diff --git a/.github/workflows/sast.yaml b/.github/workflows/sast.yaml
new file mode 100644
index 00000000..04c06f08
--- /dev/null
+++ b/.github/workflows/sast.yaml
@@ -0,0 +1,54 @@
+name: Static analysis
+
+on: push
+  # Will run on push when merging to 'branches'. The output will be shown in the console
+  # push
+
+  # 'pull_request_target' allows this Action to also run on forked repositories
+  # The output will be shown in PR comments (unless the 'force_console_print' flag is used)
+  # pull_request_target:
+  #   branches:
+  #     - "*"
+
+jobs:
+  static_analysis:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: setup init_script
+      shell: bash
+      run: |
+        echo "#!/bin/bash
+
+        # Input args provided by StaticAnalysis action
+        root_dir=\${1}
+        build_dir=\${2}
+        echo \"Hello from the init script! First arg=\${root_dir} second arg=\${build_dir}\"
+
+        add-apt-repository ppa:oibaf/graphics-drivers
+        apt update && apt upgrade -y
+        apt install -y libvulkan1 mesa-vulkan-drivers vulkan-utils" > init_script.sh
+
+    - name: Run static analysis
+      uses: JacobDomagala/StaticAnalysis@master
+      with:
+        language: c++
+
+        # Exclude any issues found in ${Project_root_dir}/lib
+        exclude_dir: lib
+
+        use_cmake: true
+
+        # Additional apt packages that need to be installed before running Cmake
+        apt_pckgs: software-properties-common libglu1-mesa-dev freeglut3-dev mesa-common-dev
+
+        # Additional script that will be run (sourced) AFTER 'apt_pckgs' and before running Cmake
+        init_script: init_script.sh
+
+        # (Optional) clang-tidy args
+        clang_tidy_args: -checks='*,fuchsia-*,google-*,zircon-*,abseil-*,modernize-use-trailing-return-type'
+
+        # (Optional) cppcheck args
+        cppcheck_args: --enable=all --suppress=missingInclude