diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..ab7232d
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,53 @@
+name: Continuous Integration
+
+on:
+  pull_request:
+  push:
+    branches: [ "master" ]
+
+jobs:
+  analyze:
+    name: Analyze the Helm chart
+    runs-on: ubuntu-22.04
+    timeout-minutes: 5
+    steps:
+      - id: checkout_repository
+        name: Checkout repository
+        # actions/checkout@v4.1.1
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
+
+      - id: setup_helm
+        name: Setup Helm
+        # azure/setup-helm@v3.5
+        uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78
+        with:
+          version: v3.14.0
+
+      - id: run_helm_lint
+        name: Run Helm lint
+        run: helm lint --strict .
+
+      - id: run_helm_template
+        name: Run Helm template
+        run: helm template . > template_output.yaml
+
+      - id: run_trivy_config
+        name: Run Trivy vulnerability scanner
+        # aquasecurity/trivy-action@v0.16.1
+        uses: aquasecurity/trivy-action@d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca
+        with:
+          scan-type: config
+          trivy-config: trivy.yaml
+          hide-progress: false
+          # Note: Until current issues are fixed, do not fail the build
+          exit-code: '0'
+          format: sarif
+          output: trivy.sarif
+
+      - id: run_sarif_upload
+        name: Upload Trivy SARIF results
+        # github/codeql-action/upload-sarif@v2.22.9
+        uses: github/codeql-action/upload-sarif@382a50a0284c0de445104889a9d6003acb4b3c1d
+        timeout-minutes: 1
+        with:
+          sarif_file: trivy.sarif
diff --git a/.gitignore b/.gitignore
index e43a53e..ca869f1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,3 +10,4 @@
 
 # Helm
 values_overrides.yaml
+template_output.yaml
diff --git a/README.md b/README.md
index 94770ae..5617b40 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,7 @@
 # Helm charts for GraphDB
 
+[![CI](https://github.com/Ontotext-AD/graphdb-helm/actions/workflows/ci.yml/badge.svg)](https://github.com/Ontotext-AD/graphdb-helm/actions/workflows/ci.yml)
+
 You can download the GraphDB Helm chart, including all sub-charts managed by Ontotext, from the [Ontotext Helm repository](https://maven.ontotext.com/repository/helm-public/).
 
 ## Install
diff --git a/trivy.yaml b/trivy.yaml
new file mode 100644
index 0000000..49804a8
--- /dev/null
+++ b/trivy.yaml
@@ -0,0 +1,7 @@
+timeout: 5m
+exit-code: 1
+severity:
+  - HIGH
+  - CRITICAL
+  - MEDIUM
+format: table