docs+ci: README badges, CodeQL workflow, issue + PR templates

imanimanyara · imanimanyara · commit a6d8b168245d · 2026-05-15T19:01:23.000-04:00
Scaffolding backfill to match the release-kit baseline. No
behavior changes; only docs + .github/ files.

- README.md: CI status / PyPI version / supported Pythons / license
  badges. Each URL verified to return 200 before pasting.
- .github/workflows/codeql.yml: weekly + push/PR scan, python +
  actions languages, security-and-quality query set.
- .github/ISSUE_TEMPLATE/{bug_report,feature_request,config}.yml:
  GitHub-recognised forms with redaction reminders.
- .github/PULL_REQUEST_TEMPLATE.md: standard checklist.
diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -0,0 +1,77 @@
+name: Bug report
+description: Something is broken or behaving unexpectedly.
+title: "bug: "
+labels: [bug]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for filing a bug! Please redact any tokens or
+        credentials before pasting logs.
+
+  - type: input
+    id: version
+    attributes:
+      label: get-installer version
+      description: Output of `get-installer version`.
+      placeholder: simtabi-get-installer 0.1.0
+    validations:
+      required: true
+
+  - type: input
+    id: python
+    attributes:
+      label: Python version
+      placeholder: "3.11.7"
+    validations:
+      required: true
+
+  - type: dropdown
+    id: os
+    attributes:
+      label: Operating system
+      options:
+        - macOS
+        - Linux
+        - Windows
+        - Other (describe in details)
+    validations:
+      required: true
+
+  - type: textarea
+    id: what-happened
+    attributes:
+      label: What happened?
+      description: What did you do? What did you expect? What did you get?
+      placeholder: |
+        1. ran `get-installer publish --target pypi`
+        2. expected the package to be uploaded
+        3. got `token-not-found` although PYPI_TOKEN was set
+    validations:
+      required: true
+
+  - type: textarea
+    id: command
+    attributes:
+      label: Exact command + relevant config
+      description: Paste the CLI you ran and the relevant section of release.json (redact tokens).
+      render: bash
+    validations:
+      required: true
+
+  - type: textarea
+    id: logs
+    attributes:
+      label: Doctor output / stderr
+      description: Run `get-installer help` and paste the table; or paste the failing command's stderr.
+      render: text
+
+  - type: checkboxes
+    id: checks
+    attributes:
+      label: Quick checks
+      options:
+        - label: I redacted any tokens / credentials before pasting.
+          required: true
+        - label: I checked `docs/troubleshooting.md`.
+          required: true
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,11 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Documentation
+    url: https://opensource.simtabi.com/documentation/get-installer
+    about: Manual + per-platform reference playbook.
+  - name: Security vulnerability
+    url: https://github.com/simtabi/get-installer/security/policy
+    about: Use private vulnerability reporting; do not file a public issue.
+  - name: Discussion / question
+    url: https://github.com/simtabi/get-installer/discussions
+    about: Ask questions, share recipes, or propose ideas before formalising.
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml
@@ -0,0 +1,54 @@
+name: Feature request
+description: A new platform, CLI verb, or behaviour you'd like to see.
+title: "feat: "
+labels: [enhancement]
+body:
+  - type: textarea
+    id: problem
+    attributes:
+      label: What problem does this solve?
+      description: Describe the use case in your own workflow, not the solution.
+      placeholder: |
+        I publish to JFrog Artifactory and would like get-installer to
+        handle it instead of a bespoke script.
+    validations:
+      required: true
+
+  - type: textarea
+    id: proposal
+    attributes:
+      label: Proposed shape
+      description: What might the config + CLI look like? Free-form is fine.
+      placeholder: |
+        targets:
+          jfrog:
+            enabled: true
+            auth: token
+            repository: my-repo
+
+  - type: dropdown
+    id: type
+    attributes:
+      label: What kind of feature?
+      options:
+        - New platform (registry or git host)
+        - New CLI verb / flag
+        - New policy / safety check
+        - Workflow / composition
+        - Docs / examples
+        - Other
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives considered
+      description: Have you tried a workaround? What didn't work?
+
+  - type: checkboxes
+    id: willingness
+    attributes:
+      label: Contribution
+      options:
+        - label: I'd be willing to send a PR for this.
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,24 @@
+<!-- Thanks for sending a PR! Please redact any tokens before posting logs. -->
+
+## What
+
+<!-- One-paragraph summary of the change. -->
+
+## Why
+
+<!-- The reason this change is needed. Link issues with `Fixes #123` / `Refs #123`. -->
+
+## How
+
+<!-- Notable implementation choices. New platform? Reference the playbook page. -->
+
+## Checklist
+
+- [ ] Tests added or updated; `pytest` passes locally.
+- [ ] `ruff check src tests` clean.
+- [ ] `mypy src` clean.
+- [ ] Public API change? Updated `CHANGELOG.md` under `[Unreleased]`.
+- [ ] New platform? Added a `docs/playbook/<group>/<slug>.md` entry following
+      the 8-section template, and a `docs/platforms/<slug>.md` user page.
+- [ ] New CLI verb / flag? Updated `docs/cli.md` and `README.md`.
+- [ ] No secrets, tokens, or production hostnames in the diff or logs.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -0,0 +1,44 @@
+name: codeql
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: "30 6 * * 1"   # weekly, Monday 06:30 UTC (≈ 02:30 ET)
+
+permissions:
+  contents: read
+  security-events: write
+  actions: read
+
+concurrency:
+  group: codeql-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  analyze:
+    name: analyze (${{ matrix.language }})
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [python, actions]
+
+    steps:
+      - uses: actions/checkout@v6
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          queries: security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Analyze
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{ matrix.language }}"
diff --git a/README.md b/README.md
@@ -1,5 +1,10 @@
 # get-installer
 
+[![CI](https://github.com/simtabi/get-installer/actions/workflows/ci.yml/badge.svg)](https://github.com/simtabi/get-installer/actions/workflows/ci.yml)
+[![PyPI](https://img.shields.io/pypi/v/get-installer.svg)](https://pypi.org/project/get-installer/)
+[![Python](https://img.shields.io/pypi/pyversions/get-installer.svg)](https://pypi.org/project/get-installer/)
+[![License](https://img.shields.io/github/license/simtabi/get-installer.svg)](LICENSE)
+
 A reusable, **registry-driven `curl | sh`-style installer** for
 distributing developer tools across public OSS, private enterprises,
 universities, and government / domain-locked contexts.
