Blackplums · Vigneshkna · Sep 21, 2025 · Sep 21, 2024 · Sep 21, 2024 · Sep 22, 2024
@@ -0,0 +1,31 @@
+# CODEOWNERS file for how2validate project
+# This file assigns ownership for different parts of the repository
+# Each line matches a file pattern to one or more code owners
+
+# Default owners (fallback for all files not explicitly mentioned)
+*                     @blackplums/admin
+
+# Owners for specific areas of the project
+
+# Workflow
+/.github              @blackplums/admin @vigneshkna
+/.gitignore           @blackplums/admin @vigneshkna
+
+# Source Packages
+/src/docker/          @blackplums/admin @vigneshkna
+/src/js/              @blackplums/admin @vigneshkna
+/src/python/          @blackplums/admin @vigneshkna
+/src/scripts/         @blackplums/admin @vigneshkna
+
+
+# Documentation
+/docs/                @blackplums/admin @vigneshkna @manimarans
+/README.md            @blackplums/admin @vigneshkna
+
+# Root files
+/CODE_OF_CONDUCT.md   @blackplums/admin @vigneshkna
+/CODEOWNERS           @blackplums/admin @vigneshkna
+/CONTRIBUTING.md      @blackplums/admin @vigneshkna
+/LICENSE              @blackplums/admin @vigneshkna
+/SECURITY.md          @blackplums/admin @vigneshkna
+
@@ -0,0 +1,134 @@
+
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, caste, color, religion, or sexual
+identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the overall
+  community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or advances of
+  any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email address,
+  without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official email address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+VigneshKna@gmail.com.
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series of
+actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or permanent
+ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior, harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within the
+community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
+
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+
+For answers to common questions about this code of conduct, see the FAQ at
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
+[https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations
+
@@ -0,0 +1 @@
+# Contribution
@@ -4,7 +4,7 @@
 
 If you discover a security vulnerability within this project, please follow these steps to report it:
 
-1. **Create a New Issue**: Go to the [Issues](../../issues) section of this repository.
+1. **Create a New Issue**: Go to the [Issues](../../../issues/new/choose) section of this repository.
 
 2. **Tag the Issue**: Use the **`security`** tag when creating the issue to highlight that it’s a security-related concern.
 

@@ -0,0 +1,34 @@
+name: "Bump Version"
+description: "Detect semver bump type and update Config.ini"
+
+inputs:
+  bump-type:
+    description: "Version bump type: patch, minor, major, beta"
+    required: true
+
+outputs:
+  new-version:
+    description: "The new version bumped from Config.ini"
+    value: ${{ steps.bump.outputs.new-version }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Run bump_version.py
+      id: bump
+      shell: bash
+      run: |
+        # Run the version bump script with the specified bump type
+        OUTPUT=$(python src/python/bump_version.py ${{ inputs.bump-type }})
+
+        # Print all output for logging
+        echo "$OUTPUT"
+
+        # Extract the new version from the 'NewVersion:' line
+        NEW_VERSION=$(echo "$OUTPUT" | grep "NewVersion:" | awk '{print $2}')
+
+        # Set output for workflow
+        echo "new-version=$NEW_VERSION" >> "$GITHUB_OUTPUT"
+
+        # Optional log for clarity
+        echo "Bumped version: $NEW_VERSION"
@@ -0,0 +1,21 @@
+name: "Install Deps"
+description: "Install Python dependencies"
+
+runs:
+  using: "composite"
+  steps:
+    - name: Update and Install dependencies
+      working-directory: ./src/python
+      shell: bash
+      run: |
+        echo "::notice::######################### Upgrading pip ###################################"
+        python -m pip install --upgrade pip
+        pip install pip-tools
+        pip-compile ./requirements.in 
+        pip-compile --upgrade ./requirements.in
+
+        echo "::notice::######################### Installing dependencies #########################"
+        pip install -r requirements.txt
+
+        echo "::notice::################## End of Update and Install dependencies #################"
+
@@ -0,0 +1,67 @@
+name: "Publish Docker Image"
+description: "Composite action: Build, push Docker image and generate attestation"
+
+inputs:
+  registry:
+    description: 'Container registry (eg. ghcr.io)'
+    required: true
+    default: 'ghcr.io'
+  image_name:
+    description: 'Repository/name for image (eg. owner/repo)'
+    required: true
+  context:
+    description: 'Build context path'
+    required: true
+    default: './src/docker'
+  dockerfile:
+    description: 'Path to Dockerfile'
+    required: true
+    default: './src/docker/Dockerfile'
+  push:
+    description: 'Whether to push the image (true/false)'
+    required: true
+    default: 'true'
+  github_token:
+    description: 'GitHub token to authenticate to registry'
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - name: Log in to the Container registry
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ inputs.registry }}
+        username: ${{ github.actor }}
+        password: ${{ inputs.github_token }}
+
+    - name: Extract metadata (tags, labels) for Docker
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: ${{ inputs.registry }}/${{ inputs.image_name }}
+
+    - name: Build and push Docker image
+      id: push
+      uses: docker/build-push-action@v6
+      with:
+        context: ${{ inputs.context }}
+        file: ${{ inputs.dockerfile }}
+        push: ${{ inputs.push }}
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+
+    - name: Generate artifact attestation
+      uses: actions/attest-build-provenance@v2
+      with:
+        subject-name: ${{ inputs.registry }}/${{ inputs.image_name }}
+        subject-digest: ${{ steps.push.outputs.digest }}
+        push-to-registry: true
+
+outputs:
+  digest:
+    description: 'Image digest produced by docker/build-push-action'
+    value: ${{ steps.push.outputs.digest }}
+  tags:
+    description: 'Computed image tags'
+    value: ${{ steps.meta.outputs.tags }}
@@ -0,0 +1,26 @@
+name: 'Build Python Package'
+description: 'Sets up Python environment and builds package distributions'
+
+inputs:
+  version:
+    description: "Release version"
+    required: true
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Build package distributions
+      working-directory: ./src/python
+      shell: bash
+      run: python setup.py sdist bdist_wheel
+
+    - name: Upload distribution artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: python-v${{ inputs.version }}
+        path: dist/
+
+    - name: Publish to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1
+      with:
+        packages-dir: dist/
@@ -0,0 +1,25 @@
+name: "Create Release"
+description: "Tag current version and publish GitHub Release"
+
+inputs:
+  version:
+    description: "Release version"
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    - name: Create Git tag
+      shell: bash
+      run: |
+        git config user.name "github-actions"
+        git config user.email "github-actions@github.com"
+        git tag v${{ inputs.version }}
+        git push origin v${{ inputs.version }}
+
+    - name: Create GitHub Release
+      uses: softprops/action-gh-release@v2
+      with:
+        tag_name: v${{ inputs.version }}
+        name: Release v${{ inputs.version }}
+        body: "Automated release for version ${{ inputs.version }}"
@@ -0,0 +1,32 @@
+name: "Test Python Package"
+description: "Composite action: Runs Testing python packages"
+
+inputs:
+  test-command:
+    description: "Command to run tests"
+    required: false
+    default: "pytest"
+
+outputs:
+  tests-passed:
+    description: "true when tests passed"
+    value: ${{ steps.run_tests.outputs.tests_passed }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Run tests
+      id: run_tests
+      shell: bash
+      working-directory: ./src/python/tests
+      run: |
+        set -e
+        echo "::notice::Running tests with: ${{ inputs.test-command }}"
+        if bash -lc "${{ inputs.test-command }}"; then
+          echo "::notice::Tests passed!"
+          echo "tests_passed=true" >> "$GITHUB_OUTPUT"
+        else
+          echo "::error::Tests failed!"
+          echo "::error::tests_passed=false" >> "$GITHUB_OUTPUT"
+          exit 1
+        fi