Initial commit

Author: seumoose

.github/actions/job-setup/action.yml

@@ -0,0 +1,19 @@
+name: Job Setup
+description: Environment setup for jobs.
+
+inputs:
+  install-dependencies:
+    description: Install sub-dependencies
+    default: ""
+runs:
+  using: composite
+  steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.9"
+    - name: Install Dependencies
+      shell: bash
+      run: pip install -e ".[${{ inputs.install-dependencies }}]"

.github/dependabot.yml

@@ -0,0 +1,12 @@
+version: 2
+updates:
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "13:00"
+    target-branch: "main"
+    versioning-strategy: "increase"
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major"]

.github/workflows/format.yml

@@ -0,0 +1,28 @@
+name: Formatting
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  build:
+    name: Code formatting
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Setup
+        uses: ./.github/actions/job-setup
+        with:
+          install-dependencies: format
+      - name: Run import formatter
+        run: isort .
+      - name: Run code formatter
+        run: black .
+      - name: Commit changes
+        uses: stefanzweifel/git-auto-commit-action@v5
+        with:
+          commit_message: Apply formatting.

.github/workflows/lint.yml

@@ -0,0 +1,20 @@
+name: Linting
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  build:
+    name: Code linting
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Setup
+        uses: ./.github/actions/job-setup
+        with:
+          install-dependencies: test
+      - name: Run linter
+        run: pylint example_python_package

.github/workflows/test.yml

@@ -0,0 +1,30 @@
+name: Testing
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  build:
+    name: Code testing
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Setup
+        uses: ./.github/actions/job-setup
+        with:
+          install-dependencies: test
+      - name: Run tests
+        run: pytest
+      - name: Static type checking
+        run: mypy .
+      - name: Coveralls GitHub Action
+        uses: coverallsapp/github-action@v2
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          file: reports/pytest/coverage.xml

.github/workflows/vulnerability-scan.yml

@@ -0,0 +1,20 @@
+name: Vulnerability Scanning
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  build:
+    name: Vulnerability scanning
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Setup
+        uses: ./.github/actions/job-setup
+        with:
+          install-dependencies: test
+      - name: Run static code scanner
+        run: bandit example_python_package -rv

.gitignore

@@ -0,0 +1,45 @@
+# IDE
+## VisualStudioCode IDE
+.vscode/*
+!.vscode/settings.json
+!.vscode/tasks.json
+!.vscode/launch.json
+!.vscode/extensions.json
+!.vscode/*.code-snippets
+
+### Local History for Visual Studio Code
+.history/
+.history
+
+# Python
+## Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+## Distribution / packaging
+build/
+dist/
+*.egg-info/
+.pypirc
+
+## Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+.virtualenv
+.python-version
+
+# Reporting
+## Unit test / coverage reports
+.coverage
+nosetests.xml
+coverage.xml
+.pytest_cache/
+.mypy_cache/
+*.TAG
+# /reports/

.pre-commit-config.yaml

@@ -0,0 +1,51 @@
+default_stages: [commit, push]
+fail_fast: true
+repos:
+  - repo: local
+    hooks:
+      - id: isort
+        name: isort import formatting
+        description: Runs isort import against code.
+        entry: isort
+        language: system
+        types: [python]
+      - id: black
+        name: black code formatting
+        description: Runs black formatting against code.
+        entry: black
+        language: system
+        types: [python]
+      - id: pylint
+        name: pylint code linting
+        description: Runs pylint linting against code.
+        entry: pylint
+        language: system
+        files: ^example_python_package/
+        types: [python]
+      - id: mypy
+        name: mypy type checking
+        description: Runs mypy type checking against code.
+        entry: mypy
+        language: system
+        files: ^example_python_package/
+        types: [python]
+      - id: pytest
+        name: pytest code testing
+        description: Runs pytest testing against code.
+        entry: pytest --cov-fail-under=0
+        language: system
+        types: [python]
+        pass_filenames: false
+      - id: bandit
+        name: bandit security tests
+        description: Runs bandit reporting against code.
+        entry: bandit -rv -f json -o reports/bandit/report.json
+        language: system
+        files: ^example_python_package/
+        types: [python]
+      - id: restricted-file-types
+        name: unexpected file types
+        description: Checks for large file types.
+        entry: These file types are unusual and should be checked
+        language: fail
+        types: [binary]