diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 02a17e4..46a0914 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -1,12 +1,55 @@
+name: Test Kubernetes
 on: [push]
 
 jobs:
-  validate_job:
+  validate_kustomize:
     runs-on: ubuntu-latest
-    name: Validate Monokle resources
+    permissions:
+      security-events: write
+    name: Validate Kustomize with Monokle
     steps:
-      - name: Validate
-        id: validate
-        uses: kubeshop/monokle-action@v0.1.0
+      - id: checkout
+        uses: actions/checkout@master
+      - id: bake
+        uses: azure/k8s-bake@v2.2
         with:
-          milliseconds: "350"
+          renderEngine: "kustomize"
+          kustomizationPath: "./kustomize-happy-cms/overlays/local"
+      - id: validate
+        uses: kubeshop/monokle-action@v0.2.0
+        with:
+          path: ${{ steps.bake.outputs.manifestsBundle }}
+      - id: upload-sarif
+        if: always()
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: ${{ steps.validate.outputs.sarif }}
+  validate_vanilla:
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+    name: Validate vanilla Kubernetes resources with Monokle
+    steps:
+      - id: checkout
+        uses: actions/checkout@master
+      - id: validate
+        uses: kubeshop/monokle-action@v0.2.0
+        with:
+          path: vanilla-panda-blog
+  validate_helm:
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+    name: Validate Helm with Monokle
+    steps:
+      - id: checkout
+        uses: actions/checkout@master
+      - id: bake
+        uses: azure/k8s-bake@v2.2
+        with:
+          renderEngine: "helm"
+          helmChart: "./helm-yellow-wordpress"
+      - id: validate
+        uses: kubeshop/monokle-action@main
+        with:
+          path: ${{ steps.bake.outputs.manifestsBundle }}
diff --git a/monokle.validation.yaml b/monokle.validation.yaml
new file mode 100644
index 0000000..71440d7
--- /dev/null
+++ b/monokle.validation.yaml
@@ -0,0 +1,17 @@
+plugins:
+  yaml-syntax: true
+  kubernetes-schema: true
+  resource-links: true
+  labels: false
+rules:
+  yaml-syntax/no-bad-alias: "warn"
+  yaml-syntax/no-bad-directive: false
+  open-policy-agent/no-last-image: "err"
+  open-policy-agent/cpu-limit: false
+  open-policy-agent/cpu-request: false
+  open-policy-agent/memory-limit: false
+  open-policy-agent/memory-request: false
+  open-policy-agent/no-latest-image: "warn"
+settings:
+  kubernetes-schema:
+    schemaVersion: v1.24.2