feat: add support for poetry
New python dependencies are introduced by the memory mapping script.
Rather than add another `requirements.txt` utilise poetry. This is a
proper dependency management framework for Python. The two main upsides
of using poetry instead of the traditional requirements.txt are
maintainability and reproducibility.
Poetry provides a proper lock file for pinning dependencies, similar to
npm for JavaScript. This allows for separate environments (i.e. docs,
tools) to be created efficiently, and in a reproducible manner, wherever
the project is deployed. Having dependencies pinned in this manner is a
boon as a security focused project. An additional upside is that we will
receive security updates for dependencies via GitHub's Dependabot.
Change-Id: I5a3c2003769b878a464c8feac0f789e5ecf8d56c
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
diff --git a/pyproject.toml b/pyproject.toml
new file mode 100644
index 0000000..7d748c5
--- /dev/null
+++ b/pyproject.toml
@@ -0,0 +1,18 @@
+[tool.poetry]
+name = "trusted-firmware-a"
+version = "2.8.0"
+description = "Trusted Firmware-A (TF-A) Python dependencies."
+authors = ["Arm Ltd."]
+license = "BSD-3-Clause"
+readme = "readme.rst"
+
+[tool.poetry.dependencies]
+python = "^3.8"
+
+[tool.poetry.group.doc.dependencies]
+sphinx = "^5.3.0"
+myst-parser = "^0.18.1"
+sphinxcontrib-plantuml = "^0.24.1"
+sphinx-rtd-theme = "^1.1.1"
+pip-tools = "^6.4.0"
+