diff --git a/.github/codeql/codeql-config.yaml b/.github/codeql/codeql-config.yaml new file mode 100644 index 0000000..02a3a4b --- /dev/null +++ b/.github/codeql/codeql-config.yaml @@ -0,0 +1,2 @@ +paths-ignore: + - '**/*.md' diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml index 678a720..897735e 100644 --- a/.github/workflows/codeql-analysis.yaml +++ b/.github/workflows/codeql-analysis.yaml @@ -33,6 +33,7 @@ jobs: uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} + config-file: ./.github/codeql/codeql-config.yaml - name: Autobuild CodeQL uses: github/codeql-action/autobuild@v3 diff --git a/README.md b/README.md index 9bc61a5..876c2c4 100644 --- a/README.md +++ b/README.md @@ -7,34 +7,44 @@ [![Mypy](https://img.shields.io/badge/type%20checked-mypy-039dfc)](https://github.com/python/mypy) [![Pytest](https://img.shields.io/static/v1?label=‎&message=Pytest&logo=Pytest&color=b647c4&logoColor=white)](https://docs.pytest.org) [![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white)](https://github.com/pre-commit/pre-commit) -[![Integration Test](https://github.com/h-holm/python-project/workflows/Integration%20Test/badge.svg?branch=BRANCH-NAME)](https://github.com/h-holm/python-project/actions) +[![Integration Test](https://github.com/h-holm/python-project/workflows/Integration%20Test/badge.svg?branch=main)](https://github.com/h-holm/python-project/actions/workflows/integration-test.yaml?branch=main) [![CodeQL](https://github.com/h-holm/python-project/workflows/CodeQL%20Analysis/badge.svg)](https://github.com/h-holm/python-project/actions/workflows/codeql-analysis.yaml) [![pre-commit.ci status](https://results.pre-commit.ci/badge/github/h-holm/python-project/main.svg)](https://results.pre-commit.ci/latest/github/h-holm/python-project/main) -A template repo for a containerized Python application. +A template repo that enables quickly setting up an end-to-end CI/CD pipeline that tests and deploys a containerized +Python application. The placeholder Python logic computes a Fibonacci number. ## Features ✅ * Seamless environment management via [Hatch](https://hatch.pypa.io/latest) * Lightning-fast dependency resolution via [uv](https://github.com/astral-sh/uv) -* Primary dependencies and tooling configuration in the [PEP](https://peps.python.org/pep-0621)-recommended [pyproject.toml](./pyproject.toml) file -* (Sub-)dependency locking in `requirements.txt` files via [hatch-pip-compile](https://github.com/juftin/hatch-pip-compile) +* Primary dependencies and tooling configuration in the [PEP](https://peps.python.org/pep-0621)-recommended +[pyproject.toml](./pyproject.toml) file +* (Sub-)dependency locking in `requirements.txt` files via +[hatch-pip-compile](https://github.com/juftin/hatch-pip-compile) * Linting and formatting using [ruff](https://github.com/astral-sh/ruff) * Static type checking using [mypy](https://github.com/python/mypy) -* [pytest](https://docs.pytest.org) for unit tests with [coverage](https://coverage.readthedocs.io/en/7.6.7)-based reporting -* [./src layout](https://packaging.python.org/en/latest/discussions/src-layout-vs-flat-layout) to separate application logic from tests and project metadata +* [pytest](https://docs.pytest.org) for unit tests with [coverage](https://coverage.readthedocs.io/en/7.6.7)-based +reporting +* [./src layout](https://packaging.python.org/en/latest/discussions/src-layout-vs-flat-layout) to separate application +logic from tests and project metadata * Sane logging configured in a single [logging.conf](./src/python_project/logging.conf) file +* Placeholder Python logic that is easily replaceable with whatever one's use case requires * Optional quality-of-life add-ons: - * [pre-commit](https://github.com/pre-commit/pre-commit) hooks installable via the `hooks` script of the `lint` Hatch environment + * [pre-commit](https://github.com/pre-commit/pre-commit) hooks installable via the `hooks` script of the `lint` Hatch + environment * (further) enforcing of uniform formatting via an [.editorconfig](./.editorconfig) - * recommended [VS Code](https://code.visualstudio.com) settings and extensions through a [.vscode](./.vscode) subdirectory + * recommended [VS Code](https://code.visualstudio.com) settings and extensions through a [.vscode](./.vscode) + subdirectory * a [Dev Container](https://code.visualstudio.com/docs/devcontainers/containers)-based development environment The repository contains an example [GitHub Actions](./.github/workflows/) CI pipeline that: -* runs [ruff](https://github.com/astral-sh/ruff)-based linting and formatting, [mypy](https://github.com/python/mypy)-based static type checking, and [pytest](https://docs.pytest.org)-based unit testing; +* runs [ruff](https://github.com/astral-sh/ruff)-based linting and formatting, [mypy](https://github.com/python/mypy)- +based static type checking, and [pytest](https://docs.pytest.org)-based unit testing; * performs a [CodeQL](https://codeql.github.com) vulnerability scan; -* builds and pushes a well-labeled container image to a [Google Cloud Artifact Registry](https://cloud.google.com/artifact-registry/docs); +* builds and pushes a well-labeled container image to a +[Google Cloud Artifact Registry](https://cloud.google.com/artifact-registry/docs); * executes a simple integration test on [Google Cloud Run](https://cloud.google.com/run?hl=en). ## Requirements @@ -45,7 +55,8 @@ Ensure [Hatch](https://hatch.pypa.io/latest) is [installed](https://hatch.pypa.i ### Running the Code -Run the [main.py](./src/python_project/main.py) entrypoint with the `--help` flag for an explanation to the application logic: +Run the [main.py](./src/python_project/main.py) entrypoint with the `--help` flag for an explanation to the application +logic: ```shell hatch run python src/python_project/main.py --help # Uses the "default" Hatch environment. @@ -54,7 +65,8 @@ hatch run default:python src/python_project/main.py --help # Equivalent to not ### Unit Tests -Run the `test` script of the "test" Hatch environment to execute the [`pytest`](https://docs.pytest.org/en/stable)-backed unit tests and generate a [coverage](https://coverage.readthedocs.io/en/7.6.7) report: +Run the `test` script of the "test" Hatch environment to execute the [`pytest`](https://docs.pytest.org/en/stable)- +backed unit tests and generate a [coverage](https://coverage.readthedocs.io/en/7.6.7) report: ```shell hatch run test:test @@ -62,7 +74,9 @@ hatch run test:test ### Formatting, Linting and Type Checking -Run the `lint` script of the "lint" Hatch environment to perform (1) formatting and linting using [`ruff`](https://github.com/astral-sh/ruff) and (2) static type checking using [`mypy`](https://github.com/python/mypy). +Run the `lint` script of the "lint" Hatch environment to perform (1) formatting and linting using +[`ruff`](https://github.com/astral-sh/ruff) and (2) static type checking using +[`mypy`](https://github.com/python/mypy). ```shell hatch run lint:lint @@ -76,7 +90,8 @@ Run `hatch version` followed by the [SemVer](https://semver.org) component to bu hatch version patch # Or `hatch version minor` or `hatch version major`. ``` -Commit the updated [\_\_version\_\_.py](./src/python_project/__version__.py) script to version control before creating a `git` tag. Ensure the tag has the same name as the (now bumped) version: +Commit the updated [\_\_version\_\_.py](./src/python_project/__version__.py) script to version control before creating +a `git` tag. Ensure the tag has the same name as the (now bumped) version: ```shell git tag -a $(hatch version) -m 'Descriptive tag message'