diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index c2b92b1d36868f3f1be26f502035f3cd565ded19..adbb7bc4277ab28cad599ad6511893386e95def2 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -5,6 +5,12 @@ include:
     file: '/cicd/SAST-nodejs.gitlab-ci.yml'
   - project: 'general/templates'
     file: '/cicd/npm-audit.gitlab-ci.yml'
+  - project: 'general/templates'
+    file: '/cicd/sonarqube.gitlab-ci.yml'
+
+variables:
+  SONAR_PROJECT_KEY: config
+  SONAR_TOKEN: 11922a8e774494f51e1d2f0e695949e4073e7df8
 
 cache:
   paths:
diff --git a/README.md b/README.md
index 0f52d9b10737baae539e620fb08ea013256a7d44..31d758bb74ef9db52b6797a8dcfcc11c300fbba1 100644
--- a/README.md
+++ b/README.md
@@ -1,21 +1,29 @@
 # config
 
+[![pipeline status](https://it-devops-01.br-edv.brnet.int/general/config/badges/master/pipeline.svg)](https://it-devops-01.br-edv.brnet.int/general/config/commits/master)
+[![coverage report](https://it-devops-01.br-edv.brnet.int/general/config/badges/master/coverage.svg)](https://it-devops-01.br-edv.brnet.int/general/config/commits/master)
+
 Simple Config Log with HashiCorp Vault support.
 
 ## Installation
 
+`npm install --save git+ssh://git@it-devops-01.br-edv.brnet.int:general/config.git`
+
 ## Usage
 
+`let config = require('config')`
 
-## TODO
+Then config is your config object. (Use it like config.setting)
 
-sonarqube
+It reads from the following sources, performing a deep merge:  
+(The Top Value overwrites the lower ones)
 
-badges
+- ENV
+- config.json
+- config.defaults.json
 
-bottom overwrites top
-config.defaults.json
-config.json
-process.ENV
+## TODO / Missing
 
-if value == "vault:", treat it as secret
\ No newline at end of file
+- hashicorp values support: if value == "vault:", treat it as secret
+- sonarqube + badges
+- tests
diff --git a/index.js b/index.js
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..18780077d5f67c34ce5205a1b5868d770b50ba8e 100644
--- a/index.js
+++ b/index.js
@@ -0,0 +1,28 @@
+var fs = require('fs')
+var merge = require('lodash.merge')
+
+let config = {}
+
+if (fs.accessSync('./config.defaults.json')) {
+  config = JSON.parse(fs.readFileSync('./config.defaults.json', 'utf8'))
+}
+
+if (fs.accessSync('./config.json')) {
+  config = merge(config, JSON.parse(fs.readFileSync('./config.json', 'utf8')))
+}
+
+iterate(config)
+
+module.exports = config
+
+const iterate = function (obj) {
+  for (let index = 0; index < Object.keys(obj).length; index++) {
+    const element = Object.keys(obj)[index]
+    if (process.env[element]) {
+      obj[element] = process.env[element]
+    }
+    if (typeof element === 'object') {
+      iterate(element)
+    }
+  }
+}
\ No newline at end of file
diff --git a/package-lock.json b/package-lock.json
index 2d7570a37df703a76ea0edbd62de0989ac82a8b9..27e70f5a53687e6aa49ea4096d4f5277e67d9923 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -2758,6 +2758,11 @@
       "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==",
       "dev": true
     },
+    "lodash.merge": {
+      "version": "4.6.2",
+      "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz",
+      "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ=="
+    },
     "lodash.sortby": {
       "version": "4.7.0",
       "resolved": "https://registry.npmjs.org/lodash.sortby/-/lodash.sortby-4.7.0.tgz",
diff --git a/package.json b/package.json
index 775da5c8cd863fba07ad554a93494d3afa8191b2..ef1bc2bff061ede8cefdf8f7fc020e1ba079f171 100644
--- a/package.json
+++ b/package.json
@@ -4,7 +4,8 @@
   "description": "Simple Config Log with HashiCorp Vault support",
   "main": "index.js",
   "scripts": {
-    "test": "jest"
+    "test": "jest",
+    "sonarqube": "sonar-scanner -Dsonar.projectKey=config -Dsonar.sources=. -Dsonar.host.url=https://it-devops-01.br-edv.brnet.int:8999 -Dsonar.login=gitlab"
   },
   "keywords": [
     "config",
@@ -14,6 +15,7 @@
   "author": "Dominik Sigmund",
   "license": "ISC",
   "dependencies": {
+    "lodash.merge": "^4.6.2",
     "vault": "^0.3.0"
   },
   "devDependencies": {