diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..97fb425
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
+*       @lloesche @aquamatthias @meln1k
diff --git a/.github/ISSUE_TEMPLATE/bug.yml b/.github/ISSUE_TEMPLATE/bug.yml
new file mode 100644
index 0000000..e7f9e65
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug.yml
@@ -0,0 +1,55 @@
+name: 🐛 Bug Report
+description: Report a problem
+labels: ['bug']
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report!
+  - type: textarea
+    id: description
+    attributes:
+      label: Description
+      description: Please provide a clear and concise description of the bug or issue.
+    validations:
+      required: true
+  - type: input
+    id: version
+    attributes:
+      label: Version
+      description: What version of Resoto are you running?
+    validations:
+      required: true
+  - type: input
+    id: environment
+    attributes:
+      label: Environment
+      description:
+    validations:
+      required: false
+  - type: textarea
+    id: repro-steps
+    attributes:
+      label: Steps to Reproduce
+      description: Please tell us how we can reproduce the undesired behavior.
+      placeholder: |
+        1.
+        2.
+        3.
+    validations:
+      required: false
+  - type: textarea
+    id: logs
+    attributes:
+      label: Logs
+      description: Please copy and paste any relevant log output. (This will be automatically formatted into code, so no need for backticks.)
+      render: shell
+  - type: textarea
+    id: additional-context
+    attributes:
+      label: Additional Context
+      description: Provide any additional information or screenshots that may be relevant or helpful.
+  - type: markdown
+    attributes:
+      value: |
+        By submitting this bug report, I agree to follow the [code of conduct](https://fix.tt/code-of-conduct).
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
new file mode 100644
index 0000000..c16737f
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: 💬 Discord
+    url: https://discord.gg/someengineering
+    about: Chat with other users and the development team
+  - name: 📄 Documentation
+    url: https://fix.tt/docs
+    about: Read and search documentation
diff --git a/.github/ISSUE_TEMPLATE/enhancement.yml b/.github/ISSUE_TEMPLATE/enhancement.yml
new file mode 100644
index 0000000..badb12d
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/enhancement.yml
@@ -0,0 +1,31 @@
+name: ✨ Feature Request
+description: Suggest an idea
+labels: ['enhancement']
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this feature request!
+  - type: textarea
+    id: motivation
+    attributes:
+      label: Motivation
+      description: Please provide a clear and concise description of the rationale behind this request.
+    validations:
+      required: true
+  - type: textarea
+    id: desired-behavior
+    attributes:
+      label: Desired Behavior
+      description: Provide a clear and concise description of what you want to happen.
+    validations:
+      required: true
+  - type: textarea
+    id: additional-context
+    attributes:
+      label: Additional Context
+      description: Provide any additional information or screenshots that may be relevant or helpful.
+  - type: markdown
+    attributes:
+      value: |
+        By submitting this feature request, I agree to follow the [code of conduct](https://fix.tt/code-of-conduct).
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 0000000..36710b4
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,24 @@
+# Description
+
+<!-- Please describe the changes included in this PR here. -->
+
+# To-Dos
+
+<!-- Before submitting this PR, please lint and test your changes locally. -->
+<!-- Add an 'x' between the brackets to mark each checkbox as checked. -->
+<!-- (Feel free to remove any items that do not apply to this PR.) -->
+
+- [ ] Add test coverage for new or updated functionality
+- [ ] Lint and test with `tox`
+- [ ] Document new or updated functionality (someengineering/resoto.com#XXXX)
+
+# Issues Fixed
+
+<!-- If this PR will fix/resolve an open issue on the repository, please reference it below. -->
+<!-- (Otherwise, feel free to delete this section.) -->
+
+- Fixes #XXXX
+
+# Code of Conduct
+
+By submitting this pull request, I agree to follow the [code of conduct](https://fix.tt/code-of-conduct).
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000..f6152de
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,56 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+  schedule:
+    - cron: '26 0 * * 1'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'python' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
new file mode 100644
index 0000000..4eeb887
--- /dev/null
+++ b/.github/workflows/docker-build.yml
@@ -0,0 +1,97 @@
+name: Build Docker Images
+
+on:
+  push:
+    tags:
+      - "*.*.*"
+    branches:
+      - main
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  split-build:
+    name: "Build Docker images"
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v3
+
+      - name: Get short commit SHA
+        id: sha
+        run: echo "short=${GITHUB_SHA::7}" >> $GITHUB_OUTPUT
+
+      - name: Set build platforms
+        id: platform
+        run: |
+          GITHUB_REF="${{ github.ref }}"
+          GITHUB_TAG=${GITHUB_REF##*/}
+          echo "targets=linux/amd64,linux/arm64" >> $GITHUB_OUTPUT
+          if [ "${{ github.ref_type }}" = tag ]; then
+              if [[ "$GITHUB_TAG" =~ [0-9]([ab]|rc)[0-9]* ]]; then
+                echo "latest=false" >> $GITHUB_OUTPUT
+              else
+                echo "latest=true" >> $GITHUB_OUTPUT
+              fi
+          else
+            echo "latest=false" >> $GITHUB_OUTPUT
+          fi
+        
+      - name: Docker FIX CA meta
+        id: basemeta
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            someengineering/fixca
+            ghcr.io/someengineering/fixca
+          flavor: |
+            latest=${{ steps.platform.outputs.latest }}
+          tags: |
+            type=pep440,pattern={{version}}
+            type=pep440,pattern={{major}}.{{minor}}
+            type=pep440,pattern={{major}}
+            type=sha,prefix=
+            type=edge
+          labels: |
+            org.opencontainers.image.title=fixca
+            org.opencontainers.image.description=FIX Certificate Authority
+            org.opencontainers.image.vendor=Some Engineering Inc.
+
+      - name: Set up QEMU
+        id: qemu
+        uses: docker/setup-qemu-action@v2
+        with:
+          platforms: arm64,amd64
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Log in to Docker Hub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USER }}
+          password: ${{ secrets.DOCKERHUB_PASS }}
+
+      - name: Log in to GitHub Container Registry
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push resotobase Docker image
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: ${{ steps.platform.outputs.targets }}
+          push: ${{ github.event_name != 'pull_request' }}
+          build-args: |
+            SOURCE_COMMIT=${{ github.sha }}
+          tags: ${{ steps.basemeta.outputs.tags }}
+          labels: ${{ steps.basemeta.outputs.labels }}
+          provenance: false # Temporary workaround for https://github.com/docker/buildx/issues/1533