adding a handy example showing how to automate the pentest within the CI pipeline

[newlight77]

… CI pipeline

This uses docker and docker-compose to run sandbox with sonarqube, zap tool and zap-sonar-plugin altogether in 3 steps :

1. run a sonarqube instance using docker with zap-sonar-plugin installed
2. generate a zapproxy.html report
3. publish the zapproxy.html report to sonarqube