diff --git a/.codeclimate.yml b/.codeclimate.yml
new file mode 100644
index 0000000000000000000000000000000000000000..82612386e47331b31b1f49fb43613650d5ac0190
--- /dev/null
+++ b/.codeclimate.yml
@@ -0,0 +1,66 @@
+# SPDX-FileCopyrightText: Copyright 2023 Arm Limited and/or its
+# affiliates
+#
+# SPDX-License-Identifier: MIT
+---
+version: "2"
+plugins:
+ structure:
+ pep8:
+ enabled: true
+ sonar-python:
+ enabled: true
+ shellcheck:
+ enabled: true
+ file_types:
+ - "shell script"
+ - "bats script"
+ - "bash script"
+ fixme:
+ enabled: true
+ exclude_patterns:
+ - "/Dangerfile"
+ cspell:
+ enabled: true
+ exclude_patterns:
+ - "CHANGELOG.md"
+ - ".gitignore"
+ - "**.cfg"
+ - "documentation/Makefile"
+ - "**.patch"
+ dict_path: "qa-checks/cassini-bsp-dictionary"
+ yamllint:
+ enabled: true
+ oelint-adv:
+ enabled: true
+ suppressions:
+ # Not all suggested variables are applicable to all files.
+ - 'oelint.var.suggestedvar'
+ # 'BBCLASSEXTEND' variable will only be set when required.
+ # Hence, we don't need to set it for all recipes.
+ - 'oelint.var.bbclassextend'
+ # Some filenames have - in the version number.
+ - 'oelint.file.underscores'
+ # Codeclimate disables network access which prevents
+ # oelint-adv from pinging the URLs.
+ - 'oelint.vars.homepageping'
+ # In some cases, we want to use the include directive.
+ # But for some reason, the in-line suppression for this
+ # check doesn't work.
+ - 'oelint.file.requireinclude'
+ # The oelint-adv is not able to find .inc files from other layers
+ # and the in-line suppression for this check doesn't work.
+ - 'oelint.file.requirenotfound'
+ # This check is done for all variables,
+ # and suppressing it for each case is not feasible.
+ - 'oelint.vars.multilineident'
+
+exclude_patterns:
+ - ".csslintrc"
+ - ".eslintrc.yml"
+ - ".eslintignore"
+ - ".rubocop.yml"
+ - "coffeelint.json"
+ - "*.png"
+ - "*.pyc"
+ - ".config.yaml*"
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000000000000000000000000000000000000..9dca7f413a46095d49b78ba38b44199126a9ae10
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,108 @@
+# SPDX-FileCopyrightText: Copyright 2023 Arm Limited and/or its
+# affiliates
+#
+# SPDX-License-Identifier: MIT
+---
+variables:
+ CI_DEBUG_TRACE:
+ value: 'false'
+ options:
+ - 'true'
+ - 'false'
+ description: Enable debug information output to the log
+ META_CASSINI_BUILD_IMAGE:
+ value: none
+ description: Comma separated list of images to build
+ (none, all-images, k3s)
+ META_CASSINI_BUILD_PLATFORM:
+ value: none
+ description: Comma separated list of platforms to build
+ (none, all-platforms, corstone1000-mps3, corstone1000-fvp,
+ n1sdp)
+ META_CASSINI_FORCE_TESTS:
+ value: none
+ description: Comma separated list of tests that must be run
+ (all, ptest, acs, sanity)
+
+# include jobs
+include:
+ - project: $PIPELINE_TEMPLATE_PROJECT
+ ref: v1.6.3
+ file:
+ - gitlab-ci/common_gitlab-ci.yml
+ - gitlab-ci/danger-review_gitlab-ci.yml
+ - gitlab-ci/static-analysis_gitlab-ci.yml
+ - local: '.gitlab/ci/rules.yml'
+
+trigger-meta-cassini:
+ inherit:
+ variables: false
+ stage: Build
+ rules:
+ - if: $META_CASSINI_PROJECT == ""
+ when: never
+ - if: '$CI_MERGE_REQUEST_IID == "push"'
+ variables:
+ META_CASSINI_TARGET_BRANCH: "${CI_MERGE_REQUEST_TARGET_BRANCH_NAME}-dev"
+ - if: '$PARENT_PIPELINE_SOURCE == "schedule"'
+ variables:
+ META_CASSINI_TARGET_BRANCH: "${CI_COMMIT_BRANCH}-dev"
+ - if: $META_CASSINI_TARGET_BRANCH == ""
+ when: never
+ - !reference [".build-image:rules:k3s", rules]
+ - !reference [".build-image:rules:k3s-dev", rules]
+ - !reference [".build-image:rules:k3s-sdk", rules]
+ - !reference [".build-image:rules:n1sdp-and-corstone1000", rules]
+ - !reference [".build-image:rules:n1sdp", rules]
+ - !reference [".build-image:rules:corstone1000", rules]
+ - !reference [".build-image:rules:scheduled-or-manual", rules]
+ trigger:
+ project: $META_CASSINI_PROJECT
+ branch: $META_CASSINI_TARGET_BRANCH
+ strategy: depend
+ variables:
+ CI_DEBUG_TRACE:
+ value: $CI_DEBUG_TRACE
+ BUILD_IMAGE:
+ value: $META_CASSINI_BUILD_IMAGE
+ BUILD_PLATFORM:
+ value: $META_CASSINI_BUILD_PLATFORM
+ FORCE_TESTS:
+ value: $META_CASSINI_FORCE_TESTS
+ PARENT_PIPELINE_ID: $CI_PIPELINE_ID
+ REPOS_BSP_URL: $CI_PROJECT_URL
+ REPOS_BSP_REFSPEC: $CI_COMMIT_SHA
+ CODE_QUALITY_DISABLED: "true"
+ SAST_DISABLED: "true"
+ SECRET_DETECTION_DISABLED: "true"
+
+Download-Results:
+ stage: Test
+ rules:
+ - if: '$META_CASSINI_PROJECT == "" || $META_CASSINI_TARGET_BRANCH == ""'
+ when: never
+ extends: .resource-request
+ image: "${MIRROR_DOCKER}/python:slim"
+ dependencies:
+ - trigger-meta-cassini
+ before_script:
+ - apt-get update
+ - apt-get install --no-install-recommends -y curl jq unzip
+ script:
+ - |
+ proj_api="${CI_API_V4_URL}/projects"
+ downstream_project_id="$(curl -sS \
+ --header "PRIVATE-TOKEN: ${PRIVATE_CI_TOKEN}" \
+ "${proj_api}/${CI_PROJECT_ID}/pipelines/${CI_PIPELINE_ID}/bridges" \
+ | jq ".[].downstream_pipeline | (.project_id)")"
+ curl --output artifacts.zip --location \
+ --header "PRIVATE-TOKEN: ${PRIVATE_CI_TOKEN}" \
+ "${proj_api}/${downstream_project_id}/jobs/artifacts/${META_CASSINI_TARGET_BRANCH}/download?job=Collate-Results"
+ - unzip -o \*.zip
+ artifacts:
+ paths:
+ - TEST-ChildPipeline-*.xml
+ reports:
+ junit:
+ - TEST-ChildPipeline-*.xml
+ expire_in: 1 month
diff --git a/.gitlab/ci/rules.yml b/.gitlab/ci/rules.yml
new file mode 100644
index 0000000000000000000000000000000000000000..0d1babf79097cab4240e421d04f6817dc79c54f3
--- /dev/null
+++ b/.gitlab/ci/rules.yml
@@ -0,0 +1,101 @@
+# SPDX-FileCopyrightText: Copyright 2023 Arm Limited and/or its
+# affiliates
+#
+# SPDX-License-Identifier: MIT
+---
+# Conditions
+.if-merge-request: &if-merge-request
+ if: '$CI_MERGE_REQUEST_IID'
+
+.if-merge-request-or-push: &if-merge-request-or-push
+ if: '$CI_MERGE_REQUEST_IID || $CI_PIPELINE_SOURCE == "push"'
+
+.if-scheduled-or-manual: &if-scheduled-or-manual
+ if: '$CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_SOURCE == "web"'
+
+.if-parent-scheduled-or-manual: &if-parent-scheduled-or-manual
+ if: '$PARENT_PIPELINE_SOURCE == "schedule" ||
+ $PARENT_PIPELINE_SOURCE == "web"'
+
+# Changes patterns
+.build-common: &build-common
+ - "grub/**/*"
+ - "meta-security/**/*"
+
+.build-n1sdp: &build-n1sdp
+ - "conf/machine/include/n1sdp-cassini-extra-settings.inc"
+ - "meta-arm/meta-arm-bsp/recipes-security/**/*"
+
+.build-corstone1000: &build-corstone1000
+ - "conf/machine/include/corstone1000-*-cassini-extra-settings.inc"
+ - "conf/multiconfig/firmware.conf"
+ - "meta-arm/meta-arm-bsp/recipes-bsp/u-boot/**/*"
+ - "meta-arm/meta-arm-bsp/recipes-core/**/*"
+ - "meta-arm/meta-arm-bsp/recipes-kernel/**/*"
+ - "meta-arm/meta-arm-bsp/wic/*"
+
+.build-n1sdp-and-corstone1000: &build-n1sdp-and-corstone1000
+ - "conf/layer.conf"
+
+# Build rules
+.build-image:rules:n1sdp:
+ rules:
+ - <<: *if-merge-request-or-push
+ changes: *build-n1sdp
+ variables:
+ META_CASSINI_BUILD_IMAGE: 'k3s'
+ META_CASSINI_BUILD_PLATFORM: 'n1sdp'
+
+.build-image:rules:corstone1000:
+ rules:
+ - <<: *if-merge-request-or-push
+ changes: *build-corstone1000
+ variables:
+ META_CASSINI_BUILD_IMAGE: 'k3s'
+ META_CASSINI_BUILD_PLATFORM: 'corstone1000-fvp'
+
+.build-image:rules:n1sdp-and-corstone1000:
+ rules:
+ - <<: *if-merge-request-or-push
+ changes: *build-n1sdp-and-corstone1000
+ variables:
+ META_CASSINI_BUILD_IMAGE: 'k3s'
+ META_CASSINI_BUILD_PLATFORM: 'n1sdp, corstone1000-fvp'
+
+.build-image:rules:k3s:
+ rules:
+ - <<: *if-merge-request-or-push
+ changes: *build-common
+ variables:
+ META_CASSINI_BUILD_IMAGE: 'k3s'
+ META_CASSINI_BUILD_PLATFORM: 'all-platforms'
+
+.build-image:rules:k3s-dev:
+ rules:
+ - <<: *if-merge-request-or-push
+ changes: *build-common
+ variables:
+ META_CASSINI_BUILD_IMAGE: 'k3s'
+ META_CASSINI_BUILD_PLATFORM: 'all-platforms'
+
+.build-image:rules:k3s-sdk:
+ rules:
+ - <<: *if-merge-request-or-push
+ changes: *build-common
+ variables:
+ META_CASSINI_BUILD_IMAGE: 'k3s'
+ META_CASSINI_BUILD_PLATFORM: 'all-platforms'
+
+.build-image:rules:scheduled-or-manual:
+ rules:
+ - <<: *if-scheduled-or-manual
+ variables:
+ META_CASSINI_BUILD_IMAGE: 'k3s'
+ META_CASSINI_BUILD_PLATFORM: 'all-platforms'
+
+.build-image:rules:merge-request-or-push:
+ rules:
+ - <<: *if-merge-request-or-push
+ variables:
+ META_CASSINI_BUILD_IMAGE: 'k3s'
+ META_CASSINI_BUILD_PLATFORM: 'all-platforms'
diff --git a/Dangerfile b/Dangerfile
new file mode 100644
index 0000000000000000000000000000000000000000..bd2dd49bb2efb193becdbd6eccb22d220fc5c1b8
--- /dev/null
+++ b/Dangerfile
@@ -0,0 +1,25 @@
+# SPDX-FileCopyrightText: Copyright 2023 Arm Limited and/or its
+# affiliates
+#
+# SPDX-License-Identifier: MIT
+
+require 'embed-a-dangerfiles'
+
+# @verbose = true
+
+Embed_A::Dangerfiles.for_project(self) do |dangerfiles|
+ # Import all plugins from the gem
+ dangerfiles.import_plugins
+ helper.config.dict_path = "qa-checks/cassini-bsp-dictionary"
+ # Import all rules from the gem
+ dangerfiles.import_dangerfiles
+end
+
+# Warn if the MR changes the Dangerfile
+if git.modified_files.include? "Dangerfile"
+ warn "This MR modifies Dangerfile! Watch for the rules!"
+end
+
+# Warn about remaining TODO's
+todoist.warn_for_todos
+todoist.print_todos_table
diff --git a/qa-checks/cassini-bsp-dictionary b/qa-checks/cassini-bsp-dictionary
new file mode 100644
index 0000000000000000000000000000000000000000..650492427ffc4573f5f02f16dd821d34e68b8103
--- /dev/null
+++ b/qa-checks/cassini-bsp-dictionary
@@ -0,0 +1,73 @@
+# SPDX-FileCopyrightText: Copyright 2023 Arm Limited and/or its
+# affiliates
+#
+# SPDX-License-Identifier: MIT
+alsa
+backend
+bmap
+bmaptool
+bootimg
+bootloader
+buildable
+BUILDIN
+cassini
+cgroups
+config
+configfile
+corstone
+cpio
+distro
+DISTROOVERRIDES
+efidisk
+eglibc
+envparse
+extfs
+flashfw
+fstype
+gcsections
+gettext
+gitlab
+gitlab-ciyml
+gzio
+homepageping
+initscripts
+kernelcfg
+LIBC
+Linaro
+mandatoryvar
+mdev
+meta-cassini-bsp
+modutils
+msdos
+mtrace
+multiconfig
+multiinclude
+multilineident
+N1SDP
+nanbield
+nativesdk
+netbase
+networkd
+nooelint
+opkg
+optee
+packagegroup
+posix
+ptable
+readlink
+requireinclude
+requirenotfound
+SAST
+SDHC
+sourceparams
+srcurifile
+suggestedvar
+udev
+unitdir
+usbgadget
+usbhost
+VIRT
+wchar
+WIDEC
+xtests
+zeroconf
\ No newline at end of file