Merge remote-tracking branch 'upstream/master'

# Conflicts:
#	.gitlab-ci.yml
#	README.md

.gitlab/merge_request_templates/initial.md

@@ -13,8 +13,8 @@ Template type: **build** / **analyse** / **package** / **deploy** / **acceptance
     * [ ] add project logo (`logo.png` file) - preferably 256x256
     * [ ] define [Merge Request pipeline](https://to-be-continuous.gitlab.io/doc/usage/#merge-request-workflow) as the default workflow strategy
     * [ ] defines a base (hidden) job
-    * [ ] use [rules](https://docs.gitlab.com/ee/ci/yaml/#rules) instead of [only/except](https://docs.gitlab.com/ee/ci/yaml/#onlyexcept-advanced)
-    * [ ] optimized [cache](https://docs.gitlab.com/ee/ci/caching/) configuration (wherever applicable)
+    * [ ] use [rules](https://docs.gitlab.com/ci/yaml/#rules) instead of [only/except](https://docs.gitlab.com/ci/yaml/#onlyexcept-advanced)
+    * [ ] optimized [cache](https://docs.gitlab.com/ci/caching/) configuration (wherever applicable)
 * Publicly usable:
     * [ ] runners: untagged
     * [ ] no proxy configuration but support `http_proxy`/`https_proxy`/`no_proxy` configuration 
@@ -40,9 +40,9 @@ Template type: **build** / **analyse** / **package** / **deploy** / **acceptance
     * (type here the used build & test tools/frameworks)
     * [ ] mapped to the `build` stage
     * [ ] declare a common `.test-policy` job with rules implementing the [Adaptive Pipeline strategy](https://to-be-continuous.gitlab.io/doc/usage/#test-analysis-jobs-rules) and use in test & SAST jobs
-    * [ ] unit tests report integration using [JUnit test report](https://docs.gitlab.com/ee/ci/yaml/artifacts_reports.html#artifactsreportsjunit)
-    * [ ] code coverage computing and [integration](https://docs.gitlab.com/ee/ci/yaml/#coverage)
-    * [ ] optimized [cache](https://docs.gitlab.com/ee/ci/caching/) configuration
+    * [ ] unit tests report integration using [JUnit test report](https://docs.gitlab.com/ci/yaml/artifacts_reports/#artifactsreportsjunit)
+    * [ ] code coverage computing and [integration](https://docs.gitlab.com/ci/yaml/#coverage)
+    * [ ] optimized [cache](https://docs.gitlab.com/ci/caching/) configuration
 * (optional) Code analysis job(s):
     * (type here the used code analysis tools)
     * [ ] mapped to the `test` stage
@@ -79,14 +79,14 @@ Template type: **build** / **analyse** / **package** / **deploy** / **acceptance
 * Deployment jobs:
     * [ ] one hidden deploy job prototype
     * [ ] persist and propagate the `$CI_ENVIRONMENT_URL` variable as `environment_url` variable using a 
-      [dotenv artifact](https://docs.gitlab.com/ee/ci/pipelines/job_artifacts.html#artifactsreportsdotenv)
+      [dotenv artifact](https://docs.gitlab.com/ci/yaml/artifacts_reports/#artifactsreportsdotenv)
     * [ ] each env can be enabled/disabled by configuration
-    * [ ] each env uses the [`resource_group`](https://docs.gitlab.com/ee/ci/yaml/#resource_group) feature to prevent 
+    * [ ] each env uses the [`resource_group`](https://docs.gitlab.com/ci/yaml/#resource_group) feature to prevent 
       multiple pipelines from deploying to the same environment at the same time
     * [ ] **review** deployment job
         * mapped to the `deploy` stage
         * must be executed on non-`master`, non-`develop` branches only
-        * must reference the **cleanup-review** job (see below) in its [`environment:on_stop`](https://docs.gitlab.com/ee/ci/yaml/#environmenton_stop)
+        * must reference the **cleanup-review** job (see below) in its [`environment:on_stop`](https://docs.gitlab.com/ci/yaml/#environmenton_stop)
     * [ ] **integration** deployment job
         * mapped to the `deploy` stage
         * must be executed on `develop` branch only
@@ -101,7 +101,7 @@ Template type: **build** / **analyse** / **package** / **deploy** / **acceptance
     * [ ] **review** cleanup job
         * mapped to the `deploy` stage
         * must be executed on non-`master`, non-`develop` branches only
-        * must be associated to the [`environment:action:stop`](https://docs.gitlab.com/ee/ci/yaml/#environmentaction) event
+        * must be associated to the [`environment:action:stop`](https://docs.gitlab.com/ci/yaml/#environmentaction) event
 * (optional) Analysis job(s) (linters, dependency checks, ...) depending on the technologies:
     * [ ] mapped to the `test` stage
     * [ ] declare a common `.test-policy` job with rules implementing the [Adaptive Pipeline strategy](https://to-be-continuous.gitlab.io/doc/usage/#test-analysis-jobs-rules) and use in test & SAST jobs
@@ -113,7 +113,7 @@ Template type: **build** / **analyse** / **package** / **deploy** / **acceptance
 * Acceptance test job:
     * [ ] mapped to the `acceptance` stage
     * [ ] declare a common `.acceptance-policy` job with rules implementing the [Adaptive Pipeline strategy](https://to-be-continuous.gitlab.io/doc/usage/#test-analysis-jobs-rules) and use in test & SAST jobs
-    * [ ] tests report integration using [JUnit test report](https://docs.gitlab.com/ee/ci/yaml/artifacts_reports.html#artifactsreportsjunit)
+    * [ ] tests report integration using [JUnit test report](https://docs.gitlab.com/ci/yaml/artifacts_reports/#artifactsreportsjunit)
     * [ ] auto-evaluating the environment url to test based on the possible upstream `$environment_url` variable or via 
       an `environment_url.txt` file.
 

.gitlab/merge_request_templates/new_feature.md

@@ -8,8 +8,8 @@ Closes #999
 ## Checklist
 
 * General:
-    * [ ] use [rules](https://docs.gitlab.com/ee/ci/yaml/#rules) instead of [only/except](https://docs.gitlab.com/ee/ci/yaml/#onlyexcept-advanced)
-    * [ ] optimized [cache](https://docs.gitlab.com/ee/ci/caching/) configuration (wherever applicable)
+    * [ ] use [rules](https://docs.gitlab.com/ci/yaml/#rules) instead of [only/except](https://docs.gitlab.com/ci/yaml/#onlyexcept-advanced)
+    * [ ] optimized [cache](https://docs.gitlab.com/ci/caching/) configuration (wherever applicable)
 * Publicly usable:
     * [ ] untagged runners
     * [ ] no proxy configuration but support `http_proxy`/`https_proxy`/`no_proxy`

CONTRIBUTING.md

@@ -61,7 +61,7 @@ To contribute:
 
 1. Create an issue describing the bug or enhancement you want to propose (select the right issue template).
 2. Make sure the issue has been reviewed and agreed.
-3. Create a Merge Request, from your **own** fork (see [forking workflow](https://docs.gitlab.com/ee/user/project/repository/forking_workflow.html) documentation).
+3. Create a Merge Request, from your **own** fork (see [forking workflow](https://docs.gitlab.com/user/project/repository/forking_workflow/) documentation).
    Don't hesitate to mark your MR as `Draft` as long as you think it's not ready to be reviewed.
 
 ### Git Commit Conventions

README.md

@@ -4,8 +4,8 @@ Automate your dependency updates with [Renovate](https://www.mend.io/renovate/).
 
 ## Usage
 
-This template can be used both as a [CI/CD component](https://docs.gitlab.com/ee/ci/components/#use-a-component)
-or using the legacy [`include:project`](https://docs.gitlab.com/ee/ci/yaml/index.html#includeproject) syntax.
+This template can be used both as a [CI/CD component](https://docs.gitlab.com/ci/components/#use-a-component)
+or using the legacy [`include:project`](https://docs.gitlab.com/ci/yaml/#includeproject) syntax.
 
 ### Use as a CI/CD component
 
@@ -34,8 +34,9 @@ include:
 The Renovate template uses some global configuration used throughout all jobs.
 
 | Input / Variable           | Description                                                                                                                                               | Default value                                      |
-|------------------------|---------------------------------------------------------------------------------|-------------------|
-| `image` / `RENOVATE_IMAGE` | The Docker image used to run Renovate                                           | `registry.hub.docker.com/renovate/renovate:latest` |
+| -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------- |
+| `image` / `RENOVATE_IMAGE` | The Docker image used to run Renovate                                                                                                                     | `registry.hub.docker.com/renovate/renovate:latest` <br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-RENOVATE_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-RENOVATE_IMAGE) |
+| `onboarding-config` / `RENOVATE_ONBOARDING_CONFIG` | Renovate configuration to use for onboarding Renovate                                                                                                                     | [see below](#default-onboarding-configuration) |
 | :lock: `RENOVATE_TOKEN`    | A GitLab access token to allow Renovate crawl your projects. [See doc](https://docs.renovatebot.com/modules/platform/gitlab/#authentication)              | _none_                                             |
 | :lock: `GITHUB_COM_TOKEN`  | A GitHub access token to allow Renovate fetch changelogs. [See doc](https://docs.renovatebot.com/getting-started/running/#githubcom-token-for-changelogs) | _none_                                             |
 | `renovate-validator-job-tags` / `RENOVATE_VALIDATOR_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |