diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 51b93b0f8ab3aec60a11b32496d5ec866d74eeb3..55f7d9156c4652ed779a19189dd20cfe6cd7c138 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -2,7 +2,7 @@ stages:
 - sonarqube
 - heroku_deploy
 
-sonarqube-check:
+sonarqube-check-staging:
   stage: sonarqube
   image: 
     name: sonarsource/sonar-scanner-cli:latest
@@ -15,15 +15,32 @@ sonarqube-check:
     paths:
       - .sonar/cache
   script: 
-    - sonar-scanner -D"sonar.projectKey=ppi-staging" -D"sonar.sources=." -D"sonar.host.url=https://sonarqube.cs.ui.ac.id" -D"sonar.login=a4b8d517cfba77c391a010305d56e394d4e520a9"
+    - sonar-scanner -D"sonar.projectKey=${SONAR_PROJECT_KEY_STAGING}" -D"sonar.sources=." -D"sonar.host.url=https://sonarqube.cs.ui.ac.id" -D"sonar.login=${SONAR_TOKEN_STAGING}"
   
   allow_failure: true
 
   only:
-    - main 
     - staging
 
+sonarqube-check-prod:
+  stage: sonarqube
+  image: 
+    name: sonarsource/sonar-scanner-cli:latest
+    entrypoint: [ "" ]
+  variables:
+    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
+    GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
+  cache:
+    key: "${CI_JOB_NAME}"
+    paths:
+      - .sonar/cache
+  script: 
+    - sonar-scanner -D"sonar.projectKey=${SONAR_PROJECT_KEY_PROD}" -D"sonar.sources=." -D"sonar.host.url=https://sonarqube.cs.ui.ac.id" -D"sonar.login=${SONAR_TOKEN_PROD}"
+  
+  allow_failure: true
 
+  only:
+    - main
 
 heroku_deploy:
   stage: heroku_deploy