diff --git a/.github/auto-labeler-config.yaml b/.github/auto-labeler-config.yaml
new file mode 100644
index 00000000..89be0327
--- /dev/null
+++ b/.github/auto-labeler-config.yaml
@@ -0,0 +1,23 @@
+---
+conventional-commits:
+- type: 'fix'
+  nouns: ['FIX', 'Fix', 'fix', 'FIXED', 'Fixed', 'fixed']
+  labels: ['bug']
+- type: 'feature'
+  nouns: ['FEATURE', 'Feature', 'feature', 'FEAT', 'Feat', 'feat']
+  labels: ['enhancement']
+- type: 'breaking_change'
+  nouns: ['BREAKING CHANGE', 'BREAKING', 'MAJOR']
+  labels: ['breaking-change']
+- type: 'refactor'
+  nouns: ['refactor', 'Refactor']
+  labels: ['refactor']
+- type: 'documentation'
+  nouns: ['docs', 'doc', 'document', 'documentation']
+  labels: ['documentation']
+- type: 'build'
+  nouns: ['build', 'rebuild']
+  labels: ['build']
+- type: 'config'
+  nouns: ['config', 'conf', 'configuration', 'configure']
+  labels: ['config']
diff --git a/.github/linters/.checkov.yaml b/.github/linters/.checkov.yaml
new file mode 100644
index 00000000..0b86e0d1
--- /dev/null
+++ b/.github/linters/.checkov.yaml
@@ -0,0 +1,22 @@
+---
+
+quiet: true
+
+skip-check:
+# https://www.checkov.io/5.Policy%20Index/kubernetes.html
+- CKV_K8S_15 # Image Pull Policy should be Always
+- CKV_K8S_21 # The default namespace should not be used
+- CKV_K8S_22 # Use read-only filesystem for containers where possible
+- CKV_K8S_35 # Prefer using secrets as files over secrets as environment variables
+- CKV_K8S_38 # Ensure that Service Account Tokens are only mounted where necessary
+- CKV_K8S_40 # Containers should run as a high UID to avoid host conflict
+- CKV_K8S_43 # Image should use digest
+- CKV2_K8S_5 # No ServiceAccount/Node should be able to read all secrets
+- CKV2_K8S_6 # Minimize the admission of pods which lack an associated NetworkPolicy
+# https://www.checkov.io/5.Policy%20Index/dockerfile.html
+- CKV_DOCKER_2 # Ensure that HEALTHCHECK instructions have been added to container images
+# https://www.checkov.io/5.Policy%20Index/secrets.html
+- CKV_SECRET_6 # Base64 High Entropy String
+# https://www.checkov.io/5.Policy%20Index/github_actions.html
+- CKV2_GHA_1 # Ensure top-level permissions are not set to write-all
+- CKV_GHA_7 # The build output cannot be affected by user parameters other than the build entry point and the top-level source location. GitHub Actions workflow_dispatch inputs MUST be empty.
diff --git a/.github/linters/.eslintrc.yml b/.github/linters/.eslintrc.yml
new file mode 100644
index 00000000..6f2987b0
--- /dev/null
+++ b/.github/linters/.eslintrc.yml
@@ -0,0 +1,17 @@
+---
+env:
+  es6: true
+
+extends:
+- "eslint:recommended"
+
+parser: "@typescript-eslint/parser"
+
+plugins:
+- "@typescript-eslint"
+
+rules:
+  no-undef: 'warn'
+
+globals:
+  module: "writable"
diff --git a/.github/linters/.flake8 b/.github/linters/.flake8
new file mode 100644
index 00000000..6deafc26
--- /dev/null
+++ b/.github/linters/.flake8
@@ -0,0 +1,2 @@
+[flake8]
+max-line-length = 120
diff --git a/.github/linters/.golangci.yml b/.github/linters/.golangci.yml
new file mode 100644
index 00000000..32c844b7
--- /dev/null
+++ b/.github/linters/.golangci.yml
@@ -0,0 +1,2 @@
+run:
+  timeout: 10m
diff --git a/.github/linters/.jscpd.json b/.github/linters/.jscpd.json
new file mode 100644
index 00000000..2ccd8d44
--- /dev/null
+++ b/.github/linters/.jscpd.json
@@ -0,0 +1,9 @@
+{
+    "threshold": 2,
+    "ignore": [
+        "**/.git/**",
+        "**/charts/*/templates/*/*.yaml",
+        "**/charts/*/templates/*/*/*.yaml",
+        "**/docs/examples/**"
+    ]
+}
diff --git a/.github/linters/.yaml-lint.yml b/.github/linters/.yaml-lint.yml
new file mode 100644
index 00000000..57b64797
--- /dev/null
+++ b/.github/linters/.yaml-lint.yml
@@ -0,0 +1,66 @@
+---
+#### Config file for yamllint
+# Rules: https://yamllint.readthedocs.io/en/stable/rules.html
+
+# Exclude not required files
+# ignore-from-file:
+# - .gitignore
+# - .yamlignore
+
+rules:
+  braces:
+    min-spaces-inside: 1
+    max-spaces-inside: 1
+    min-spaces-inside-empty: 0
+    max-spaces-inside-empty: 0
+  brackets:
+    min-spaces-inside: 0
+    max-spaces-inside: 1
+    min-spaces-inside-empty: -1
+    max-spaces-inside-empty: -1
+  colons:
+    max-spaces-before: 0
+    max-spaces-after: -1
+  commas:
+    max-spaces-before: 0
+    min-spaces-after: 1
+    max-spaces-after: 1
+  comments:
+    level: warning
+    require-starting-space: true
+    min-spaces-from-content: 1
+  comments-indentation:
+    level: warning
+  document-end: disable
+  document-start: disable
+  # level: warning
+  # present: false
+  empty-lines:
+    level: warning
+    max: 2
+    max-start: 0
+    max-end: 2
+  empty-values:
+    forbid-in-block-mappings: true
+    forbid-in-flow-mappings: true
+  hyphens:
+    max-spaces-after: 1
+  indentation:
+    level: warning
+    spaces: 2
+    indent-sequences: true
+    check-multi-line-strings: false
+  key-duplicates: enable
+  key-ordering: disable
+  line-length: disable
+  # max: 100
+  # allow-non-breakable-words: true
+  # allow-non-breakable-inline-mappings: true
+  new-line-at-end-of-file: disable
+  new-lines:
+    type: unix
+  octal-values:
+    forbid-implicit-octal: false
+    forbid-explicit-octal: false
+  trailing-spaces: enable
+  truthy: disable
diff --git a/.github/linters/actionlint.yml b/.github/linters/actionlint.yml
new file mode 100644
index 00000000..5e04acc8
--- /dev/null
+++ b/.github/linters/actionlint.yml
@@ -0,0 +1,5 @@
+paths:
+  .github/workflows/**/*.{yml,yaml}:
+    ignore:
+    - 'shellcheck reported issue in this script: SC2086:info.+'
+    - 'shellcheck reported issue in this script: SC2002:style.+'
diff --git a/.github/linters/checkstyle.xml b/.github/linters/checkstyle.xml
new file mode 100644
index 00000000..a6f3b19e
--- /dev/null
+++ b/.github/linters/checkstyle.xml
@@ -0,0 +1,311 @@
+<?xml version="1.0"?>
+<!DOCTYPE module PUBLIC
+        "-//Checkstyle//DTD Checkstyle Configuration 1.3//EN"
+        "https://checkstyle.org/dtds/configuration_1_3.dtd">
+
+<module name="Checker">
+    <property name="charset" value="UTF-8"/>
+    <property name="severity" value="warning"/>
+    <property name="fileExtensions" value="java"/>
+
+    <module name="SuppressWarningsFilter"/>
+
+    <module name="BeforeExecutionExclusionFileFilter">
+        <property name="fileNamePattern" value="(.*\.vm\.java)|(module\-info\.java$)"/>
+    </module>
+
+    <module name="SuppressionFilter">
+        <property name="file" value="${org.checkstyle.google.suppressionfilter.config}"
+                  default="checkstyle-suppressions.xml"/>
+        <property name="optional" value="true"/>
+    </module>
+
+    <module name="FileTabCharacter">
+        <property name="eachLine" value="true"/>
+    </module>
+
+<!--    <module name="LineLength">-->
+<!--        <property name="fileExtensions" value="java"/>-->
+<!--        <property name="max" value="240"/>-->
+<!--        <property name="ignorePattern"-->
+<!--                  value="^package.*|^import.*|^.*static.*|a href|href|http://|https://|ftp://"/>-->
+<!--    </module>-->
+
+    <module name="RegexpSingleline">
+        <property name="id" value="cyrillicChars"/>
+        <property name="format" value="\p{InCyrillic}"/>
+        <property name="message" value="Cyrillic chars found"/>
+    </module>
+
+    <module name="TreeWalker">
+        <module name="SuppressWarningsHolder"/>
+
+        <module name="UnusedImports"/>
+<!--        <module name="AvoidStarImport">-->
+        <module name="CustomImportOrder">
+            <property name="sortImportsInGroupAlphabetically" value="true"/>
+            <property name="separateLineBetweenGroups" value="true"/>
+            <property name="customImportOrderRules" value="THIRD_PARTY_PACKAGE###STANDARD_JAVA_PACKAGE###STATIC"/>
+            <property name="tokens" value="IMPORT, STATIC_IMPORT, PACKAGE_DEF"/>
+        </module>
+
+        <module name="ConstantName"/>
+        <module name="OuterTypeFilename"/>
+        <module name="IllegalTokenText">
+            <property name="tokens" value="STRING_LITERAL, CHAR_LITERAL"/>
+            <property name="format"
+                      value="\\u00(09|0(a|A)|0(c|C)|0(d|D)|22|27|5(C|c))|\\(0(10|11|12|14|15|42|47)|134)"/>
+            <property name="message"
+                      value="Consider using special escape sequence instead of octal value or Unicode escaped value."/>
+        </module>
+        <module name="AvoidEscapedUnicodeCharacters">
+            <property name="allowEscapesForControlCharacters" value="true"/>
+            <property name="allowByTailComment" value="true"/>
+            <property name="allowNonPrintableEscapes" value="true"/>
+        </module>
+        <module name="OneTopLevelClass"/>
+        <module name="NoLineWrap">
+            <property name="tokens" value="PACKAGE_DEF, IMPORT, STATIC_IMPORT"/>
+        </module>
+        <module name="EmptyBlock">
+            <property name="option" value="TEXT"/>
+            <property name="tokens"
+                      value="LITERAL_TRY, LITERAL_FINALLY, LITERAL_IF, LITERAL_ELSE, LITERAL_SWITCH"/>
+        </module>
+        <module name="AvoidDoubleBraceInitialization"/>
+        <module name="NeedBraces">
+            <property name="tokens"
+                      value="LITERAL_DO, LITERAL_ELSE, LITERAL_FOR, LITERAL_IF, LITERAL_WHILE"/>
+        </module>
+        <module name="LeftCurly">
+            <property name="tokens"
+                      value="ANNOTATION_DEF, CLASS_DEF, CTOR_DEF, ENUM_CONSTANT_DEF, ENUM_DEF,
+                    INTERFACE_DEF, LAMBDA, LITERAL_CASE, LITERAL_CATCH, LITERAL_DEFAULT,
+                    LITERAL_DO, LITERAL_ELSE, LITERAL_FINALLY, LITERAL_FOR, LITERAL_IF,
+                    LITERAL_SWITCH, LITERAL_SYNCHRONIZED, LITERAL_TRY, LITERAL_WHILE, METHOD_DEF,
+                    OBJBLOCK, STATIC_INIT, RECORD_DEF, COMPACT_CTOR_DEF"/>
+        </module>
+        <module name="RightCurly">
+            <property name="id" value="RightCurlySame"/>
+            <property name="tokens"
+                      value="LITERAL_TRY, LITERAL_CATCH, LITERAL_FINALLY, LITERAL_IF, LITERAL_ELSE,
+                    LITERAL_DO"/>
+        </module>
+        <module name="RightCurly">
+            <property name="id" value="RightCurlyAlone"/>
+            <property name="option" value="alone"/>
+            <property name="tokens"
+                      value="CLASS_DEF, METHOD_DEF, CTOR_DEF, LITERAL_FOR, LITERAL_WHILE, STATIC_INIT,
+                    INSTANCE_INIT, ANNOTATION_DEF, ENUM_DEF, INTERFACE_DEF, RECORD_DEF,
+                    COMPACT_CTOR_DEF"/>
+        </module>
+        <module name="SuppressionXpathSingleFilter">
+            <!-- suppresion is required till https://github.com/checkstyle/checkstyle/issues/7541 -->
+            <property name="id" value="RightCurlyAlone"/>
+            <property name="query" value="//RCURLY[parent::SLIST[count(./*)=1]
+                                     or preceding-sibling::*[last()][self::LCURLY]]"/>
+        </module>
+        <module name="WhitespaceAfter">
+            <property name="tokens"
+                      value="COMMA, SEMI, TYPECAST, LITERAL_IF, LITERAL_ELSE,
+                    LITERAL_WHILE, LITERAL_DO, LITERAL_FOR, DO_WHILE"/>
+        </module>
+        <module name="WhitespaceAround">
+            <property name="allowEmptyConstructors" value="true"/>
+            <property name="allowEmptyLambdas" value="true"/>
+            <property name="allowEmptyMethods" value="true"/>
+            <property name="allowEmptyTypes" value="true"/>
+            <property name="allowEmptyLoops" value="true"/>
+            <property name="ignoreEnhancedForColon" value="false"/>
+            <property name="tokens"
+                      value="ASSIGN, BAND, BAND_ASSIGN, BOR, BOR_ASSIGN, BSR, BSR_ASSIGN, BXOR,
+                    BXOR_ASSIGN, COLON, DIV, DIV_ASSIGN, DO_WHILE, EQUAL, GE, GT, LAMBDA, LAND,
+                    LCURLY, LE, LITERAL_CATCH, LITERAL_DO, LITERAL_ELSE, LITERAL_FINALLY,
+                    LITERAL_FOR, LITERAL_IF, LITERAL_RETURN, LITERAL_SWITCH, LITERAL_SYNCHRONIZED,
+                    LITERAL_TRY, LITERAL_WHILE, LOR, LT, MINUS, MINUS_ASSIGN, MOD, MOD_ASSIGN,
+                    NOT_EQUAL, PLUS, PLUS_ASSIGN, QUESTION, RCURLY, SL, SLIST, SL_ASSIGN, SR,
+                    SR_ASSIGN, STAR, STAR_ASSIGN, LITERAL_ASSERT, TYPE_EXTENSION_AND"/>
+            <message key="ws.notFollowed"
+                     value="WhitespaceAround: ''{0}'' is not followed by whitespace. Empty blocks may only be represented as '{}' when not part of a multi-block statement (4.1.3)"/>
+            <message key="ws.notPreceded"
+                     value="WhitespaceAround: ''{0}'' is not preceded with whitespace."/>
+        </module>
+        <module name="OneStatementPerLine"/>
+        <module name="ArrayTypeStyle"/>
+        <module name="FallThrough"/>
+        <module name="UpperEll"/>
+        <module name="ModifierOrder"/>
+        <module name="EmptyLineSeparator">
+            <property name="tokens"
+                      value="PACKAGE_DEF, IMPORT, STATIC_IMPORT, CLASS_DEF, INTERFACE_DEF, ENUM_DEF,
+                    STATIC_INIT, INSTANCE_INIT, METHOD_DEF, CTOR_DEF, VARIABLE_DEF, RECORD_DEF,
+                    COMPACT_CTOR_DEF"/>
+            <property name="allowNoEmptyLineBetweenFields" value="true"/>
+        </module>
+        <module name="SeparatorWrap">
+            <property name="id" value="SeparatorWrapDot"/>
+            <property name="tokens" value="DOT"/>
+            <property name="option" value="NL"/>
+        </module>
+        <module name="SeparatorWrap">
+            <property name="id" value="SeparatorWrapComma"/>
+            <property name="tokens" value="COMMA"/>
+            <property name="option" value="EOL"/>
+        </module>
+        <module name="SeparatorWrap">
+            <property name="id" value="SeparatorWrapEllipsis"/>
+            <property name="tokens" value="ELLIPSIS"/>
+            <property name="option" value="EOL"/>
+        </module>
+        <module name="SeparatorWrap">
+            <property name="id" value="SeparatorWrapArrayDeclarator"/>
+            <property name="tokens" value="ARRAY_DECLARATOR"/>
+            <property name="option" value="EOL"/>
+        </module>
+        <module name="SeparatorWrap">
+            <property name="id" value="SeparatorWrapMethodRef"/>
+            <property name="tokens" value="METHOD_REF"/>
+            <property name="option" value="nl"/>
+        </module>
+        <module name="PackageName">
+            <property name="format" value="^[a-z]+(\.[a-z][a-z0-9]*)*$"/>
+            <message key="name.invalidPattern"
+                     value="Package name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+        <module name="TypeName">
+            <property name="tokens" value="CLASS_DEF, INTERFACE_DEF, ENUM_DEF,
+                    ANNOTATION_DEF, RECORD_DEF"/>
+            <message key="name.invalidPattern"
+                     value="Type name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+        <module name="MemberName">
+            <message key="name.invalidPattern"
+                     value="Member name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+        <module name="MethodName">
+            <message key="name.invalidPattern"
+                     value="Method name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+
+        <module name="ParameterName">
+            <message key="name.invalidPattern"
+                     value="Parameter name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+        <module name="LambdaParameterName">
+            <message key="name.invalidPattern"
+                     value="Lambda parameter name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+        <module name="CatchParameterName">
+            <message key="name.invalidPattern"
+                     value="Catch parameter name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+        <module name="LocalVariableName">
+            <message key="name.invalidPattern"
+                     value="Local variable name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+        <module name="PatternVariableName">
+            <message key="name.invalidPattern"
+                     value="Pattern variable name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+        <module name="ClassTypeParameterName">
+            <property name="format" value="(^[A-Z][0-9]?)$|([A-Z][a-zA-Z0-9]*$)"/>
+            <message key="name.invalidPattern"
+                     value="Class type name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+        <module name="RecordTypeParameterName">
+            <property name="format" value="(^[A-Z][0-9]?)$|([A-Z][a-zA-Z0-9]*[T]$)"/>
+            <message key="name.invalidPattern"
+                     value="Record type name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+        <module name="MethodTypeParameterName">
+            <property name="format" value="(^[A-Z][0-9]?)$|([A-Z][a-zA-Z0-9]*[T]$)"/>
+            <message key="name.invalidPattern"
+                     value="Method type name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+        <module name="InterfaceTypeParameterName">
+            <property name="format" value="(^[A-Z][0-9]?)$|([A-Z][a-zA-Z0-9]*$)"/>
+            <message key="name.invalidPattern"
+                     value="Interface type name ''{0}'' must match pattern ''{1}''."/>
+        </module>
+        <module name="NoFinalizer"/>
+        <module name="GenericWhitespace">
+            <message key="ws.followed"
+                     value="GenericWhitespace ''{0}'' is followed by whitespace."/>
+            <message key="ws.preceded"
+                     value="GenericWhitespace ''{0}'' is preceded with whitespace."/>
+            <message key="ws.illegalFollow"
+                     value="GenericWhitespace ''{0}'' should followed by whitespace."/>
+            <message key="ws.notPreceded"
+                     value="GenericWhitespace ''{0}'' is not preceded with whitespace."/>
+        </module>
+<!--        <module name="Indentation">-->
+<!--            <property name="basicOffset" value="4"/>-->
+<!--            <property name="braceAdjustment" value="4"/>-->
+<!--            <property name="caseIndent" value="4"/>-->
+<!--            <property name="throwsIndent" value="4"/>-->
+<!--            <property name="lineWrappingIndentation" value="8"/>-->
+<!--            <property name="arrayInitIndent" value="8"/>-->
+<!--        </module>-->
+
+        <module name="OverloadMethodsDeclarationOrder"/>
+        <module name="MethodParamPad">
+            <property name="tokens"
+                      value="CTOR_DEF, LITERAL_NEW, METHOD_CALL, METHOD_DEF,
+                    SUPER_CTOR_CALL, ENUM_CONSTANT_DEF, RECORD_DEF"/>
+        </module>
+        <module name="NoWhitespaceBefore">
+            <property name="tokens"
+                      value="COMMA, SEMI, POST_INC, POST_DEC, DOT,
+                    LABELED_STAT, METHOD_REF"/>
+            <property name="allowLineBreaks" value="true"/>
+        </module>
+        <module name="ParenPad">
+            <property name="tokens"
+                      value="ANNOTATION, ANNOTATION_FIELD_DEF, CTOR_CALL, CTOR_DEF, DOT, ENUM_CONSTANT_DEF,
+                    EXPR, LITERAL_CATCH, LITERAL_DO, LITERAL_FOR, LITERAL_IF, LITERAL_NEW,
+                    LITERAL_SWITCH, LITERAL_SYNCHRONIZED, LITERAL_WHILE, METHOD_CALL,
+                    METHOD_DEF, QUESTION, RESOURCE_SPECIFICATION, SUPER_CTOR_CALL, LAMBDA,
+                    RECORD_DEF"/>
+        </module>
+        <module name="OperatorWrap">
+            <property name="option" value="NL"/>
+            <property name="tokens"
+                      value="BAND, BOR, BSR, BXOR, DIV, EQUAL, GE, GT, LAND, LE, LITERAL_INSTANCEOF, LOR,
+                            LT, MINUS, MOD, NOT_EQUAL, PLUS, QUESTION, COLON, SL, SR, STAR, METHOD_REF,
+                            TYPE_EXTENSION_AND "/>
+        </module>
+        <module name="AnnotationLocation">
+            <property name="id" value="AnnotationLocationMostCases"/>
+            <property name="tokens"
+                      value="CLASS_DEF, INTERFACE_DEF, ENUM_DEF, METHOD_DEF, CTOR_DEF,
+                      RECORD_DEF, COMPACT_CTOR_DEF"/>
+        </module>
+        <module name="AnnotationLocation">
+            <property name="id" value="AnnotationLocationVariables"/>
+            <property name="tokens" value="VARIABLE_DEF"/>
+            <property name="allowSamelineMultipleAnnotations" value="true"/>
+        </module>
+        <module name="InvalidJavadocPosition"/>
+        <module name="JavadocTagContinuationIndentation"/>
+        <module name="RequireEmptyLineBeforeBlockTagGroup"/>
+        <module name="JavadocMethod">
+            <property name="allowMissingParamTags" value="true"/>
+            <property name="allowMissingReturnTag" value="true"/>
+            <property name="allowedAnnotations" value="Override, Test"/>
+            <property name="tokens" value="METHOD_DEF, CTOR_DEF, ANNOTATION_FIELD_DEF, COMPACT_CTOR_DEF"/>
+        </module>
+        <module name="SingleLineJavadoc"/>
+        <module name="EmptyCatchBlock">
+            <property name="exceptionVariableName" value="expected"/>
+        </module>
+        <module name="CommentsIndentation">
+            <property name="tokens" value="SINGLE_LINE_COMMENT, BLOCK_COMMENT_BEGIN"/>
+        </module>
+        <!-- https://checkstyle.org/config_filters.html#SuppressionXpathFilter -->
+        <module name="SuppressionXpathFilter">
+            <property name="file" value="${org.checkstyle.google.suppressionxpathfilter.config}"
+                      default="checkstyle-xpath-suppressions.xml"/>
+            <property name="optional" value="true"/>
+        </module>
+    </module>
+</module>
diff --git a/.github/release-drafter-config.yml b/.github/release-drafter-config.yml
new file mode 100644
index 00000000..bfd08d2f
--- /dev/null
+++ b/.github/release-drafter-config.yml
@@ -0,0 +1,50 @@
+name-template: 'v$RESOLVED_VERSION'
+tag-template: 'v$RESOLVED_VERSION'
+
+
+categories:
+- title: '💥 Breaking Changes'
+  labels:
+  - breaking-change
+- title: '💡 New Features'
+  labels:
+  - feature
+  - enhancement
+- title: '🐞 Bug Fixes'
+  labels:
+  - bug
+  - fix
+  - bugfix
+- title: '⚙️ Technical Debt'
+  labels:
+  - refactor
+- title: '📝 Documentation'
+  labels:
+  - documentation
+
+change-template: |
+  - (#$NUMBER) $TITLE by @$AUTHOR
+
+no-changes-template: 'No significant changes'
+
+template: |
+  ## 🚀 Release
+
+  ### What's Changed
+  $CHANGES
+
+  ---
+
+  **Full Changelog**: https://github.com/$OWNER/$REPOSITORY/compare/$PREVIOUS_TAG...v$RESOLVED_VERSION
+
+version-resolver:
+  major:
+    labels:
+    - major
+  minor:
+    labels:
+    - minor
+  patch:
+    labels:
+    - patch
+  default: patch
diff --git a/.github/super-linter.env b/.github/super-linter.env
new file mode 100644
index 00000000..427ac01b
--- /dev/null
+++ b/.github/super-linter.env
@@ -0,0 +1,22 @@
+# File will be loaded as environment variables
+# It must contain strings like:
+# name=value
+
+GITLEAKS_LOG_LEVEL=warn
+VALIDATE_JAVASCRIPT_PRETTIER=false
+VALIDATE_JAVASCRIPT_STANDARD=false
+VALIDATE_JSCPD=false
+VALIDATE_JSON_PRETTIER=false
+VALIDATE_KUBERNETES_KUBECONFORM=false
+VALIDATE_MARKDOWN_PRETTIER=false
+VALIDATE_YAML=false
+VALIDATE_YAML_PRETTIER=false
+
+# TODO: fix python files and enable the check again
+VALIDATE_PYTHON_BLACK=false
+VALIDATE_PYTHON_FLAKE8=false
+VALIDATE_PYTHON_MYPY=false
+VALIDATE_PYTHON_PYINK=false
+VALIDATE_PYTHON_PYLINT=false
+
+VALIDATE_GO=false
diff --git a/.github/workflows/automatic-pr-labeler.yaml b/.github/workflows/automatic-pr-labeler.yaml
new file mode 100644
index 00000000..36d9ba27
--- /dev/null
+++ b/.github/workflows/automatic-pr-labeler.yaml
@@ -0,0 +1,45 @@
+---
+
+# The workflow template for automatic PR labeler.
+# It requires to have a configuration file with labels and conditions to apply them.
+# The configuration file should be placed in the .github folder and named auto-labeler-config.yaml.
+# Example file can be found there:
+# https://github.com/Netcracker/.github/blob/main/config/examples/auto-labeler-config.yaml
+
+name: Automatic PR Labeler
+
+on:
+  pull_request:
+    branches: [main]
+    types:
+      [opened, reopened, synchronize]
+
+permissions:
+  pull-requests: write
+  contents: read
+  issues: write
+
+jobs:
+  assign-labels:
+    if: github.event.pull_request.merged == false
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: "Execute assign labels"
+        id: action-assign-labels
+        uses: mauroalderete/action-assign-labels@v1
+        with:
+          pull-request-number: ${{ github.event.pull_request.number }}
+          github-token: ${{ github.token }}
+          conventional-commits: "./.github/auto-labeler-config.yaml"
+          maintain-labels-not-matched: true
+          apply-changes: ${{ github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }}
+      - name: "Drop warning if PR from fork"
+        if: ${{ github.event.pull_request.base.repo.id != github.event.pull_request.head.repo.id }}
+        run: |
+          {
+            echo "⚠️ Pull request from fork! ⚠️";
+            echo "Labels will not be applied to PR. Assign them manually please.";
+            echo "Labels to assign: ${{ steps.action-assign-labels.outputs.labels-next }}";
+          } >> $GITHUB_STEP_SUMMARY
diff --git a/.github/workflows/cla.yaml b/.github/workflows/cla.yaml
new file mode 100644
index 00000000..e4947233
--- /dev/null
+++ b/.github/workflows/cla.yaml
@@ -0,0 +1,19 @@
+---
+name: CLA Assistant
+on:
+  issue_comment:
+    types: [created]
+  pull_request_target:
+    types: [opened, closed, synchronize]
+
+permissions:
+  actions: write
+  contents: read
+  pull-requests: write
+  statuses: write
+
+jobs:
+  cla_assistant:
+    uses: Netcracker/qubership-workflow-hub/.github/workflows/cla.yaml@main
+    secrets:
+      personal_access_token: ${{ secrets.CLA_ACCESS_TOKEN }}
diff --git a/.github/workflows/pr-conventional-commits.yaml b/.github/workflows/pr-conventional-commits.yaml
new file mode 100644
index 00000000..1177d012
--- /dev/null
+++ b/.github/workflows/pr-conventional-commits.yaml
@@ -0,0 +1,21 @@
+---
+
+name: Conventional Commits PR Check
+
+on:
+  pull_request:
+    types:
+      - opened
+      - edited
+      - synchronize
+
+permissions:
+  pull-requests: read
+jobs:
+  build:
+    name: Conventional Commits
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: webiny/action-conventional-commits@v1.3.0
diff --git a/.github/workflows/pr-lint-title.yaml b/.github/workflows/pr-lint-title.yaml
new file mode 100644
index 00000000..b5a54af5
--- /dev/null
+++ b/.github/workflows/pr-lint-title.yaml
@@ -0,0 +1,21 @@
+---
+
+name: "Lint PR Title"
+
+on:
+  pull_request:
+    types:
+      - opened
+      - edited
+
+permissions:
+  pull-requests: read
+
+jobs:
+  main:
+    name: Validate PR title
+    runs-on: ubuntu-latest
+    steps:
+      - uses: amannn/action-semantic-pull-request@v5
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
diff --git a/.github/workflows/profanity-filter.yaml b/.github/workflows/profanity-filter.yaml
new file mode 100644
index 00000000..b8ab7782
--- /dev/null
+++ b/.github/workflows/profanity-filter.yaml
@@ -0,0 +1,27 @@
+---
+name: Profanity filter
+
+on:
+  issue_comment:
+    types: [created, edited]
+  issues:
+    types: [opened, edited, reopened]
+  pull_request:
+    types: [opened, edited, reopened]
+
+permissions:
+  issues: write
+  pull-requests: write
+
+jobs:
+  call-apply-filter:
+    if: ${{ github.event_name == 'issue_comment' || github.event_name == 'issues' || (github.event_name == 'pull_request' && github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id) }}
+    uses: Netcracker/qubership-workflow-hub/.github/workflows/profanityFilter.yaml@main
+  warning:
+    runs-on: ubuntu-latest
+    if: ${{ github.event_name == 'pull_request' && github.event.pull_request.base.repo.id != github.event.pull_request.head.repo.id }}
+    steps:
+      - name: "Warning"
+        run: |
+          echo "⚠️ Pull request from fork! ⚠️" >> $GITHUB_STEP_SUMMARY
+          echo "The action cannot be run over PRs from fork." >> $GITHUB_STEP_SUMMARY
diff --git a/.github/workflows/super-linter.yaml b/.github/workflows/super-linter.yaml
new file mode 100644
index 00000000..da308b2c
--- /dev/null
+++ b/.github/workflows/super-linter.yaml
@@ -0,0 +1,53 @@
+---
+# This workflow executes several linters on changed files based on languages used in your code base whenever
+# you push a code or open a pull request.
+#
+# You can adjust the behavior by modifying this file.
+# For more information, see:
+# https://github.com/super-linter/super-linter
+# Configuration file for super-linter example:
+# .github/super-linter.env
+# Configuration files for individual linters should be placed in .github/linters
+
+name: Lint Code Base
+
+on:
+  push:
+    branches:
+      - '**'
+  pull_request:
+    branches:
+      - '**'
+  workflow_dispatch:
+    inputs:
+      full_scan:
+        type: boolean
+        default: false
+        required: false
+        description: "Lint all codebase"
+permissions:
+  contents: read
+
+jobs:
+  run-lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          # Full git history is needed to get a proper list of changed files within `super-linter`
+          fetch-depth: 0
+
+      - name: "Load super-linter environment file"
+        run: |
+          # shellcheck disable=2086
+          if [ -f "./.github/super-linter.env" ]; then
+            grep "\S" ./.github/super-linter.env | grep -v "^#"
+            grep "\S" ./.github/super-linter.env | grep -v "^#" >> $GITHUB_ENV
+          fi
+
+      - name: Lint Code Base
+        uses: super-linter/super-linter@v7
+        env:
+          VALIDATE_ALL_CODEBASE: ${{ inputs.full_scan || false }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/charts/patroni-core/templates/deployment.yaml b/charts/patroni-core/templates/deployment.yaml
index 9969159c..4a127e98 100644
--- a/charts/patroni-core/templates/deployment.yaml
+++ b/charts/patroni-core/templates/deployment.yaml
@@ -2,6 +2,9 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: patroni-core-operator
+  annotations:
+    checkov.io/skip1: CKV_K8S_8=Liveness probe is not required
+    checkov.io/skip2: CKV_K8S_9=Readiness probe is not required
 spec:
   replicas: 1
   strategy:
@@ -115,7 +118,7 @@ spec:
       imagePullSecrets:
       {{- range $i, $v := .Values.privateRegistry.secrets }}
         - name: {{ $v.name }} 
-      {{- end }}     
+      {{- end }}
       {{- end }}
       {{ if .Values.externalDataBase }}
       {{ if eq (lower .Values.externalDataBase.type) "cloudsql"}}
diff --git a/charts/patroni-services/templates/deployment.yaml b/charts/patroni-services/templates/deployment.yaml
index 801d1c56..546df8fe 100644
--- a/charts/patroni-services/templates/deployment.yaml
+++ b/charts/patroni-services/templates/deployment.yaml
@@ -2,6 +2,9 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: postgres-operator
+  annotations:
+    checkov.io/skip1: CKV_K8S_8=Liveness probe is not required
+    checkov.io/skip2: CKV_K8S_9=Readiness probe is not required
 spec:
   replicas: 1
   selector:
@@ -127,7 +130,7 @@ spec:
       imagePullSecrets:
       {{- range $i, $v := .Values.privateRegistry.secrets }}
         - name: {{ $v.name }} 
-      {{- end }}     
+      {{- end }}
       {{- end }}
       volumes:
       {{ if .Values.externalDataBase }}
diff --git a/docker-transfer/Dockerfile b/docker-transfer/Dockerfile
index 4569cbd4..a5f00d71 100644
--- a/docker-transfer/Dockerfile
+++ b/docker-transfer/Dockerfile
@@ -1,3 +1,4 @@
+#checkov:skip=CKV_DOCKER_3:User is not required for transfer container
 FROM scratch
 
 # Transfer