diff --git a/.github/workflows/continous-integration.yml b/.github/workflows/continous-integration.yml
index 5b01c0a65..ef152c88e 100644
--- a/.github/workflows/continous-integration.yml
+++ b/.github/workflows/continous-integration.yml
@@ -39,4 +39,4 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-gradle-
       - name: Build with Gradle Wrapper
-        run: ./gradlew build --warning-mode=fail -Pmicronaut.runtime=${{ matrix.runtime }}
+        run: ./gradlew build --warning-mode=fail -Pmicronaut.runtime=${{ matrix.runtime }} -Pspotbugs.ignoreFailures=true
diff --git a/.github/workflows/spotbugs-check.yml b/.github/workflows/spotbugs-check.yml
new file mode 100644
index 000000000..878919b8c
--- /dev/null
+++ b/.github/workflows/spotbugs-check.yml
@@ -0,0 +1,37 @@
+# This workflow will build a Java project with Gradle
+# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-gradle
+
+name: Spotbugs Check
+
+on:
+  push:
+    branches: [ '**' ]
+
+jobs:
+  spotbugs:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Git Checkout
+        uses: actions/checkout@v2
+      - name: Set up JDK 8
+        uses: actions/setup-java@v1
+        with:
+          java-version: 8
+      - name: Cache Dependencies #see https://github.com/actions/cache/blob/master/examples.md#java---gradle
+        uses: actions/cache@v2
+        with:
+          path: ~/.gradle/caches
+          key: ${{ runner.os }}-spotbugs-gradle-${{ hashFiles('**/*.gradle*') }}
+          restore-keys: |
+            ${{ runner.os }}-spotbugs-gradle-
+      - name: Spotbugs Checks
+        id: spotbugs_checks
+        # ignoreFailures set to true that the xmlReport can parsed and uploaded by next step otherwise this step will fail and the findings are not visible
+        # xmlReport set to true that the next step can parse the xml and upload the findings
+        run: ./gradlew spotbugsMain -Pspotbugs.ignoreFailures=true -Pspotbugs.xmlReport=true
+      - name: Publish Spotbugs Results
+        uses: arolfes/spotbugs-github-action@master
+        with:
+          path: '**/spotbugs/main.xml'
+          # TODO enable when PR jwgmeligmeyling/spotbugs-github-action#10 is integrated
+          threshold: 0 # apply zero-warning policy
diff --git a/gradle.properties b/gradle.properties
index e1acabe90..01585392f 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -15,6 +15,7 @@ camundaVersion=7.14.0
 # Latest Jersey, that implements JAX-RS 2.1 API: see https://eclipse-ee4j.github.io/jersey/download.html
 jerseyVersion=2.33
 shadowJarVersion=6.1.0
+spotbugsVersion=4.6.0
 # Prevent upload of maven-metadata.xml.sha256/sha512 files to oss.sonatype.org
 # see https://issues.sonatype.org/browse/OSSRH-53695?focusedCommentId=887733&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-887733
 # see https://github.com/gradle/gradle/issues/11308#issuecomment-554317655
diff --git a/micronaut-camunda-bpm-feature/build.gradle b/micronaut-camunda-bpm-feature/build.gradle
index e2a5e2d18..5ccdf59f4 100644
--- a/micronaut-camunda-bpm-feature/build.gradle
+++ b/micronaut-camunda-bpm-feature/build.gradle
@@ -6,6 +6,7 @@ plugins {
     id("org.jetbrains.kotlin.plugin.allopen")
     id("maven-publish")
     id("signing")
+    id("com.github.spotbugs")
 }
 
 group = "info.novatec"
@@ -131,3 +132,29 @@ signing {
 configurations {
     testArtifacts
 }
+
+// When spotbugs is executed locally, it will fail when there is one finding
+// When spotbugs is executed in "continous integration" it will not fail and we can upload the spotbug results to PR
+boolean ignoreFailuresProperties = project.hasProperty('spotbugs.ignoreFailures') ? project.getProperty('spotbugs.ignoreFailures') == 'true' : true
+// When spotbugs is executed locally, it will produce a nice HTML report
+// When spotbugs is executed in "continous integration" it will generate XML that can be parsed and uploaded to PR
+boolean xmlReport = project.hasProperty('spotbugs.xmlReport') ? project.getProperty('spotbugs.xmlReport') == 'true' : false
+spotbugs {
+    ignoreFailures = ignoreFailuresProperties
+    effort = com.github.spotbugs.snom.Effort.MAX
+    excludeFilter = file("${projectDir}/config/spotbugs/exclude.xml")
+}
+// Example to configure HTML report
+spotbugsMain {
+    reports {
+        xml {
+            enabled = xmlReport
+        }
+        html {
+            enabled = !xmlReport
+            destination = file("$buildDir/reports/spotbugs/main/spotbugs.html")
+            stylesheet = 'fancy-hist.xsl' // comes from spotbugs
+        }
+    }
+}
+spotbugsTest.enabled = false
\ No newline at end of file
diff --git a/micronaut-camunda-bpm-feature/config/spotbugs/exclude.xml b/micronaut-camunda-bpm-feature/config/spotbugs/exclude.xml
new file mode 100644
index 000000000..e2da548a8
--- /dev/null
+++ b/micronaut-camunda-bpm-feature/config/spotbugs/exclude.xml
@@ -0,0 +1,6 @@
+<FindBugsFilter>
+  <Match>
+    <!-- Exclude all Micronaut generated Classes from Annotations -->
+    <Class name="~.*\.\$.*" />
+  </Match>
+</FindBugsFilter>
diff --git a/settings.gradle b/settings.gradle
index a1eb9b564..ba22a2a9f 100644
--- a/settings.gradle
+++ b/settings.gradle
@@ -6,6 +6,7 @@ pluginManagement {
         id("com.github.johnrengelman.shadow") version "$shadowJarVersion"
         id("io.micronaut.application") version "$micronautApplicationPluginVersion"
         id("io.micronaut.library") version "$micronautLibraryPluginVersion"
+        id("com.github.spotbugs") version "$spotbugsVersion"
     }
 }