diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 7349ba0a57301abf71e1ac2eae736383a2f64b59..20055560485616ad47e87a8f363de155abd7a05c 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,80 +1,109 @@
-default:
-  image:
-    name: quay.io/rhn_support_ofalk/fedora35-python3
-    entrypoint: [ '/bin/sh', '-c' ]
-
 before_script:
-  - virtualenv -p python3 /tmp/.virtualenv
-  - source /tmp/.virtualenv/bin/activate
-  - pip install Pillow
-  - pip install -r requirements.txt
-  - pip install python-coveralls
-  - pip install coverage
-  - pip install pycco
-  - pip install django_coverage_plugin
+- virtualenv -p python3 /tmp/.virtualenv
+- source /tmp/.virtualenv/bin/activate
+- pip install Pillow
+- pip install -r requirements.txt
+- pip install python-coveralls
+- pip install coverage
+- pip install pycco
+- pip install django_coverage_plugin
 
 test_and_coverage:
+  image:
+    name: quay.io/rhn_support_ofalk/fedora35-python3
+    entrypoint:
+    - "/bin/sh"
+    - "-c"
   stage: test
-  coverage: '/^TOTAL.*\s+(\d+\%)$/'
+  coverage: "/^TOTAL.*\\s+(\\d+\\%)$/"
   script:
-    - echo 'from ivatar.settings import TEMPLATES' > config_local.py
-    - echo 'TEMPLATES[0]["OPTIONS"]["debug"] = True' >> config_local.py
-    - echo "DEBUG = True" >> config_local.py
-    - echo "from config import CACHES" >> config_local.py
-    - echo "CACHES['default'] = CACHES['filesystem']" >> config_local.py
-    - python manage.py collectstatic --noinput
-    - coverage run --source . manage.py test -v3
-    - coverage report --fail-under=70
-    - coverage html
+  - echo 'from ivatar.settings import TEMPLATES' > config_local.py
+  - echo 'TEMPLATES[0]["OPTIONS"]["debug"] = True' >> config_local.py
+  - echo "DEBUG = True" >> config_local.py
+  - echo "from config import CACHES" >> config_local.py
+  - echo "CACHES['default'] = CACHES['filesystem']" >> config_local.py
+  - python manage.py collectstatic --noinput
+  - coverage run --source . manage.py test -v3
+  - coverage report --fail-under=70
+  - coverage html
   artifacts:
     paths:
-      - htmlcov/
+    - htmlcov/
 
 pycco:
+  image:
+    name: quay.io/rhn_support_ofalk/fedora35-python3
+    entrypoint:
+    - "/bin/sh"
+    - "-c"
   stage: test
   script:
-    - /bin/true
-    - find ivatar/ -type f -name "*.py"|grep -v __pycache__|grep -v __init__.py|grep -v /migrations/ | xargs pycco -p -d pycco -i -s
+  - "/bin/true"
+  - find ivatar/ -type f -name "*.py"|grep -v __pycache__|grep -v __init__.py|grep
+    -v /migrations/ | xargs pycco -p -d pycco -i -s
   artifacts:
     paths:
-      - pycco/
+    - pycco/
     expire_in: 14 days
 
 pages:
+  image:
+    name: quay.io/rhn_support_ofalk/fedora35-python3
+    entrypoint:
+    - "/bin/sh"
+    - "-c"
   before_script:
-    - /bin/true
-    - /bin/true
+  - "/bin/true"
+  - "/bin/true"
   stage: deploy
   dependencies:
-    - test_and_coverage
-    - pycco
+  - test_and_coverage
+  - pycco
   script:
-    - mv htmlcov/ public/
-    - mv pycco/ public/
+  - mv htmlcov/ public/
+  - mv pycco/ public/
   artifacts:
     paths:
-      - public
+    - public
     expire_in: 14 days
   only:
-    - master
+  - master
 
 build-image:
   image: docker
   services:
-    - docker:dind
+  - docker:dind
   before_script:
-    - docker info
-    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
-
+  - docker info
+  - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
   script:
-     - ls -lah
-     - |
-       if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
-         tag=""
-         echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'"
-       else
-         tag=":$CI_COMMIT_REF_SLUG"
-         echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
-       fi
-     - docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
-     - docker push "$CI_REGISTRY_IMAGE${tag}"
+  - ls -lah
+  - |
+    if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
+      tag=""
+      echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'"
+    else
+      tag=":$CI_COMMIT_REF_SLUG"
+      echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
+    fi
+  - docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
+  - docker push "$CI_REGISTRY_IMAGE${tag}"
+stages:
+- build
+- test
+- deploy
+- review
+- dast
+- staging
+- canary
+- production
+- incremental rollout 10%
+- incremental rollout 25%
+- incremental rollout 50%
+- incremental rollout 100%
+- performance
+- cleanup
+sast:
+  stage: test
+include:
+- template: Auto-DevOps.gitlab-ci.yml
\ No newline at end of file