diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 687009a9f9fc077087a91adff2cacb7a1248f630..a9a70262b7a1d798e6d0e0852c95c015a9b96cf6 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,97 +1,86 @@
-stages: [lint, test, postTest, deploy, deploy-live]
-
+# You can override the included template(s) by including variable overrides
+# See https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#priority-of-environment-variables
+stages:
+- lint
+- test
+- postTest
+- deploy
+- deploy-live
 variables:
   CI_TEST_IMAGE: gitlab.office.databay.de:5005/docker/php-fpm-xdebug:7.2-fpm
   CI_IMAGE: gitlab.office.databay.de:5005/tjoussen/ci-toolbox:latest
   GIT_STRATEGY: clone
-
-
 jscpd:
-    stage: lint
-    image: node:latest
-    allow_failure: true
-    tags:
-        - docker-build
-    script:
-        - npm install jscpd jscpd-badge-reporter -g --unsafe-perm
-        - git checkout -B "$CI_BUILD_REF_NAME" "$CI_BUILD_REF"
-        - jscpd ./
-        - git config --global user.email "$GITLAB_USER_EMAIL"
-        - git config --global user.name "CI REPORTER"
-        - git add report/jscpd-report.html
-        - git commit -m "Add new Report to report/jscpd-report.html [ci-skip]"
-        - git push -o ci.skip git@gitlab.databay.de:SeminarCatalog/SeminarCatalog.git master
-
-    artifacts:
-        paths:
-          - report/jscpd-report.html
-        expire_in: 1 week
-
-
-
-# Code Quality Check in Feature Branches mit merge Request
-#include:
-#  - template: Code-Quality.gitlab-ci.yml
-#code_quality:
-#  tags: [dind2]
-#  rules:
-#    - if: '$CODE_QUALITY_DISABLED'
-#      when: never
-#    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' # Run code quality job in merge request pipelines
-#    - if: '$CI_COMMIT_TAG'
-
+  stage: lint
+  image: node:latest
+  allow_failure: true
+  tags:
+  - docker-build
+  script:
+  - npm install jscpd jscpd-badge-reporter -g --unsafe-perm
+  - git checkout -B "$CI_BUILD_REF_NAME" "$CI_BUILD_REF"
+  - jscpd ./
+  - git config --global user.email "$GITLAB_USER_EMAIL"
+  - git config --global user.name "CI REPORTER"
+  - git add report/jscpd-report.html
+  - git commit -m "Add new Report to report/jscpd-report.html [ci-skip]"
+  - git push -o ci.skip git@gitlab.databay.de:SeminarCatalog/SeminarCatalog.git master
+  artifacts:
+    paths:
+    - report/jscpd-report.html
+    expire_in: 1 week
 phpunit:
   stage: test
   image: gitlab.office.databay.de:5005/docker/php-fpm-pcov:7.2-fpm
   tags:
-    - ci
+  - ci
   script:
-    - composer install
-    - composer require pcov/clobber --dev --ignore-platform-reqs
-    - ./vendor/bin/phpunit --coverage-text --whitelist src/ tests
-
-
+  - composer install
+  - composer require pcov/clobber --dev --ignore-platform-reqs
+  - "./vendor/bin/phpunit --coverage-text --whitelist src/ tests"
 checkCoverage:
   image: alpine:latest
   stage: postTest
   needs:
-    - phpunit
+  - phpunit
   variables:
     TARGET_JOB_NAME: phpunit
     CURRENT_JOB_NAME: phpunit
     TARGET_BRANCH: master
   before_script:
-    - apk add --update --no-cache curl jq
+  - apk add --update --no-cache curl jq
   script:
-    - echo "Check Coverage"
-   # - TARGET_PIPELINE_ID=`curl -s "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/pipelines?ref=${TARGET_BRANCH}&status=success&private_token=${PRIVATE_TOKEN}" | jq ".[0].id"`
-   # - TARGET_COVERAGE=`curl -s "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/pipelines/${TARGET_PIPELINE_ID}/jobs?private_token=${PRIVATE_TOKEN}" | jq --arg JOB_NAME "$TARGET_JOB_NAME" '.[] | select(.name==$JOB_NAME) | .coverage'`
-   # - CURRENT_COVERAGE=`curl -s "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/pipelines/${CI_PIPELINE_ID}/jobs?private_token=${PRIVATE_TOKEN}" | jq --arg JOB_NAME "$CURRENT_JOB_NAME" '.[] | select(.name==$JOB_NAME) | .coverage'`
-   # - if [ 1 = $(echo "$TARGET_COVERAGE - 0.01 > $CURRENT_COVERAGE" |bc -l) ]; then echo "Coverage decreased from ${TARGET_COVERAGE} to ${CURRENT_COVERAGE}" && exit 1; else echo "Coverage increased from ${TARGET_COVERAGE} to ${CURRENT_COVERAGE}" && exit 0; fi;
-
-
+  - echo "Check Coverage"
 deploy_review:
   image: gitlab.office.databay.de:5005/tjoussen/ci-toolbox:latest
   stage: deploy
   script:
-    - echo "Deploy a review app"
-    - echo $CI_COMMIT_REF_NAME
-    - echo $CI_ENVIRONMENT_SLUG
-    - ssh -i /root/.ssh/gitlab_databay_ci_key -o StrictHostKeyChecking=no root@gitlabpipelines.invorbereitung.de "cd /srv/www/gitlabpipelines.invorbereitung.de && rm $CI_ENVIRONMENT_SLUG -rf && git clone https://gitlab.databay.de/amichels_local/gitlab-pipelines -b $CI_COMMIT_REF_NAME $CI_ENVIRONMENT_SLUG"
+  - echo "Deploy a review app"
+  - echo $CI_COMMIT_REF_NAME
+  - echo $CI_ENVIRONMENT_SLUG
+  - ssh -i /root/.ssh/gitlab_databay_ci_key -o StrictHostKeyChecking=no root@gitlabpipelines.invorbereitung.de
+    "cd /srv/www/gitlabpipelines.invorbereitung.de && rm $CI_ENVIRONMENT_SLUG -rf
+    && git clone https://gitlab.databay.de/amichels_local/gitlab-pipelines -b $CI_COMMIT_REF_NAME
+    $CI_ENVIRONMENT_SLUG"
   environment:
     name: review/$CI_COMMIT_REF_NAME
     url: https://gitlabpipelines.invorbereitung.de/$CI_ENVIRONMENT_SLUG
   only:
-    - branches
+  - branches
   except:
-    - master
-
+  - master
 deploy:
   stage: deploy-live
   image: gitlab.office.databay.de:5005/docker/php-fpm-pcov:7.2-fpm
   only:
-    - master
+  - master
   tags:
-    - ci
+  - ci
   script:
-    - echo "deploying app to server"
\ No newline at end of file
+  - echo "deploying app to server"
+sast:
+  stage: test
+include:
+- template: Security/SAST.gitlab-ci.yml