diff --git a/Jenkinsfile b/Jenkinsfile
index 8216d104532320e6d2938732a454fa3dec5d6ef2..099775ad36056ea1ca8d4c789662a3e2886531db 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -118,16 +118,35 @@
     }
 
     stages {
-      stage('Build Java code') {
+      stage('Build with Sonarcloud scan') {
+        when {
+          branch 'main'
+        }
         steps {
           container('buildcontainer') {
             readTrusted 'Makefile'
             readTrusted 'pom.xml'
             sh 'make generate-spec'
             withCredentials([string(credentialsId: 'sonarcloud-token-git-eca-rest-api', variable: 'SONAR_TOKEN')]) {
-              sh 'mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.login=${SONAR_TOKEN} -Dmaven.test.skip=true'
+              sh 'mvn clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -B -Dsonar.login=${SONAR_TOKEN}'
             }
-            stash name: "target", includes: "target/**/*"
+          }
+        }
+      }
+      stage('Build without Sonarcloud scan') {
+        when {
+          not {
+           branch 'main'
+          }
+        }
+
+        steps {
+          container('buildcontainer') {
+            readTrusted 'pom.xml'
+
+            sh 'make compile-java'
+            // only no-scan builds can be deployed as we don't deploy main
+            stash includes: 'target/', name: 'target'
           }
         }
       }
@@ -136,6 +155,12 @@
         agent {
           label 'docker-build'
         }
+        when {
+          anyOf {
+            environment name: 'ENVIRONMENT', value: 'production'
+            environment name: 'ENVIRONMENT', value: 'staging'
+          }
+        }
         steps {
           readTrusted 'src/main/docker/Dockerfile.jvm'
 
diff --git a/pom.xml b/pom.xml
index 0905d4abd609365d071ba3068286704938c56fbf..8cd32fa84fa4a6791bf144fc3c0e956f4a4e93ec 100644
--- a/pom.xml
+++ b/pom.xml
@@ -24,6 +24,7 @@
     <sonar.dynamicAnalysis>reuseReports</sonar.dynamicAnalysis>
     <sonar.coverage.jacoco.xmlReportPaths>${project.basedir}/target/jacoco-report/jacoco.xml</sonar.coverage.jacoco.xmlReportPaths>
     <sonar.junit.reportPath>${project.build.directory}/surefire-reports</sonar.junit.reportPath>
+    <sonar.host.url>https://sonarcloud.io</sonar.host.url>
     <sonar.organization>eclipse-foundation-it</sonar.organization>
     <sonar.projectKey>eclipse-foundation-it_git-eca-rest-api</sonar.projectKey>
     <sonar.projectName>Git ECA REST API</sonar.projectName>
diff --git a/src/main/resources/application-dev.properties b/src/main/resources/application-dev.properties
new file mode 100644
index 0000000000000000000000000000000000000000..24d354e067fac96f585b81fd2d813c068cf686eb
--- /dev/null
+++ b/src/main/resources/application-dev.properties
@@ -0,0 +1,4 @@
+## Internal dev settings to help with testing
+eclipse.cache.resource.enabled=true
+eclipse.optional-resources.enabled=true
+eclipse.scheduled.private-project.enabled=false
\ No newline at end of file
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 09df93d127b12af156beed3fced69e970defe46b..456b0527eccb9dc4eef02f8bfb4a96b75ba69c65 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,8 +1,6 @@
 quarkus.rest-client."org.eclipsefoundation.git.eca.api.AccountsAPI".scope=javax.enterprise.context.ApplicationScoped
 quarkus.rest-client."org.eclipsefoundation.git.eca.api.AccountsAPI".url=https://api.eclipse.org
 projects-api/mp-rest/url=https://projects.eclipse.org
-eclipse.cache.loading."projects".timeout=10
-eclipse.cache.loading."projects".start-at-boot=true
 org.eclipsefoundation.git.eca.api.BotsAPI/mp-rest/url=https://api.eclipse.org
 quarkus.rest-client."org.eclipsefoundation.git.eca.api.GitlabAPI".url=https://gitlab.eclipse.org/api/v4/
 
@@ -33,14 +31,19 @@ oauth2.client-id=placeholder
 oauth2.client-secret=placeholder
 eclipse.reports.allowed-users=mbarbaro,webdev
 
+## CACHE SETTINGS
+eclipse.cache.loading."projects".timeout=10
+eclipse.cache.loading."projects".start-at-boot=true
+eclipse.cache.loading."projects".runtime-boot-key=all
+## shorter internal cache time for more live data
 quarkus.cache.caffeine."default".initial-capacity=1000
 quarkus.cache.caffeine."default".expire-after-write=15M
 quarkus.cache.caffeine."record".initial-capacity=${quarkus.cache.caffeine."default".initial-capacity}
 quarkus.cache.caffeine."record".expire-after-write=${quarkus.cache.caffeine."default".expire-after-write}
-
 ## JWT cache, 115 second cache time to make sure there is no accidental sending of an expired token
 quarkus.cache.caffeine."accesstoken".initial-capacity=1000
 quarkus.cache.caffeine."accesstoken".expire-after-write=119S
+
 ## JWT Placeholders/defaults
 smallrye.jwt.new-token.lifespan=120
 smallrye.jwt.new-token.issuer=262450
@@ -48,8 +51,5 @@ eclipse.webhooks.github.context=eclipsefdn/eca
 eclipse.webhooks.github.server-target=https://api.eclipse.org
 
 eclipse.mail.allowlist=noreply@github.com,49699333+dependabot[bot]@users.noreply.github.com,bot@stepsecurity.io
-%dev.eclipse.cache.resource.enabled=true
-%dev.eclipse.optional-resources.enabled=true
-%dev.eclipse.scheduled.private-project.enabled=false
 
 eclipse.system-hook.pool-size=5