Static code analysis tools (SAST)
Do you do static code analysis for security analysis?
Such tools are quite easy and cheap, so consider adding them for security reasons.
Partly depends on #12 (closed)
Maybe try out GitLab Auto DevOps – it may include such a thing.
Edited by rugk