diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index e26cc17aac8b10d633ff38f9f20c922f939fa732..560c2268dbd7e48dce01e69ee80e73e224385b6f 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,170 +1,157 @@
+# You can override the included template(s) by including variable overrides
+# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
+# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
 image: docker:git
-
 services:
-  - docker:dind
-
+- docker:dind
 variables:
   DOCKER_DRIVER: overlay2
   DOCKER_TLS_CERTDIR: ''
-
 stages:
-  - test
-  - build
-  - quality
-  - deploy
-  - publish
-
+- test
+- build
+- quality
+- deploy
+- publish
 test:
   stage: test
   image: node:14.15.4-alpine
   before_script:
-    - apk add git
+  - apk add git
   script:
-    - yarn
-    - yarn test --ci --reporters=default --reporters=jest-junit
-  coverage: /All files[^|]*\|[^|]*\s+([\d\.]+)/
+  - yarn
+  - yarn test --ci --reporters=default --reporters=jest-junit
+  coverage: "/All files[^|]*\\|[^|]*\\s+([\\d\\.]+)/"
   artifacts:
     when: always
     reports:
       junit:
-        - junit.xml
+      - junit.xml
   only:
-    - dev
-    - master
-    - merge_requests
-
+  - dev
+  - master
+  - merge_requests
 build-test:
   stage: build
   image: node:14.15.4-alpine
   before_script:
-    - apk add git
-    - apk add bash
+  - apk add git
+  - apk add bash
   script:
-    - yarn
-    - yarn build
+  - yarn
+  - yarn build
   only:
-    - merge_requests
+  - merge_requests
   artifacts:
     paths:
-      - build/assets
-
+    - build/assets
 build-dev:
   stage: build
   image: node:14.15.4-alpine
   before_script:
-    - apk add git
-    - apk add bash
+  - apk add git
+  - apk add bash
   script:
-    - yarn
-    - yarn build-dev
-    - git config --global user.name build-pipeline
-    - git config --global user.email "$GIT_USER"
-    - git config --global user.password "$GIT_PWD"
-    - git config user.email "$GIT_USER"
-    - git remote set-url origin https://"$GIT_USER":"$GIT_PWD"@forge.grandlyon.com/web-et-numerique/llle_project/ecolyo.git
-    - git config --global credential.helper store
-    - yarn deploy-dev
+  - yarn
+  - yarn build-dev
+  - git config --global user.name build-pipeline
+  - git config --global user.email "$GIT_USER"
+  - git config --global user.password "$GIT_PWD"
+  - git config user.email "$GIT_USER"
+  - git remote set-url origin https://"$GIT_USER":"$GIT_PWD"@forge.grandlyon.com/web-et-numerique/llle_project/ecolyo.git
+  - git config --global credential.helper store
+  - yarn deploy-dev
   only:
-    - dev
-
+  - dev
 build:
   stage: build
   image: node:14.15.4-alpine
   before_script:
-    - apk add git
-    - apk add bash
+  - apk add git
+  - apk add bash
   script:
-    - yarn
-    - yarn build
-    - git config --global user.name build-pipeline
-    - git config --global user.email "$GIT_USER"
-    - git config --global user.password "$GIT_PWD"
-    - git config user.email "$GIT_USER"
-    - git remote set-url origin https://"$GIT_USER":"$GIT_PWD"@forge.grandlyon.com/web-et-numerique/llle_project/ecolyo.git
-    - git config --global credential.helper store
-    - yarn deploy
+  - yarn
+  - yarn build
+  - git config --global user.name build-pipeline
+  - git config --global user.email "$GIT_USER"
+  - git config --global user.password "$GIT_PWD"
+  - git config user.email "$GIT_USER"
+  - git remote set-url origin https://"$GIT_USER":"$GIT_PWD"@forge.grandlyon.com/web-et-numerique/llle_project/ecolyo.git
+  - git config --global credential.helper store
+  - yarn deploy
   only:
-    - master
-
+  - master
 build_stack:
   stage: build
   script:
-    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
-    - docker build -t "$CI_REGISTRY_IMAGE/cozy-env:latest"  ./docker/
-    - docker push $CI_REGISTRY_IMAGE/cozy-env:latest
+  - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+  - docker build -t "$CI_REGISTRY_IMAGE/cozy-env:latest"  ./docker/
+  - docker push $CI_REGISTRY_IMAGE/cozy-env:latest
   only:
-    - master
+  - master
   when: manual
-
 publish:
   stage: publish
   image: node:14.15.4-alpine
   before_script:
-    - apk add git
+  - apk add git
   script:
-    - yarn cozyPublish
+  - yarn cozyPublish
   only:
-    - tags
+  - tags
   when: manual
-
 sonarqube:
   stage: quality
   only:
-    - dev
+  - dev
   image: registry.forge.grandlyon.com/apoyen2/sonnar-scanner-gl:master
   before_script:
-    - export NODE_PATH=$NODE_PATH:`npm root -g`
-    - npm install -g typescript
+  - export NODE_PATH=$NODE_PATH:`npm root -g`
+  - npm install -g typescript
   script:
-    - >
-      sonar-scanner
-      -Dsonar.projectName="ecolyo"
-      -Dsonar.projectVersion=1.0
-      -Dsonar.sourceEncoding=UTF-8
-      -Dsonar.projectBaseDir=.
-      -Dsonar.host.url=${SONAR_URL}
-      -Dsonar.projectKey=${CI_PROJECT_PATH_SLUG}
-      -Dsonar.login=${SONAR_TOKEN}
-      -Dsonar.cpd.exclusions=tests/**,src/**/*.spec.ts*
-      -Dsonar.qualitygate.wait=true
+  - 'sonar-scanner -Dsonar.projectName="ecolyo" -Dsonar.projectVersion=1.0 -Dsonar.sourceEncoding=UTF-8
+    -Dsonar.projectBaseDir=. -Dsonar.host.url=${SONAR_URL} -Dsonar.projectKey=${CI_PROJECT_PATH_SLUG}
+    -Dsonar.login=${SONAR_TOKEN} -Dsonar.cpd.exclusions=tests/**,src/**/*.spec.ts*
+    -Dsonar.qualitygate.wait=true
 
+'
 sonarqube-mr:
   stage: quality
   only:
-    - merge_requests
+  - merge_requests
   image: registry.forge.grandlyon.com/apoyen2/sonnar-scanner-gl:master
   before_script:
-    - export NODE_PATH=$NODE_PATH:`npm root -g`
-    - npm install -g typescript
+  - export NODE_PATH=$NODE_PATH:`npm root -g`
+  - npm install -g typescript
   script:
-    - >
-      sonar-scanner
-      -Dsonar.projectName="ecolyo-mr"
-      -Dsonar.projectVersion=1.0
-      -Dsonar.sourceEncoding=UTF-8
-      -Dsonar.projectBaseDir=.
-      -Dsonar.host.url=${SONAR_URL}
-      -Dsonar.projectKey=ecolyo-mr
-      -Dsonar.login=${SONAR_MR_TOKEN}
-      -Dsonar.cpd.exclusions=tests/**,src/**/*.spec.ts*
-      -Dsonar.qualitygate.wait=true
+  - 'sonar-scanner -Dsonar.projectName="ecolyo-mr" -Dsonar.projectVersion=1.0 -Dsonar.sourceEncoding=UTF-8
+    -Dsonar.projectBaseDir=. -Dsonar.host.url=${SONAR_URL} -Dsonar.projectKey=ecolyo-mr
+    -Dsonar.login=${SONAR_MR_TOKEN} -Dsonar.cpd.exclusions=tests/**,src/**/*.spec.ts*
+    -Dsonar.qualitygate.wait=true
 
+'
 deploy_demo:
   stage: deploy
   tags:
-    - deploy
+  - deploy
   script:
-    - cd /root/ecolyo-infra-scripts/cicid_scripts
-    - ./update_ecolyo_dev.sh
+  - cd /root/ecolyo-infra-scripts/cicid_scripts
+  - "./update_ecolyo_dev.sh"
   only:
-    - dev
-
+  - dev
 deploy_alpha:
   stage: deploy
   tags:
-    - deploy
+  - deploy
   script:
-    - cd /root/ecolyo-infra-scripts/cicid_scripts
-    - ./update_all_ecolyo_dev.sh
+  - cd /root/ecolyo-infra-scripts/cicid_scripts
+  - "./update_all_ecolyo_dev.sh"
   only:
-    - tags
+  - tags
+sast:
+  stage: test
+include:
+- template: Security/SAST.gitlab-ci.yml