fix: correct include path and BUILD dep for config_daemon

.bazelrc

@@ -2,9 +2,15 @@ build --java_language_version=17
 build --tool_java_language_version=17
 build --java_runtime_version=remotejdk_17
 build --tool_java_runtime_version=remotejdk_17
-build --@score_baselibs//score/json:base_library=nlohmann
 
 test --test_output=errors
 
+common --@score_baselibs//score/json:base_library=nlohmann
+common --//score/config_management/config_daemon/code:score_variant=True
 common --registry=https://raw.githubusercontent.com/eclipse-score/bazel_registry/main/
 common --registry=https://bcr.bazel.build
+
+# Host GCC toolchain — used by CI (tests.yml, static-analysis.yml)
+# gcc_toolchain module extension generates @gcc_toolchain_x86_64//:cc_toolchain
+build:host_gcc --extra_toolchains=@gcc_toolchain_x86_64//:cc_toolchain
+build:host_gcc --host_platform=@score_bazel_platforms//:x86_64-linux

.github/CODEOWNERS

@@ -1,15 +1,8 @@
-# Comment out as not in score yet
-# *                                  @eclipse-score/infrastructure-tooling-community
-# .*                                 @eclipse-score/infrastructure-tooling-community
-# .github/CODEOWNERS                 @eclipse-score/technical-lead
+# 👋 Code owners help maintain this repository and keep it aligned with our technical vision.
+# You're responsible for reviewing changes, ensuring quality, and guiding contributors.
+# For more information about CODEOWNERS, see:
+# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
 
-# in separate <module_name> repositories:
-#
-# /docs                     @eclipse-score/process-community
-# /docs/manual              @eclipse-score/<module_name>/safety-manager
-# /docs/release             @eclipse-score/<module_name>/quality-manager @eclipse-score/<module_name>/module-lead
-# /docs/safety_plan         @eclipse-score/<module_name>/safety-manager @eclipse-score/<module_name>/module-lead
-# /docs/safety_analysis     @eclipse-score/<module_name>/safety-manager
-# /docs/verification        @eclipse-score/<module_name>/quality-manager @eclipse-score/<module_name>/safety-manager
-# /components               @eclipse-score/<module_name>/technical-lead
-# /components/*/            @eclipse-score/<module_name>/automotive-score-committers
+# As we cannot use groups yet, we list all members explicitly.
+# Default owners for everything in the repository
+* @antonkri @castler @LittleHuba @ramceb @luizcordeiro @michaelsaborov

.github/workflows/bzlmod-lock-check.yml

@@ -0,0 +1,29 @@
+# *******************************************************************************
+# Copyright (c) 2025 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+name: Bzlmod Lockfile Check
+
+on:
+  pull_request:
+    types: [opened, reopened, synchronize]
+  push:
+    branches:
+      - main
+  merge_group:
+    types: [checks_requested]
+
+jobs:
+  bzlmod-lock:
+    uses: eclipse-score/cicd-workflows/.github/workflows/bzlmod-lock-check.yml@main
+    with:
+      working-directory: .

.github/workflows/deps-whitelist-check.yml

@@ -0,0 +1,75 @@
+# *******************************************************************************
+# Copyright (c) 2025 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+# Builds the CfgD & CfgP targets listed in the acceptlist
+# (score/config_management/deps_whitelist.json) and fails if any previously
+# known-good target no longer builds — detecting regressions in the CI setup.
+
+name: Build Acceptlist Check
+
+on:
+  pull_request:
+    types: [opened, reopened, synchronize]
+    paths:
+      - "score/**"
+      - "MODULE.bazel"
+      - "score/config_management/deps_whitelist.json"
+      - ".github/workflows/deps-whitelist-check.yml"
+  push:
+    branches:
+      - main
+    paths:
+      - "score/**"
+      - "MODULE.bazel"
+      - "score/config_management/deps_whitelist.json"
+  merge_group:
+    types: [checks_requested]
+
+jobs:
+  build-acceptlist-check:
+    name: Build whitelisted CfgD & CfgP targets
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Build all acceptlisted targets
+        run: |
+          python3 - <<'EOF'
+          import json, subprocess, sys
+
+          ACCEPTLIST = "score/config_management/deps_whitelist.json"
+
+          with open(ACCEPTLIST) as f:
+              targets = json.load(f)["buildable_targets"]
+
+          failures = []
+          for target in targets:
+              result = subprocess.run(
+                  ["bazel", "build", target],
+                  capture_output=True, text=True
+              )
+              if result.returncode == 0:
+                  print(f"  OK    {target}")
+              else:
+                  failures.append(target)
+                  print(f"  FAIL  {target}")
+
+          print(f"\n{len(targets) - len(failures)}/{len(targets)} targets built successfully.")
+
+          if failures:
+              print("\nRegression detected — the following targets no longer build:")
+              for t in failures:
+                  print(f"  {t}")
+              sys.exit(1)
+          EOF

.github/workflows/gitlint.yml

@@ -18,7 +18,7 @@ on:
 jobs:
   lint-commits:
     name: check-commit-messages
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - name: Checkout code
         uses: actions/checkout@v3

.github/workflows/score-pr-checks.yml

@@ -0,0 +1,43 @@
+# *******************************************************************************
+# Copyright (c) 2025 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+name: SCORE PR Checks
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  bazel-module-name-check:
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Check MODULE.bazel and validate module name
+        run: |
+          if [ ! -f "MODULE.bazel" ]; then
+            echo "ℹ️  MODULE.bazel file not found - skipping"
+            exit 0
+          fi
+          echo "✅ MODULE.bazel file found"
+          # Extract name= value robustly across single-line and multi-line module()
+          MODULE_NAME=$(grep -oP '(?<=name\s=\s")[^"]+' MODULE.bazel | head -1)
+          echo "Found module name: $MODULE_NAME"
+          if [[ ! "$MODULE_NAME" =~ ^score_[[:lower:]_]+$ ]]; then
+            echo "❌ Invalid module name: $MODULE_NAME"
+            echo "Module name must match the pattern: ^score_[[:lower:]_]+$"
+            exit 1
+          fi
+          echo "✅ Module name is valid: $MODULE_NAME"

.github/workflows/static-analysis.yml

@@ -0,0 +1,61 @@
+# *******************************************************************************
+# Copyright (c) 2025 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+name: Static Analysis
+
+on:
+  pull_request:
+    types: [opened, reopened, synchronize]
+  push:
+    branches:
+      - main
+  merge_group:
+    types: [checks_requested]
+
+jobs:
+  static-analysis:
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Run clang-tidy on all targets from deps_whitelist.json
+        run: |
+          python3 - <<'PYEOF'
+          import json, subprocess, sys
+
+          ACCEPTLIST = "score/config_management/deps_whitelist.json"
+
+          with open(ACCEPTLIST) as f:
+              targets = json.load(f)["clang_tidy_targets"]
+
+          failures = []
+          for target in targets:
+              result = subprocess.run(
+                  ["bazel", "build", target, "--config=host_gcc"],
+                  capture_output=True, text=True
+              )
+              if result.returncode == 0:
+                  print(f"  OK    {target}")
+              else:
+                  failures.append(target)
+                  print(f"  FAIL  {target}")
+                  print(result.stderr[-2000:])
+
+          print(f"\n{len(targets) - len(failures)}/{len(targets)} clang-tidy targets passed.")
+
+          if failures:
+              print("\nStatic analysis failed for the following targets:")
+              for t in failures:
+                  print(f"  {t}")
+              sys.exit(1)
+          PYEOF

.github/workflows/tests.yml

@@ -0,0 +1,60 @@
+# *******************************************************************************
+# Copyright (c) 2025 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+name: Tests CI
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+  merge_group:
+    types: [checks_requested]
+
+jobs:
+  tests:
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Run tests from deps_whitelist.json
+        run: |
+          python3 - <<'PYEOF'
+          import json, subprocess, sys
+
+          ACCEPTLIST = "score/config_management/deps_whitelist.json"
+
+          with open(ACCEPTLIST) as f:
+              targets = json.load(f)["test_targets"]
+
+          failures = []
+          for target in targets:
+              result = subprocess.run(
+                  ["bazel", "test", target, "--config=host_gcc"],
+                  capture_output=True, text=True
+              )
+              if result.returncode == 0:
+                  print(f"  PASS  {target}")
+              else:
+                  failures.append(target)
+                  print(f"  FAIL  {target}")
+                  print(result.stderr[-2000:])
+
+          print(f"\n{len(targets) - len(failures)}/{len(targets)} tests passed.")
+
+          if failures:
+              print("\nTests failed for the following targets:")
+              for t in failures:
+                  print(f"  {t}")
+              sys.exit(1)
+          PYEOF

.gitignore

@@ -34,7 +34,6 @@
 
 # Bazel
 bazel-*
-MODULE.bazel.lock
 user.bazelrc
 
 # Ruff