
+      - name: Snyk IaC report vulnerabilities
+        uses: snyk/actions/iac@master
+        continue-on-error: true # To make sure that SARIF upload gets called
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --sarif-file-output=snyk.sarif
+
+        # Push the Snyk Code results into GitHub Code Scanning tab
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: snyk.sarif
+
+      - name: Snyk IaC gatekeeper
+        uses: snyk/actions/iac@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --severity-threshold=high # Forces fail on high-severity vulnerabilities
diff --git a/charts/titiler/values-test.yaml b/charts/titiler/values-test.yaml
deleted file mode 100644
index 47bd601..0000000
--- a/charts/titiler/values-test.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-# Default values for titiler.
-replicaCount: 4
-
-ingress:
-  enabled: true
-  annotations: {}
-    # kubernetes.io/ingress.class: nginx
-    # kubernetes.io/tls-acme: "true"
-  hosts:
-    - host: titiler.charter.uat.esaportal.eu
-      paths: ["/"]
-  tls:
-   - secretName: domain-tls
-     hosts:
-       - titiler.charter.uat.esaportal.eu
-
-env:
-  PORT: 80
-  CPL_TMPDIR: /tmp
-  GDAL_CACHEMAX: 75%
-  VSI_CACHE: TRUE
-  VSI_CACHE_SIZE: 1073741824
-  GDAL_DISABLE_READDIR_ON_OPEN: EMPTY_DIR
-  GDAL_HTTP_MERGE_CONSECUTIVE_RANGES: YES
-  GDAL_HTTP_MULTIPLEX: YES
-  GDAL_HTTP_VERSION: 2
-  PYTHONWARNINGS: ignore
-  WEB_CONCURRENCY: 2
-
-resources:
-   limits:
-    cpu: 256m
-    memory: 1Gi
-    # ephemeral-storage: 10Gi
-   requests:
-    cpu: 256m
-    memory: 1Gi
-    # ephemeral-storage: 10Gi
-
-nodeSelector: {}
-
-tolerations: []
-
-affinity: {}