diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000000000000000000000000000000000000..993127e2f3051475372cbb1c43ecbd75d0b63bbc
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,58 @@
+images:
+ name: leadrien/isc-sonar-scanner-cli:latest
+
+variables:
+ SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
+ GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
+
+stages:
+ - build
+ - quality
+
+default:
+ image: node:lts-slim
+ cache:
+ paths:
+ - .npm_file/repository
+
+build_arlind_npm:
+ stage: build
+ beforce_script:
+ - npm ci
+ script:
+ - npm run build
+ artifacts:
+ paths:
+ - target/
+
+build-sonar:
+ stage: quality
+ cache:
+ policy: pull-push
+ key: "sonar-cache-$CI_COMMIT_REF_SLUG"
+ paths:
+ - "${SONAR_USER_HOME}/cache"
+ - sonar-scanner/
+ script:
+ - sonar-scanner -Dsonar.host.url="${SONAR_HOST_URL}"
+ allow_failure: true
+ rules:
+ - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
+ - if: $CI_COMMIT_BRANCH == 'master'
+ - if: $CI_COMMIT_BRANCH == 'main'
+ - if: $CI_COMMIT_BRANCH == 'develop'
+
+sonarqube-vulnerability-report:
+ stage: quality
+ script:
+ - 'curl -u "${SONAR_TOKEN}:" "${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=baftiju-breakout&branch=${CI_COMMIT_BRANCH}&pullRequest=${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
+ allow_failure: true
+ rules:
+ - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
+ - if: $CI_COMMIT_BRANCH == 'master'
+ - if: $CI_COMMIT_BRANCH == 'main'
+ - if: $CI_COMMIT_BRANCH == 'develop'
+ artifacts:
+ expire_in: 1 day
+ reports:
+ sast: gl-sast-sonar-report.json
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000000000000000000000000000000000000..cb778b04e7c00015232b3997b7b760c675fd0a2d
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,2 @@
+sonar.projectKey=baftiju-breakout
+sonar.qualitygate.wait=true