feat/initial-v initial v (#1)

feat/initial-v initial v

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @opencepk/opencepk-admins

.github/workflows/pre-commit.yml

@@ -0,0 +1,24 @@
+---
+name: pre-commit
+
+on:
+  pull_request:
+  push:
+    branches: [main]
+
+permissions: read-all
+
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+      - name: setup-python
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.11'
+      - name: install-dependencies
+        run: pip install -r pypi_bumpversion_check/requirements.txt
+      - name: pre-commit-run
+        uses: pre-commit/action@v3.0.0

.github/workflows/publish-to-pypi.yml

@@ -0,0 +1,35 @@
+---
+name: Publish Python 🐍 distributions 📦 to PyPI
+
+on:
+  pull_request:
+    branches:
+      - main
+    types: [closed]
+
+jobs:
+  build-n-publish:
+    if: ${{ github.event.pull_request.merged }}
+    name: Build and publish Python 🐍 distributions 📦 to PyPI
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up Python
+        uses: actions/setup-python@v5.1.0
+        with:
+          python-version: 3.11
+
+      - name: Install pip packages
+        run: pip install twine build setuptools
+
+      - name: Build the package
+        run: python -m build
+
+      - name: Publish release distributions to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          skip-existing: true

.github/workflows/tests.yml

@@ -0,0 +1,74 @@
+---
+name: tests
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  # ----------------------
+  # JOB 1: Run unit tests
+  # ----------------------
+  tests-unit:
+    name: tests-unit
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up Python
+        uses: actions/setup-python@v5.1.0
+        with:
+          python-version: 3.11
+
+      - name: Run tests
+        run: python3 -m unittest tests/test_main.py
+  # ----------------------
+  # JOB 2: Run python package end to end test
+  # ----------------------
+  test-package-e2e:
+    name: test-package-e2e
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up Python
+        uses: actions/setup-python@v5.1.0
+        with:
+          python-version: 3.11
+
+      - name: Run test-package-e2e.sh
+        run: |
+          cd tests-package-e2e
+          ./test-package-e2e.sh
+  # ----------------------
+  # JOB 3: Run pre-commit hook test
+  # ----------------------
+  test-pre-commit-hook:
+    name: test-pre-commit-hook
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up Python
+        uses: actions/setup-python@v5.1.0
+        with:
+          python-version: 3.11
+
+      - name: Run test-pre-commit-hook.sh
+        run: |
+          pip install pre-commit
+          cd tests-pre-commit-hook
+          ./test-pre-commit-hook.sh

.gitignore

@@ -1,8 +1,14 @@
 # Byte-compiled / optimized / DLL files
 __pycache__/
+**/__pycache__/
 *.py[cod]
 *$py.class
 
+.DS_Store
+**/.DS_Store
+
+**/precommit-e2e.test
+
 # C extensions
 *.so
 
@@ -85,7 +91,7 @@ ipython_config.py
 # pyenv
 #   For a library or package, you might want to ignore these files since the code is
 #   intended to run in multiple environments; otherwise, check them in:
-# .python-version
+.python-version
 
 # pipenv
 #   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.

.pre-commit-config.yaml

@@ -0,0 +1,92 @@
+---
+# See https://pre-commit.com for more information
+# See https://pre-commit.com/hooks.html for more hooks
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.6.0
+    hooks:
+      - id: check-merge-conflict
+      - id: check-added-large-files
+        args: [--maxkb=500]
+      - id: trailing-whitespace
+      - id: detect-private-key
+      - id: end-of-file-fixer
+      - id: fix-encoding-pragma
+      - id: file-contents-sorter
+      - id: check-case-conflict
+      - id: mixed-line-ending
+        args: [--fix=lf]
+  # -----------------------------
+  # Checkov is a static code analysis tool for scanning infrastructure as code (IaC) files for misconfigurations
+  # that may lead to security or compliance problems.
+  # -----------------------------
+  # Checkov includes more than 750 predefined policies to check for common misconfiguration issues.
+  # Checkov also supports the creation and contribution of custom policies.
+  # https://www.checkov.io/4.Integrations/pre-commit.html
+  # -----------------------------
+  - repo: https://github.com/bridgecrewio/checkov.git
+    rev: 3.2.141
+    hooks:
+      - id: checkov
+  # -----------------------------
+  # Gitleaks SAST tool for detecting and preventing hardcoded secrets like passwords, api keys, and tokens in git repos
+  # -----------------------------
+  # If you are knowingly committing something that is not a secret and gitleaks is catching it,
+  # you can add an inline comment of '# gitleaks:allow' to the end of that line in your file.
+  # This will instructs gitleaks to ignore that secret - example:
+  #   some_non_secret_value = a1b2c3d4e5f6g7h8i9j0 # gitleaks:allow
+  # -----------------------------
+  - repo: https://github.com/gitleaks/gitleaks
+    rev: v8.18.4
+    hooks:
+      - id: gitleaks
+  # -----------------------------
+  # Generates Table of Contents in Markdown files
+  # -----------------------------
+  - repo: https://github.com/frnmst/md-toc
+    rev: 9.0.0
+    hooks:
+      - id: md-toc
+        args: [-p, github]  # CLI options
+  # -----------------------------
+  # YAML Linting on yaml files for pre-commit and github actions
+  # -----------------------------
+  - repo: https://github.com/adrienverge/yamllint
+    rev: v1.35.1
+    hooks:
+      - id: yamllint
+        name: Check YAML syntax with yamllint
+        args: [--strict, -c=.yamllint.yaml, '.']
+        always_run: true
+        pass_filenames: true
+  # -----------------------------
+  # Install PYPI bumpversion check requirements
+  # -----------------------------
+  - repo: local
+    hooks:
+      - id: install-pypi_bumpversion_check-requirements
+        name: Install PYPI bumpversion check requirements
+        entry: pip3 install -r pypi_bumpversion_check/requirements.txt
+        language: system
+        files: pyproject.toml
+  # -----------------------------
+  # PYPI bumpversion check
+  # -----------------------------
+  - repo: local
+    hooks:
+      - id: pypi_bumpversion_check
+        name: Check version
+        entry: python3 pypi_bumpversion_check/check_version.py
+        language: system
+        files: pyproject.toml
+  # -----------------------------
+  # Unit Tests
+  # -----------------------------
+  - repo: local
+    hooks:
+      - id: unittest
+        name: Run unit tests
+        entry: python3 -m unittest tests.test_main
+        language: system
+        pass_filenames: false
+        always_run: true

.pre-commit-hooks.yaml

@@ -0,0 +1,6 @@
+---
+- id: find-and-replace-strings
+  name: find-and-replace-strings
+  description: Finds strings in files and replaces them with other strings.
+  entry: find-and-replace-strings
+  language: python

.yamllint.yaml

@@ -0,0 +1,35 @@
+---
+yaml-files:
+  - '*.yaml'
+  - '*.yml'
+  - '.yamllint'
+
+rules:
+  anchors: enable
+  braces: enable
+  brackets: enable
+  colons: enable
+  commas: enable
+  comments:
+    level: warning
+  comments-indentation:
+    level: warning
+  document-end: disable
+  document-start:
+    level: warning
+  empty-lines: enable
+  empty-values: disable
+  float-values: disable
+  hyphens: enable
+  indentation: enable
+  key-duplicates: enable
+  key-ordering: disable
+  line-length:
+    max: 120
+    level: warning
+  new-line-at-end-of-file: enable
+  new-lines: enable
+  octal-values: disable
+  quoted-strings: disable
+  trailing-spaces: enable
+  truthy: disable