diff --git a/.github/scripts/run_sonar.sh b/.github/scripts/run_sonar.sh
new file mode 100644
index 0000000..e144ec7
--- /dev/null
+++ b/.github/scripts/run_sonar.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+sonar-scanner \
+    -Dsonar.organization=checkout-ltd \
+    -Dsonar.projectKey=checkout_CheckoutCardManagement-iOS \
+    -Dsonar.sources=. \
+    -Dsonar.host.url=https://sonarcloud.io \
+    -Dsonar.cfamily.build-wrapper-output.bypass=true \
+    -Dsonar.c.file.suffixes=- \
+    -Dsonar.cpp.file.suffixes=- \
+    -Dsonar.objc.file.suffixes=-
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000..ec0124c
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,41 @@
+name: Run SonarCloud Analysis
+on:
+  push:
+    branches:
+      - 'main'
+      - 'develop'
+      - 'release/*'
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches:
+      - 'main'
+      - 'develop'
+      - 'release/*'
+  schedule:
+    - cron: '34 2 * * 0'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build:
+    name: Build and analyze
+    runs-on: macos-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+
+        # Initializes the SonarCloud tools for scanning.
+      - name: Install sonar-scanner and build-wrapper
+        uses: SonarSource/sonarcloud-github-c-cpp@v2
+
+        # Executes the SonarScanner to analyze the project.
+      - name: Run sonar-scanner
+        env:
+          # Sets environment variables required for the analysis
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: sh .github/scripts/run_sonar.sh
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 372e407..5ae644d 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -35,13 +35,13 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
       with:
         submodules: recursive
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
         queries: security-and-quality
@@ -51,4 +51,4 @@ jobs:
         xcodebuild -scheme CheckoutCardManagement -destination "platform=iOS Simulator,name=iPhone 14 Pro,OS=latest"
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000..28d21c9
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,6 @@
+sonar.projectKey=checkout_CheckoutCardManagement-iOS
+sonar.organization=checkout-ltd
+
+sonar.sourceEncoding=UTF-8
+sonar.projectVersion=1.0
+sonar.sources=src