diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml
new file mode 100644
index 0000000..84956fe
--- /dev/null
+++ b/.github/workflows/linter.yml
@@ -0,0 +1,24 @@
+name: Lint Code
+
+on:
+  pull_request:
+    branches:
+      - master
+
+jobs:
+  lint:
+    name: Super Linter
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Lint code base
+        uses: github/super-linter@v3
+        env:
+          VALIDATE_DOCKERFILE_HADOLINT: true
+          VALIDATE_BASH: true
+          DEFAULT_BRANCH: master
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index d20585c..6e67e99 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -96,7 +96,6 @@ jobs:
     name: Security analysis
     runs-on: ubuntu-latest
     needs: publish
-    if: github.event_name == 'release'
     steps:
       - name: Prepare metadata
         id: metadata
diff --git a/.github/workflows/code-scanning.yml b/.github/workflows/security-analysis.yml
similarity index 94%
rename from .github/workflows/code-scanning.yml
rename to .github/workflows/security-analysis.yml
index d0664bf..acd4829 100644
--- a/.github/workflows/code-scanning.yml
+++ b/.github/workflows/security-analysis.yml
@@ -1,11 +1,11 @@
-name: "Code Scanning"
+name: Security analysis
 
 on:
   schedule:
     - cron: '0 0 * * 1'
 
 jobs:
-  code-scan:
+  security-analysis:
     name: Trivy scan
     runs-on: ubuntu-latest
 
diff --git a/.shellcheckrc b/.shellcheckrc
index 4444152..ed22ec8 100644
--- a/.shellcheckrc
+++ b/.shellcheckrc
@@ -1,6 +1,9 @@
 # Check shellcheck wiki at:
 # https://github.com/koalaman/shellcheck/wiki/SCXXXX
 
+# Allow following non-constant source
+disable=SC1090
+
 # Redirections are performed by the current shell before sudo is started.
 disable=SC2024