diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 2a68590..707edce 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -43,6 +43,7 @@ pages:
     FILE_INPUT: "index.html,107524048,CI Templates"
   extends: .pages-template
 
+
 .release-template:
   trigger:
     include: pipelines/update-version-pipeline.gitlab-ci.yml
diff --git a/documentation/chapters/templates/repo-cve-scan.adoc b/documentation/chapters/templates/repo-cve-scan.adoc
new file mode 100644
index 0000000..5c8e5a8
--- /dev/null
+++ b/documentation/chapters/templates/repo-cve-scan.adoc
@@ -0,0 +1,30 @@
+:sourcedir: ../../../
+
+= Repo-CVE-Scan
+
+Scanned die gesamte Repo mit Trivy auf CVEs und Konfigurationsproblemen in Deployment files.
+
+.Variables
+|===
+|Name |Description | Default Value
+|EXITCODE
+| Definiert den Exitcode der benutzt wird, wenn Trivy Probleme findet.
+Bei 0 läuft die Pipeline durch, auch wenn Probleme gefunden werden.
+Überlege, ob du die Flag `allow_failure: false` benutzen willst.
+| 1
+
+|TRIVY_EXTRA_ARGS
+| Weitere Argumente die du an Trivy übergeben kannst.
+| --no-progress --ignore-unfixed --severity HIGH,CRITICAL
+
+|SCAN_PATH
+| Der Path ab dem Trivy die Repo scannen soll.
+| Root der Repository
+
+|===
+
+.Repo CVE scan template
+[source, yaml]
+----
+include::{sourcedir}/repo-cve-scan.gitlab-ci.yml[]
+----
\ No newline at end of file
diff --git a/documentation/document.adoc b/documentation/document.adoc
index cb69215..bc0998a 100644
--- a/documentation/document.adoc
+++ b/documentation/document.adoc
@@ -83,6 +83,10 @@ Sollte dieser noch nicht vorhanden sein kann er mit dem Befehl `gradle wrapper`
 include::chapters/templates/gradle-build-template.adoc[leveloffset=2]
 include::chapters/templates/gradle-test-template.adoc[leveloffset=2]
 
+== Misc
+
+include::chapters/templates/repo-cve-scan.adoc[leveloffset=2]
+
 == Weitere Gilden-Tools
 
 include::chapters/templates/tool-sonar7.adoc[leveloffset=2]
diff --git a/repo-cve-scan.gitlab-ci.yml b/repo-cve-scan.gitlab-ci.yml
new file mode 100644
index 0000000..f62358a
--- /dev/null
+++ b/repo-cve-scan.gitlab-ci.yml
@@ -0,0 +1,20 @@
+.repo_cve_scan:
+  image:
+    name: docker.io/aquasec/trivy:0.24.2
+    entrypoint: [ "" ]
+  stage: test
+  needs: []
+  variables:
+    EXITCODE: 1
+    TRIVY_EXTRA_ARGS: "--no-progress --ignore-unfixed --severity HIGH,CRITICAL"
+    SCAN_PATH: "."
+  cache:
+    paths:
+      - .trivycache/
+  artifacts:
+    reports:
+      junit: junit-report.xml
+  script:
+    # Builds report and puts it in the default workdir $CI_PROJECT_DIR, so artifacts: can take it from there
+    - trivy --cache-dir .trivycache/ fs --timeout 15m $TRIVY_EXTRA_ARGS --exit-code 0 --security-checks vuln,config --format template  --format template --template "/contrib/junit.tpl" -o junit-report.xml $SCAN_PATH
+    - trivy --cache-dir .trivycache/ fs --timeout 15m $TRIVY_EXTRA_ARGS --exit-code $EXITCODE --security-checks vuln,config $SCAN_PATH