Move estimates CSV to project root, summaries to reports/ #17

	name: CI

	on:
	push:
	branches: [main]
	pull_request:
	branches: [main]

	jobs:
	lint:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-python@v5
	with:
	python-version: "3.12"
	- run: pip install ruff
	- run: ruff check app/ scripts/

	import-check:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-python@v5
	with:
	python-version: "3.12"
	- run: pip install -r requirements.txt
	- run: python -c "from app.main import app; print('imports OK')"

	security:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-python@v5
	with:
	python-version: "3.12"
	- run: pip install -r requirements.txt
	- name: Dependency audit
	run: pip install pip-audit && pip-audit -r requirements.lock
	- name: Static security analysis
	run: pip install bandit && bandit -r app/ -c pyproject.toml

	docker:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Build image
	run: docker build -t postalcode2nuts .
	- name: Verify non-root user
	run: \|
	user=$(docker run --rm postalcode2nuts whoami)
	echo "Container user: $user"
	[ "$user" = "appuser" ] \|\| exit 1

Provide feedback