diff --git a/.checkov.yaml b/.checkov.yaml
new file mode 100644
index 0000000..b8d1078
--- /dev/null
+++ b/.checkov.yaml
@@ -0,0 +1,3 @@
+skip-check:
+  - CKV_TF_1  # We tag semantic versions, not commits
+
diff --git a/.github/workflows/pr-tests-terraform.yml b/.github/workflows/pr-tests-terraform.yml
index 02459dc..57618ab 100644
--- a/.github/workflows/pr-tests-terraform.yml
+++ b/.github/workflows/pr-tests-terraform.yml
@@ -1,16 +1,19 @@
 name: Call Terraform Tests, Docs & Compliance
 
 on:
+  # Triggers the workflow on push or pull request events but only for the "main" branch
+  # This will run the tests twice, one in the PR and one when Commiting to master.
+  #  -> making sure the results appear in the "Security/Code Scan" tab in github.
+  push:
+    branches: [ "main", "master" ]
   pull_request:
-    branches:
-      - master
-    types:
-      - opened
-      - synchronize
-      - ready_for_review
+    branches: [ "main", "master" ]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
 
 jobs:
   tf-tests:
     uses: entur/gh-workflows/.github/workflows/pr-tests-terraform.yml@main
     with:
-      module_dirs: '["./modules/bigquery-sink"]'
+      module_dirs: '["./modules/bigquery-sink", "./examples/minimal", "./examples/minimal_test"]'
diff --git a/.gitignore b/.gitignore
index 65864e9..51e8d9c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -28,3 +28,5 @@ override.tf.json
 # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
 # example: *tfplan*
 /.idea/
+results.sarif
+.external_modules
diff --git a/examples/minimal/README.md b/examples/minimal/README.md
new file mode 100644
index 0000000..fe5b3e2
--- /dev/null
+++ b/examples/minimal/README.md
@@ -0,0 +1,30 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+No requirements.
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_bigquery-sink"></a> [bigquery-sink](#module\_bigquery-sink) | github.com/entur/terraform-aiven-kafka-connect-bigquery-sink//modules/bigquery-sink | v0.2.1 |
+| <a name="module_init"></a> [init](#module\_init) | github.com/entur/terraform-aiven-kafka-connect-init//modules/init | v1.1.4 |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_my_aiven_access_token"></a> [my\_aiven\_access\_token](#input\_my\_aiven\_access\_token) | n/a | `any` | n/a | yes |
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->
\ No newline at end of file