diff --git a/.github/workflows/build-push-stolostron.yaml b/.github/workflows/build-push-stolostron.yaml
new file mode 100644
index 00000000000..d0fd1f51ce5
--- /dev/null
+++ b/.github/workflows/build-push-stolostron.yaml
@@ -0,0 +1,28 @@
+name: build and push to quay
+
+on:
+  push:  
+    tags:
+      - 'v*' # tags matching v*, i.e. v0.0.1, v1.0.0-rc.0
+
+jobs:
+  build:
+    name: Image build and push
+    runs-on: ubuntu-latest  
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - uses: docker/login-action@v2
+      with:
+        registry: quay.io
+        username: ${{ secrets.QUAY_USER }}
+        password: ${{ secrets.QUAY_PASSWORD }}
+
+    - name: build and push
+      run: |
+        REPOSITORY="quay.io/gatekeeper/gatekeeper" \
+        PLATFORM="linux/amd64,linux/arm64,linux/arm/v8" \
+        OUTPUT_TYPE=type=registry GENERATE_ATTESTATIONS=true \
+        make docker-buildx-release
+
diff --git a/.github/workflows/gosec.yaml b/.github/workflows/gosec.yaml
new file mode 100644
index 00000000000..6daaebb4d94
--- /dev/null
+++ b/.github/workflows/gosec.yaml
@@ -0,0 +1,27 @@
+name: GoSec scan
+
+on:
+  push:
+    branches:
+      - master
+      - release-[0-9]+.[0-9]+
+  pull_request:
+    branches:
+      - master
+      - release-[0-9]+.[0-9]+
+
+jobs:
+  gosec:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Gatekeeper
+        uses: actions/checkout@v4
+      - name: Run Gosec Security Scanner
+        uses: securego/gosec@v2.15.0
+        with:
+          args: -no-fail -fmt sonarqube -out gosec.json -stdout -exclude-dir=.go -exclude-dir=test ./...
+      - name: Upload artifacts
+        uses: actions/upload-artifact@v3
+        with:
+          name: artifacts
+          path: gosec.json
diff --git a/.github/workflows/sonarcloud.yaml b/.github/workflows/sonarcloud.yaml
new file mode 100644
index 00000000000..a0ab7c66130
--- /dev/null
+++ b/.github/workflows/sonarcloud.yaml
@@ -0,0 +1,14 @@
+name: Sonarcloud scan
+
+on:
+  workflow_run:
+    workflows:
+      - GoSec scan
+    types:
+      - completed
+
+jobs:
+  sonarcloud:
+    uses: stolostron/governance-policy-framework/.github/workflows/sonarcloud.yml@main
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/Dockerfile b/Dockerfile
index 3d832e3e4df..4251ee411ab 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,15 +14,27 @@ ARG LDFLAGS
 ARG BUILDKIT_SBOM_SCAN_STAGE=true
 
 ENV GO111MODULE=on \
-    CGO_ENABLED=0 \
+    CGO_ENABLED=1 \
     GOOS=${TARGETOS} \
     GOARCH=${TARGETARCH} \
     GOARM=${TARGETVARIANT}
 
+RUN if [ "${TARGETPLATFORM}" = "linux/arm64" ]; then \
+        apt -y update && apt -y install gcc-aarch64-linux-gnu && apt -y clean all; \
+    elif [ "${TARGETPLATFORM}" = "linux/arm/v8" ]; then \
+        apt -y update && apt -y install gcc-arm-linux-gnueabihf && apt -y clean all; \
+    fi
+
 WORKDIR /go/src/github.com/open-policy-agent/gatekeeper
 COPY . .
 
-RUN go build -mod vendor -a -ldflags "${LDFLAGS}" -o manager
+RUN  if [ "${TARGETPLATFORM}" = "linux/arm64" ]; then \
+        export CC=aarch64-linux-gnu-gcc; \
+    elif [ "${TARGETPLATFORM}" = "linux/arm/v8" ]; then \
+        export CC=arm-linux-gnueabihf-gcc; \
+    fi; \
+    go build -mod vendor -a -ldflags "${LDFLAGS}" -o manager
+   
 
 FROM $BASEIMAGE
 
diff --git a/OWNERS b/OWNERS
new file mode 100644
index 00000000000..e9dcaed4090
--- /dev/null
+++ b/OWNERS
@@ -0,0 +1,12 @@
+approvers:
+- dhaiducek
+- gparvin
+- JustinKuli
+- mprahl
+- yiraeChristineKim
+reviewers:
+- dhaiducek
+- gparvin
+- JustinKuli
+- mprahl
+- yiraeChristineKim
diff --git a/Tiltfile b/Tiltfile
index 00ecc8ca54c..df9cedb55ea 100644
--- a/Tiltfile
+++ b/Tiltfile
@@ -34,7 +34,7 @@ COPY bin/manager .
 def build_manager():
     cmd = [
         "make tilt-prepare",
-        "GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -mod vendor -a -o .tiltbuild/bin/manager",
+        "GO111MODULE=on CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build -mod vendor -a -o .tiltbuild/bin/manager",
     ]
     local_resource(
         "manager",
diff --git a/gator.Dockerfile b/gator.Dockerfile
index 0fba2c5aa64..d538d5c0435 100644
--- a/gator.Dockerfile
+++ b/gator.Dockerfile
@@ -13,7 +13,7 @@ ARG TARGETVARIANT=""
 ARG LDFLAGS
 
 ENV GO111MODULE=on \
-    CGO_ENABLED=0 \
+    CGO_ENABLED=1 \
     GOOS=${TARGETOS} \
     GOARCH=${TARGETARCH} \
     GOARM=${TARGETVARIANT}
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 00000000000..ef2474c3e29
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,13 @@
+sonar.projectKey=open-cluster-management_gatekeeper
+sonar.projectName=gatekeeper
+sonar.organization=open-cluster-management
+sonar.sources=.
+sonar.exclusions=**/*_test.go,**/*_generated*.go,**/*_generated/**,**/vendor/**,/test/**,/build/**,/vbh/**,/version/**
+sonar.tests=.
+sonar.test.inclusions=**/*_test.go
+sonar.test.exclusions=**/*_generated*.go,**/*_generated/**,**/vendor/**,**/test/e2e/**
+sonar.go.tests.reportPaths=report.json,report_e2e.json,report_unit.json
+sonar.go.coverage.reportPaths=coverage.out,coverage_e2e.out,coverage_unit.out
+sonar.externalIssuesReportPaths=gosec.json
+sonar.qualitygate.wait=true
+sonar.qualitygate.timeout=450