diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
index 397c943..0a864ba 100644
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@@ -30,11 +30,16 @@ on:
         required: false
         type: string
         default: ""
+      orca-security-project-key:
+        required: true
+        type: string
     secrets:
       docker-hub-password:
         required: true
       docker-secrets:
         required: false
+      orca-security-api-token:
+        required: true
 
 jobs:
   build:
@@ -77,6 +82,14 @@ jobs:
           exit-code: 1
           trivyignores: ${{ inputs.trivy-ignore-files }}
 
+      - name: Orca Security scan
+        uses: orcasecurity/shiftleft-container-image-action@9cceca839ca144e6bb160a1d974d0656bcf71f22 # v1.0.6
+        with:
+          api_token: ${{ secrets.orca-security-api-token }}
+          project_key: ${{ inputs.orca-security-project-key }}
+          image: registry:5000/image:temp
+          exit_code: "1"
+
       - name: Set publish tags
         if: ${{ inputs.push }}
         id: tags
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 88afb25..340735d 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -22,8 +22,10 @@ jobs:
       docker-file: v${{ matrix.version.value }}/Dockerfile.multiarch
       docker-hub-username: ${{ vars.DOCKERHUB_USERNAME }}
       push: ${{ github.ref == 'refs/heads/master' }}
+      orca-security-project-key: ${{ vars.ORCA_SECURITY_PROJECT_KEY }}
     secrets:
       docker-hub-password: ${{ secrets.DOCKERHUB_TOKEN }}
+      orca-security-api-token: ${{ secrets.ORCA_SECURITY_API_TOKEN }}
 
     strategy:
       matrix: