This READMEexplains the whole process, from start to finish, on how to setup a custom Security Pipeline using GitLab.
The starting point is a an already vulnerable application, for this example https://github.com/appsecco/dvna will be used.
The repo is cloned and pushed as-is in a new GitLab Project (empty). The first thing to do is enable a runner for our pipeline, this can be done in the Settings -> CI/CD section of the project