Add tf-m-sync-qa-tools

To sync qa-tools from arm GitLab repo to
Gerrit

Signed-off-by: Arthur She <arthur.she@linaro.org>
Change-Id: I6e446b36c05cdbe4cc520b8221477fb6abdc28d8
diff --git a/tf-m-sync-qa-tools.yaml b/tf-m-sync-qa-tools.yaml
new file mode 100644
index 0000000..1a57f07
--- /dev/null
+++ b/tf-m-sync-qa-tools.yaml
@@ -0,0 +1,58 @@
+- job:
+    name: tf-m-sync-qa-tools
+    node: docker-amd64-tf-a-jammy
+    project-type: freestyle
+    concurrent: false
+    description: Sync qa-tools from arm Gitlab to TF Gerrit
+    disabled: false
+    parameters:
+      - string:
+          name: GITLAB_REPO
+          default: 'https://gitlab.arm.com/tooling/qa-tools.git'
+          description: "Source repository, default is qa-tools arm gitlab repo"
+      - string:
+          name: SYNC_BRANCH
+          default: 'master'
+          description: "The branch to sync"
+      - string:
+          name: GERRIT_PROJECT
+          default: 'https://review.trustedfirmware.org/ci/qa-tools'
+          description: "Destination repository, default is qa-tools Gerrit project"
+    properties:
+      - build-discarder:
+          num-to-keep: 30
+    publishers:
+      - email:
+          recipients: 'arthur.she@linaro.org'
+    triggers:
+      - timed: '59 23 * * 7'
+    wrappers:
+      - workspace-cleanup
+      - timestamps
+      - credentials-binding:
+        - ssh-user-private-key:
+            credential-id: TFA_CI_BOT_USER_SSH_KEY
+            key-file-variable: CI_BOT_KEY
+            username-variable: CI_BOT_USERNAME
+            passphrase-variable: ''
+
+    builders:
+      - shell: |-
+          #!/bin/bash
+          set -x
+
+          SSH_PARAMS="-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PubkeyAcceptedKeyTypes=+ssh-rsa -p 29418 -i ${CI_BOT_KEY}"
+          host=${GERRIT_PROJECT#*://}
+          GERRIT_HOST=${host%%/*}
+          REPO_PROJECT=${host#*/}
+          REPO_SSH_URL="ssh://${CI_BOT_USERNAME}@${GERRIT_HOST}:29418/${REPO_PROJECT}"
+
+          _workdir=$(mktemp -d)
+          trap '[ -d "${_workdir}" ] && rm -rf "${_workdir}"' EXIT
+
+          git -C "${_workdir}" init > /dev/null 2>&1
+
+          echo "Fetch ${GITLAB_REPO}:${SYNC_BRANCH}"
+          git -C "${_workdir}" fetch ${GITLAB_REPO} ${SYNC_BRANCH}
+          echo "Sync to ${GERRIT_PROJECT}"
+          GIT_SSH_COMMAND="ssh ${SSH_PARAMS}" git -C "${_workdir}" push ${REPO_SSH_URL} FETCH_HEAD:refs/heads/${SYNC_BRANCH}