Initial template

.github/actions/deps/action.yml

@@ -0,0 +1,61 @@
+name: Dependency Setup
+description: 'Action to setup the runtime environment for CI jobs.'
+
+inputs:
+  python-version:
+    description: 'The Python version to be used during setup'
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    - name: Setup Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: '${{ inputs.python-version }}'
+
+    - name: Cache Poetry
+      id: cache-poetry
+      uses: actions/cache@v3
+      with:
+        path: ${{github.workspace}}/.poetry
+        key: poetry-self-${{ hashFiles('.github/workflows/*.yml') }}
+        restore-keys: poetry-self-
+
+    - name: Install Poetry
+      if: steps.cache-poetry.outputs.cache-hit != 'true'
+      shell: bash
+      run: |
+        export POETRY_HOME=${{github.workspace}}/.poetry
+        curl -sSL https://install.python-poetry.org | python3 - --preview
+
+    - name: Add Poetry to $PATH
+      shell: bash
+      run: echo "${{github.workspace}}/.poetry/bin" >> $GITHUB_PATH
+
+    - name: Add poethepoet plugin
+      shell: bash
+      run: poetry self add 'poethepoet[poetry_plugin]'
+
+    - name: Poetry Version
+      shell: bash
+      run: poetry --version
+
+    - name: Check pyproject.toml validity
+      shell: bash
+      run: poetry check --no-interaction
+
+    - name: Cache Dependencies
+      id: cache-deps
+      uses: actions/cache@v3
+      with:
+        path: ${{github.workspace}}/.venv
+        key: poetry-deps-${{ hashFiles('**/poetry.lock') }}
+        restore-keys: poetry-deps-
+
+    - name: Install Deps
+      if: steps.cache-deps.cache-hit != 'true'
+      shell: bash
+      run: |
+        poetry config virtualenvs.in-project true
+        poetry install --no-interaction

.github/workflows/publish.yaml

@@ -0,0 +1,51 @@
+name: 'Publish Release'
+
+on:
+  push:
+    tags:
+      - '*'
+
+jobs:
+  publish:
+    name: Publish Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Setup Dependencies
+        uses: './.github/actions/deps'
+        with:
+          python-version: '3.11'
+
+      - name: Run Safety Check
+        run: poetry poe safety
+
+      - name: Get Python Module Version
+        run: |
+          MODULE_VERSION=$(poetry version --short)
+          echo "MODULE_VERSION=$MODULE_VERSION" >> $GITHUB_ENV
+
+      - name: Verify Versions Match
+        run: |
+          TAG_VERSION=$(git describe HEAD --tags --abbrev=0)
+          echo "Git Tag Version: $TAG_VERSION"
+          echo "Python Module Version: $MODULE_VERSION"
+          if [[ "$TAG_VERSION" != "$MODULE_VERSION" ]]; then exit 1; fi
+
+      - name: Publish to PyPi
+        run: poetry publish --build
+        env:
+          POETRY_PYPI_TOKEN_PYPI: ${{ secrets.POETRY_PYPI_TOKEN_PYPI }}
+
+      - name: Release
+        uses: softprops/action-gh-release@v1
+        with:
+          discussion_category_name: announcements
+          generate_release_notes: true
+          token: ${{ secrets.RELEASE_GITHUB_TOKEN }}
+          files: |
+            dist/app-${{env.MODULE_VERSION}}.tar.gz
+            dist/app-${{env.MODULE_VERSION}}-py3-none-any.whl

.github/workflows/validate.yaml

@@ -0,0 +1,75 @@
+name: 'Validation'
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  lint-style:
+    name: Linting and Styling
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Setup Dependencies
+        uses: './.github/actions/deps'
+        with:
+          python-version: '3.11'
+
+      - name: Run Styling Enforcement
+        shell: bash
+        run: poetry poe check
+
+      - name: Run Style Linting Enforcement
+        shell: bash
+        run: poetry poe lint
+
+  unit-tests:
+    name: Run Unit Tests
+    strategy:
+      matrix:
+        version: ['3.8', '3.9', '3.10', '3.11']
+        os: [ubuntu-latest]
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Setup Dependencies
+        uses: './.github/actions/deps'
+        with:
+          python-version: '${{ matrix.version }}'
+
+      - name: Run Tests
+        shell: bash
+        run: poetry poe test
+
+      - name: Codecov
+        uses: codecov/codecov-action@v3
+
+  security:
+    name: Run Security Checks
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Setup Dependencies
+        uses: './.github/actions/deps'
+        with:
+          python-version: '3.11'
+
+      - name: Run Security Checks
+        shell: bash
+        run: poetry poe security

.pre-commit-config.yaml

@@ -0,0 +1,46 @@
+---
+
+fail_fast: false
+minimum_pre_commit_version: "3.0.0"
+
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: f71fa2c1f9cf5cb705f73dffe4b21f7c61470ba9  # frozen: v4.4.0
+    hooks:
+      - id: check-added-large-files
+      - id: check-case-conflict
+      - id: check-merge-conflict
+      - id: check-executables-have-shebangs
+      - id: check-json
+      - id: check-symlinks
+      - id: check-vcs-permalinks
+      - id: check-xml
+      - id: check-yaml
+      - id: mixed-line-ending
+      - id: trailing-whitespace
+
+  - repo: https://github.com/PyCQA/bandit
+    rev: ca4faf2f82a7c68a088100f8ba2b8e56f9bdcfe3  # frozen: 1.7.5
+    hooks:
+      - id: bandit
+        description: 'Bandit is a tool for finding common security issues in Python code'
+        additional_dependencies: [ "bandit[toml]" ]
+        args: ["-c", "pyproject.toml"]
+
+  - repo: https://github.com/psf/black
+    rev: bf7a16254ec96b084a6caf3d435ec18f0f245cc7  # frozen: 23.3.0
+    hooks:
+      - id: black
+        language_version: python3.11
+
+  - repo: https://github.com/pycqa/isort
+    rev: dbf82f2dd09ae41d9355bcd7ab69187a19e6bf2f  # frozen: 5.12.0
+    hooks:
+      - id: isort
+        name: isort
+
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    # Ruff version.
+    rev: 9f69b173ce0f0aee69b40a82938f8385e39a1b26  # frozen: v0.0.276
+    hooks:
+      - id: ruff

app/__init__.py

@@ -0,0 +1,8 @@
+"""Handle initialization routines for the app module.
+
+Attributes:
+    __version__: The version of the this module.
+
+"""
+
+__version__: str = "0.0.0"

app/__main__.py

@@ -0,0 +1,6 @@
+"""Handle the main entry logic."""
+from __future__ import annotations
+
+from .cli import app
+
+app(prog_name="app")

app/cli.py

@@ -0,0 +1,33 @@
+"""Define the CLI related functions and classes."""
+from __future__ import annotations
+
+from typing import Optional
+
+import typer
+from rich.console import Console
+
+from app import __version__
+
+app = typer.Typer(help="This is an app")
+console = Console()
+
+
+def version_callback(value: bool) -> None:
+    """Handle the version callback."""
+    if value:
+        typer.secho(f"app version: {__version__}", fg=typer.colors.BRIGHT_BLUE, bold=True)
+        raise typer.Exit()
+
+
+@app.command()
+def main(
+    version: Optional[bool] = typer.Option(
+        None, "--version", callback=version_callback, is_eager=True, help="Display the current app version"
+    ),
+) -> None:
+    """Handle the main entry logic."""
+    pass
+
+
+if __name__ == "__main__":  # pragma: no cover
+    app(prog_name="app")