feat(project): initial project generation

Author: ZenableAutomation

.cursor/rules/project.mdc

@@ -0,0 +1,39 @@
+type: always
+
+---
+
+# todo-app Project Rules
+
+You are working on todo-app, a Python application built with modern best practices.
+
+## Project Info
+- Description: An application for managing TODOs
+- Company: Labworks
+- Python 3.13+
+- Package manager: uv (NOT pip/poetry)
+
+## Tech Stack
+- Testing: pytest (>80% coverage)
+- Linting: ruff, pyright, refurb
+- Security: grype, syft
+- Docker: Multi-platform builds
+- CI/CD: GitHub Actions
+
+## Code Requirements
+- Max line: 120 chars
+- Type hints required
+- Google-style docstrings
+- pathlib only (no os.path)
+- logging only (no print)
+- Specific exceptions
+
+## Key Commands
+```bash
+task init          # Setup
+task build test    # Before commits
+task docker-build  # Build container
+task release       # Release
+```
+
+## Important
+Look for `NotImplementedError` markers - implement these with business logic.

.cursor/rules/testing.mdc

@@ -0,0 +1,38 @@
+type: auto-attached
+pattern: "**/*test*.py"
+
+---
+
+# Testing Guidelines
+
+## Test Structure
+- Unit tests in `tests/unit/`
+- Integration tests in `tests/integration/`
+- Use pytest fixtures for setup
+- Mark tests: `@pytest.mark.unit` or `@pytest.mark.integration`
+
+## Coverage Requirements
+- Minimum 80% coverage
+- Run with: `task test`
+- View report: `open htmlcov/index.html`
+
+## Test Patterns
+```python
+import pytest
+from todo_app.module import function
+
+def test_function_success():
+    """Test successful case."""
+    result = function(valid_input)
+    assert result == expected
+
+def test_function_error():
+    """Test error handling."""
+    with pytest.raises(SpecificError):
+        function(invalid_input)
+
+@pytest.fixture
+def sample_data():
+    """Provide test data."""
+    return {"key": "value"}
+```

.dockerignore

@@ -0,0 +1,7 @@
+# Ignore everything
+**
+
+# Except the bare minimum
+!pyproject.toml
+!uv.lock
+!src/**

.gitattributes

@@ -0,0 +1,9 @@
+# Enforce LF line endings for files that must not have CRLF.
+# Without this, Windows `git checkout` converts to CRLF, which breaks bash
+# scripts with errors like: ': invalid option namesh: line 2: set: pipefail'
+*.sh         text eol=lf
+Dockerfile   text eol=lf
+Dockerfile.* text eol=lf
+Makefile     text eol=lf
+*.yml        text eol=lf
+*.yaml       text eol=lf

.github/.grant.yml

@@ -0,0 +1,13 @@
+rules:
+  - pattern: "*"
+    name: "Block AGPL licenses"
+    mode: "block"
+    reason: "AGPL licenses are not allowed in this project"
+    licenses:
+      - "agpl"
+      - "agpl-1.0"
+      - "agpl-1.0-only"
+      - "agpl-1.0-or-later"
+      - "agpl-3.0"
+      - "agpl-3.0-only"
+      - "agpl-3.0-or-later"

.github/CODEOWNERS

@@ -0,0 +1,9 @@
+# Repository owner
+* @jonzeolla
+
+# GitHub automation oversight
+.github/** @jonzeolla
+
+# Sensitive files
+LICENSE @jonzeolla
+SECURITY.md @jonzeolla

.github/ISSUE_TEMPLATE.md

@@ -0,0 +1,9 @@
+# Summary of the issue
+
+## Expected behavior
+
+## Steps to reproduce
+
+## Your environment
+
+## Logs and error messages

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,11 @@
+# Contributor Comments
+
+## Pull Request Checklist
+
+Thank you for submitting a contribution to todo-app!
+
+Please address the following items:
+
+- [ ] If you are adding a dependency, please explain how it was chosen.
+- [ ] If manual testing is needed in order to validate the changes, provide a testing plan and the expected results.
+- [ ] Validate that documentation is accurate and aligned to any project updates or additions.

.github/actions/bootstrap/action.yml

@@ -0,0 +1,85 @@
+---
+name: 'Bootstrap the repository'
+description: 'Sets up uv, adds Homebrew to PATH, installs Task, and initializes the repository'
+inputs:
+  token:
+    description: 'A Github token'
+    required: true
+  python-version:
+    description: 'Python version to use'
+    required: false
+    default: '3.13'
+  working-directory:
+    description: 'The working directory'
+    required: false
+    default: '.'
+runs:
+  using: 'composite'
+  steps:
+    - name: Create run_script for running scripts downstream
+      shell: 'bash --noprofile --norc -Eeuo pipefail {0}'
+      working-directory: ${{ inputs.working-directory }}
+      run: |
+        run_script="uv run --frozen"
+        echo "run_script=${run_script}" | tee -a "${GITHUB_ENV}"
+
+    - name: Setup uv
+      uses: astral-sh/setup-uv@v7
+      with:
+        enable-cache: true
+        cache-dependency-glob: "**/uv.lock"
+        python-version: ${{ inputs.python-version }}
+
+    - name: Install Task
+      uses: go-task/setup-task@v2
+      with:
+        # Passing a repo token reduces the likelihood of API rate limit exceeded
+        repo-token: ${{ inputs.token }}
+
+    - name: Add Homebrew to the path
+      shell: 'bash --noprofile --norc -Eeuo pipefail {0}'
+      # This ensures compatibility with macOS runners and Linux runners with Homebrew
+      run: |
+        # Check if we're on macOS
+        if [[ "$RUNNER_OS" == "macOS" ]]; then
+          # macOS homebrew locations
+          if [[ -d "/opt/homebrew/bin" ]]; then
+            PATH="${PATH}:/opt/homebrew/bin"
+          elif [[ -d "/usr/local/bin" ]]; then
+            PATH="${PATH}:/usr/local/bin"
+          fi
+        else
+          # Linux homebrew location
+          if [[ -d "/home/linuxbrew/.linuxbrew/bin" ]]; then
+            PATH="${PATH}:/home/linuxbrew/.linuxbrew/bin"
+          fi
+        fi
+
+        export PATH
+        echo "PATH=${PATH}" | tee -a "${GITHUB_ENV}"
+
+        # Smoke test - don't fail if brew isn't available
+        if command -v brew &> /dev/null; then
+          echo "Homebrew found at: $(which brew)"
+          brew --version
+        else
+          echo "Homebrew not found, continuing without it"
+        fi
+      working-directory: ${{ inputs.working-directory }}
+
+    - name: Set Python hash for caching
+      shell: 'bash --noprofile --norc -Eeuo pipefail {0}'
+      run: |
+        # Create a hash of the Python version for better cache keys
+        echo "PY=$(python -VV | sha256sum | cut -d' ' -f1)" | tee -a "${GITHUB_ENV}"
+
+    - name: Cache pre-commit environments
+      uses: actions/cache@v5
+      with:
+        path: ~/.cache/pre-commit
+        key: pre-commit|${{ env.PY }}|${{ hashFiles(format('{0}/.pre-commit-config.yaml', inputs.working-directory)) }}
+
+    - name: Initialize the repository
+      working-directory: ${{ inputs.working-directory }}
+      shell: 'bash --noprofile --norc -Eeuo pipefail {0}'
+      run: task -v init

.github/copilot-instructions.md

@@ -0,0 +1,113 @@
+# GitHub Copilot Instructions for todo-app
+
+You are working on a Python project that was generated from the AI-Native Python template. This project follows modern Python development best practices.
+
+## Context
+
+- **Project**: todo-app
+- **Description**: An application for managing TODOs
+- **Company**: Labworks
+- **Python Version**: 3.13+
+- **Package Manager**: uv and uvx (not pip, poetry, or pipx)
+
+## Code Conventions
+
+1. **Imports**: Use absolute imports only
+2. **Type Hints**: Always include type hints for function parameters and return values
+3. **Docstrings**: Use Google-style docstrings for all public functions and classes
+4. **Error Handling**: Raise specific exceptions with descriptive messages
+5. **Path Handling**: Use pathlib.Path instead of os.path
+6. **Logging**: Use the logging module, never print()
+
+## Project Structure
+
+```
+todo_app/    # Main package directory
+tests/                              # Test files
+docker/                             # Docker configuration
+docs/                               # Documentation
+.github/workflows/                  # CI/CD pipelines
+```
+
+## Testing Requirements
+
+- Write pytest tests for all new functionality
+- Use fixtures for test data setup
+- Maintain >80% code coverage
+- Mark tests appropriately: @pytest.mark.unit or @pytest.mark.integration
+- Run all tests with: `task test` or just unit tests with `task unit-test` and just integration tests with `task integration-test`
+
+## Development Workflow
+
+1. Create feature branches for all changes
+2. Write tests before implementing features
+3. Run `task build test` before committing
+4. Use conventional commits (feat:, fix:, docs:, etc.)
+5. Open pull requests for code review
+
+## Task Automation
+
+Common tasks are automated via Taskfile:
+
+- `task init`: Initialize development environment
+- `task build`: Build the project
+- `task test`: Run all tests
+- `task lint`: Run code quality checks
+- `task docker-build`: Build Docker image
+- `task docker-run`: Run Docker container
+- `task release`: Create a new release
+
+## Security Considerations
+
+- Never hardcode secrets or credentials
+- Use environment variables for sensitive data
+- Follow OWASP secure coding practices
+- Run security scans with grype before releases
+- Keep dependencies up to date
+
+## When Suggesting Code
+
+1. Check existing patterns in the codebase first
+2. Look for NotImplementedError placeholders to implement
+3. Ensure compatibility with uv package manager
+4. Follow the established project structure
+5. Include appropriate error handling
+6. Add tests for new functionality
+7. Update documentation as needed
+
+## Common Patterns
+
+```python
+# Path handling
+from pathlib import Path
+project_root = Path(__file__).parent.parent
+
+# Logging setup
+import logging
+logger = logging.getLogger(__name__)
+
+# Type hints
+from typing import Optional, List, Dict, Any
+def process_data(items: List[Dict[str, Any]]) -> Optional[str]:
+    """Process a list of data items.
+
+    Args:
+        items: List of dictionaries containing data.
+
+    Returns:
+        Processed result or None if no data.
+    """
+    ...
+
+# Error handling
+class TodoAppError(Exception):
+    """Base exception for todo-app."""
+    pass
+```
+
+## Dependencies
+
+- Only add dependencies that are absolutely necessary
+- Pin versions in pyproject.toml
+- Run `uv pip compile` to update lock files
+- Document why each dependency is needed