Starting commit from python template

.github/CODEOWNERS

@@ -0,0 +1,2 @@
+# default reviewers
+*                 @greenbone/<team>

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Greenbone Community Forum
+    url: https://community.greenbone.net/c/gse
+    about: Please ask and answer questions here.

.github/ISSUE_TEMPLATE/issue-report.md

@@ -0,0 +1,53 @@
+---
+name: Bug Report
+about: Report an issue
+title: ''
+labels: bug
+assignees: ''
+
+---
+
+<!--
+If reporting an issue please try to provide the information asked below.
+
+Before reporting an issue please:
+
+1. Be aware that this is not a support forum. If your issue is rather a question
+   than a bug report, please use our community forum at
+   https://community.greenbone.net/c/gse instead.
+2. Make sure that you're using the latest published release
+3. Check the list of issues whether it isn't already reported.
+4. Read 1. again and if you still believe you found a software bug please
+   continue to file this issue. If you are in doubt use
+   https://community.greenbone.net/c/gse instead.
+
+Thanks for your help to keep the communication channels clean and consistent!
+-->
+
+### Expected behavior
+
+<!--
+  How did you expect the software to behave?
+  Please write down how it should work in your opinion.
+-->
+
+### Actual behavior
+
+<!--
+  Did something go wrong?
+  Is something broken, or not behaving as you expected?
+  Is this really an bug? If in doubt please use
+  https://community.greenbone.net/c/gse instead.
+-->
+
+### Steps to reproduce
+
+<!--
+  How would you describe your issue to someone who doesn’t know something about
+  this software? Try to write a sequence of steps that anybody can repeat to see
+  the issue.
+-->
+
+1.
+2.
+3.

.github/dependabot.yml

@@ -0,0 +1,28 @@
+version: 2
+updates:
+  - package-ecosystem: pip
+    directory: "/"
+    schedule:
+      interval: weekly
+      time: "04:00"
+    allow:
+      - dependency-type: direct
+      - dependency-type: indirect
+    groups:
+      python-packages:
+        patterns:
+          - "*"
+    commit-message:
+      prefix: "Deps"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      time: "04:00"
+    groups:
+      github-actions:
+        patterns:
+          - "*"
+    commit-message:
+      prefix: "Deps"

.github/workflows/auto-merge.yml

@@ -0,0 +1,12 @@
+name: Auto-merge rebase
+
+on: pull_request_target
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  auto-merge:
+    uses: greenbone/workflows/.github/workflows/auto-merge.yml@main
+    secrets: inherit

.github/workflows/ci-python.yml

@@ -0,0 +1,86 @@
+name: Build and test Python package
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  linting:
+    name: Linting
+    runs-on: "ubuntu-latest"
+    strategy:
+      matrix:
+        python-version:
+          - "3.9"
+          - "3.10"
+          - "3.11"
+          - "3.12"
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install and check with black, pylint and pontos.version
+        uses: greenbone/actions/lint-python@v3
+        with:
+          packages: <FIXME>
+          linter: ruff
+          python-version: ${{ matrix.python-version }}
+
+  test:
+    name: Run all tests
+    runs-on: "ubuntu-latest"
+    strategy:
+      matrix:
+        python-version:
+          - "3.9"
+          - "3.10"
+          - "3.11"
+          - "3.12"
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install python, poetry and dependencies
+        uses: greenbone/actions/poetry@v3
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Run unit tests
+        run: poetry run python -m unittest
+
+  mypy:
+    name: Check type hints
+    runs-on: "ubuntu-latest"
+    strategy:
+      matrix:
+        python-version:
+          - "3.9"
+          - "3.10"
+          - "3.11"
+          - "3.12"
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run mypy
+        uses: greenbone/actions/mypy-python@v3
+        with:
+          python-version: ${{ matrix.python-version }}
+
+  codecov:
+    name: Upload coverage to codecov.io
+    needs: test
+    runs-on: "ubuntu-latest"
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install and calculate and upload coverage to codecov.io
+        uses: greenbone/actions/coverage-python@v3
+        with:
+          python-version: "3.10"
+
+  build-docs:
+    name: Build the documentation
+    runs-on: "ubuntu-latest"
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install python, poetry and dependencies
+        uses: greenbone/actions/poetry@v3
+        with:
+          python-version: "3.10"
+      - name: Build docs
+        run: cd docs && poetry run make html

.github/workflows/codeql-analysis-python.yml

@@ -0,0 +1,38 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+    paths-ignore:
+      - "**/*.md"
+      - "**/*.txt"
+  schedule:
+    - cron: "30 5 * * 0" # 5:30h on Sundays
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["python"]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3

.github/workflows/conventional-commits.yml

@@ -0,0 +1,12 @@
+name: Conventional Commits
+
+on:
+  pull_request:
+
+jobs:
+  conventional-commits:
+    name: Conventional Commits
+    runs-on: ubuntu-latest
+    steps:
+      - name: Report Conventional Commits
+        uses: greenbone/actions/conventional-commits@v3

.github/workflows/dependency-review.yml

@@ -0,0 +1,12 @@
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Dependency Review'
+        uses: greenbone/actions/dependency-review@v3

.github/workflows/deploy-pypi.yml

@@ -0,0 +1,20 @@
+name: Deploy on PyPI
+
+# uploads the Python package via trusted publisher (OIDC) https://docs.pypi.org/trusted-publishers/
+
+on:
+  release:
+    types: [created]
+
+jobs:
+  deploy:
+    permissions:
+      id-token: write
+    runs-on: ubuntu-latest
+    environment:
+      # requires to create a GitHub environment named pypi
+      name: pypi
+      url: https://pypi.org/project/example/ # FIXME
+    steps:
+      - name: Build and publish to PyPI
+        uses: greenbone/actions/pypi-upload@v3

.github/workflows/release.yml

@@ -0,0 +1,32 @@
+name: Release Python package
+
+on:
+  pull_request:
+    types: [closed]
+  workflow_dispatch:
+    inputs:
+      release-type:
+        type: choice
+        description: What kind of release do you want to do?
+        options:
+          - calendar
+          - patch
+          - minor
+          - major
+      release-version:
+        type: string
+        description: Set an explicit version, that will overwrite release-type. Fails if version is not compliant.
+
+# don't run two release processes at the same time
+# but also don't cancel already running workflow because it might already be to late
+concurrency:
+  group: ${{ github.workflow }}
+
+jobs:
+  build-and-release:
+    name: Create a new release
+    uses: greenbone/workflows/.github/workflows/release-python.yml@main
+    secrets: inherit
+    with:
+      release-version: ${{ inputs.release-version }}
+      release-type: ${{ inputs.release-type }}

.github/workflows/sbom-upload.yml

@@ -0,0 +1,14 @@
+name: SBOM upload
+on:
+  workflow_dispatch:
+  push:
+    branches: ["main"]
+jobs:
+  SBOM-upload:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: write
+    steps:
+      - name: 'SBOM upload'
+        uses: greenbone/actions/sbom-upload@v3

example/__init__.py

@@ -0,0 +1,3 @@
+# SPDX-FileCopyrightText: 2024 Greenbone AG
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later

example/__version__.py

@@ -0,0 +1,5 @@
+# pylint: disable=invalid-name
+
+# THIS IS AN AUTOGENERATED FILE. DO NOT TOUCH!
+
+__version__ = "0.0.1"

example/main.py

@@ -0,0 +1,17 @@
+# SPDX-FileCopyrightText: 2024 Greenbone AG
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+from argparse import ArgumentParser, Namespace
+from typing import Optional, Sequence
+
+import shtab
+
+
+def parse_args(args: Optional[Sequence[str]] = None) -> Namespace:
+    parser = ArgumentParser()
+    shtab.add_argument_to(parser)
+
+    parser.add_argument("--some-arg", help="Something")
+
+    return parser.parse_args(args)