Add container scanning

https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings

something like :

include:
  - template: Jobs/Build.gitlab-ci.yml
  - template: Security/Container-Scanning.gitlab-ci.yml

container_scanning:
  variables:
    CS_DEFAULT_BRANCH_IMAGE: $CI_REGISTRY_IMAGE/$CI_DEFAULT_BRANCH:$CI_COMMIT_SHA

Just after buildkit run;

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information