diff --git a/.github/issue_template.md b/.github/issue_template.md
new file mode 100644
index 0000000..0b6f432
--- /dev/null
+++ b/.github/issue_template.md
@@ -0,0 +1,21 @@
+<!--
+    General guidance when creating issues:
+
+    1. Please try to remember to close the issue when you have
+       got an answer to your question.
+
+    2. It never hurts to state which commit or release tag you are using in case
+       the question is about build issues.
+
+    3. Try to use GitHub markdown formatting to make your issue more readable:
+         https://help.github.com/en/github/writing-on-github/basic-writing-and-formatting-syntax#quoting-code
+
+    4. Try to search for the issue before posting the question:
+         -> Issues tab -> Filters
+
+    5. Check the FAQ before posting a question:
+         https://optee.readthedocs.io/en/latest/faq/faq.html
+
+    NOTE: This comment will not be shown in the issue, so no harm keeping it,
+    but feel free to remove it if you like.
+-->
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
new file mode 100644
index 0000000..03cb067
--- /dev/null
+++ b/.github/pull_request_template.md
@@ -0,0 +1,19 @@
+<!--
+    If you are new to submitting pull requests to OP-TEE, then please have a
+    look at the list below and tick them off before submitting the pull request.
+
+    1. Read our contribution guidelines:
+         https://optee.readthedocs.io/en/latest/general/contribute.html
+
+    2. Read the contribution section in Notice.md and pay extra attention to the
+       "Developer Certificate of Origin" in the contribution guidelines.
+
+    3. You should run checkpatch preferably before submitting the pull request.
+
+    4. When everything has been reviewed, you will need to squash, rebase and
+       add tags like `Reviewed-by`, `Acked-by`, `Tested-by` etc. More details
+       about this can also be found on the link provided above.
+
+    NOTE: This comment will not be shown in the pull request, so no harm keeping
+    it, but feel free to remove it if you like.
+-->
diff --git a/.github/workflows/ci-cancel.yml b/.github/workflows/ci-cancel.yml
new file mode 100644
index 0000000..19119f5
--- /dev/null
+++ b/.github/workflows/ci-cancel.yml
@@ -0,0 +1,22 @@
+# Cancel previous CI workflows that are still running when a new one is
+# requested with the same ID. Happens when a branch is pushed to,
+# including when a PR is updated. It would be wasteful to leave CI
+# running on obsolete content.
+# See https://github.com/marketplace/actions/cancel-workflow-action#advanced-pull-requests-from-forks
+name: Cancel obsolete CI
+on:
+  workflow_run:
+    workflows: [CI]
+    types: [requested]
+    branches-ignore: [master]
+permissions: {}
+jobs:
+  cancel:
+    permissions:
+      actions: write # to cancel/stop running workflows (styfle/cancel-workflow-action)
+    name: Cancel obsolete CI workflows
+    runs-on: ubuntu-latest
+    steps:
+    - uses: styfle/cancel-workflow-action@0.10.0
+      with:
+        workflow_id: ${{ github.event.workflow.id }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..a381627
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,40 @@
+name: CI
+on: [push, pull_request]
+permissions:
+  contents: read # to fetch code (actions/checkout)
+jobs:
+  QEMUv8_check1:
+    name: make check (QEMUv8)
+    runs-on: ubuntu-latest
+    container: jforissier/optee_os_ci:qemu_check
+    steps:
+      - name: Remove /__t/*
+        run: rm -rf /__t/*
+      - name: Restore build cache
+        uses: actions/cache@v4
+        with:
+          path: /github/home/.cache/ccache
+          key: qemuv8_check-cache-${{ github.sha }}
+          restore-keys: |
+            qemuv8_check-cache-
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Update Git config
+        run: git config --global --add safe.directory ${GITHUB_WORKSPACE}
+      - shell: bash
+        run: |
+          # make check task
+          set -e -v
+          export LC_ALL=C
+          export BR2_CCACHE_DIR=/github/home/.cache/ccache
+          export FORCE_UNSAFE_CONFIGURE=1 # Prevent Buildroot error when building as root
+          export CFG_TEE_CORE_LOG_LEVEL=0
+          OPTEE_FTPM_TO_TEST=$(pwd)
+          cd ..
+          TOP=$(pwd)/optee_repo_qemu_v8
+          /root/get_optee.sh qemu_v8 ${TOP}
+          mv ${TOP}/optee_ftpm ${TOP}/optee_ftpm_old
+          ln -s ${OPTEE_FTPM_TO_TEST} ${TOP}/optee_ftpm
+          cd ${TOP}/build
+
+          make -j$(nproc) check MEASURED_BOOT_FTPM=y CHECK_TEST=xtest XTEST_ARGS=regression_1041
diff --git a/.github/workflows/stales.yml b/.github/workflows/stales.yml
new file mode 100644
index 0000000..e0d47f3
--- /dev/null
+++ b/.github/workflows/stales.yml
@@ -0,0 +1,27 @@
+name: 'Close stale issues and pull requests with no recent activity'
+on:
+  schedule:
+  - cron: "15 00 * * *"
+
+permissions:
+  issues: write
+  pull-requests: write
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/stale@v4.1.0
+      with:
+        repo-token: ${{ secrets.GITHUB_TOKEN }}
+        stale-issue-message: 'This issue has been marked as a stale issue because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this issue will automatically be closed in 5 days. Note, that you can always re-open a closed issue at any time.'
+        stale-pr-message: 'This pull request has been marked as a stale pull request because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this pull request will automatically be closed in 5 days. Note, that you can always re-open a closed issue at any time.'
+        stale-issue-label: Stale
+        stale-pr-label: Stale
+        exempt-issue-labels: bug,enhancement
+        exempt-pr-labels: bug,enhancement
+        days-before-stale: 30
+        days-before-close: 5
+        remove-stale-when-updated: true
+        remove-issue-stale-when-updated: true
+        remove-pr-stale-when-updated: true