diff --git a/.cirrus/wss-unified-agent.config b/.cirrus/wss-unified-agent.config
new file mode 100644
index 0000000..d23b6de
--- /dev/null
+++ b/.cirrus/wss-unified-agent.config
@@ -0,0 +1,4 @@
+docker.projectNameFormat=repositoryNameAndTag
+docker.scanImages=true
+wss.url=https://saas-eu.whitesourcesoftware.com/agent
+productName=GitHubAction/SonarCloudGitHubAction
diff --git a/.github/workflows/PullRequestClosed.yml b/.github/workflows/PullRequestClosed.yml
index 1bf2140..b50896e 100644
--- a/.github/workflows/PullRequestClosed.yml
+++ b/.github/workflows/PullRequestClosed.yml
@@ -5,15 +5,16 @@ on:
     types: [closed]
 
 jobs:
-  PullRequestClosed_job:
-    name: Pull Request Closed
-    runs-on: github-ubuntu-latest-s
+  PullRequestMerged_job:
+    name: Pull Request Merged
+    runs-on: ubuntu-latest
     permissions:
       id-token: write
       pull-requests: read
     # For external PR, ticket should be moved manually
     if: |
         github.event.pull_request.head.repo.full_name == github.repository
+        && github.event.pull_request.merged
     steps:
       - id: secrets
         uses: SonarSource/vault-action-wrapper@v3
diff --git a/.github/workflows/PullRequestCreated.yml b/.github/workflows/PullRequestCreated.yml
index 1e00ed0..fc20e4a 100644
--- a/.github/workflows/PullRequestCreated.yml
+++ b/.github/workflows/PullRequestCreated.yml
@@ -7,7 +7,7 @@ on:
 jobs:
   PullRequestCreated_job:
     name: Pull Request Created
-    runs-on: github-ubuntu-latest-s
+    runs-on: ubuntu-latest
     permissions:
       id-token: write
     # For external PR, ticket should be created manually
diff --git a/.github/workflows/RequestReview.yml b/.github/workflows/RequestReview.yml
index eb1425d..5eac0d5 100644
--- a/.github/workflows/RequestReview.yml
+++ b/.github/workflows/RequestReview.yml
@@ -7,7 +7,7 @@ on:
 jobs:
   RequestReview_job:
     name: Request review
-    runs-on: github-ubuntu-latest-s
+    runs-on: ubuntu-latest
     permissions:
       id-token: write
     # For external PR, ticket should be moved manually
diff --git a/.github/workflows/SubmitReview.yml b/.github/workflows/SubmitReview.yml
index d5b18a7..d5f22e6 100644
--- a/.github/workflows/SubmitReview.yml
+++ b/.github/workflows/SubmitReview.yml
@@ -7,7 +7,7 @@ on:
 jobs:
   SubmitReview_job:
     name: Submit Review
-    runs-on: github-ubuntu-latest-s
+    runs-on: ubuntu-latest
     permissions:
       id-token: write
       pull-requests: read
diff --git a/.github/workflows/qa.yml b/.github/workflows/qa.yml
index 499388d..5fc2cbf 100644
--- a/.github/workflows/qa.yml
+++ b/.github/workflows/qa.yml
@@ -54,7 +54,7 @@ jobs:
   scannerVersionTest:
     name: >
       'scannerVersion' input
-    runs-on: github-ubuntu-latest-s # assumes default RUNNER_ARCH for linux is X64
+    runs-on: ubuntu-latest # assumes default RUNNER_ARCH for linux is X64
     steps:
       - uses: actions/checkout@v4
         with:
@@ -74,7 +74,7 @@ jobs:
   scannerBinariesUrlTest:
     name: >
       'scannerBinariesUrl' input with invalid URL
-    runs-on: github-ubuntu-latest-s # assumes default RUNNER_ARCH for linux is X64
+    runs-on: ubuntu-latest # assumes default RUNNER_ARCH for linux is X64
     steps:
       - uses: actions/checkout@v4
         with:
diff --git a/.github/workflows/update-tags.yml b/.github/workflows/update-tags.yml
index be85366..a07d193 100644
--- a/.github/workflows/update-tags.yml
+++ b/.github/workflows/update-tags.yml
@@ -7,7 +7,7 @@ on:
 
 jobs:
   generate:
-    runs-on: github-ubuntu-latest-s
+    runs-on: ubuntu-latest
     permissions:
       contents: write