ci: make the template reproducible in GitHub Actions and dev containers

A reusable template needs consistent execution outside one laptop.
This adds GitHub Actions for quality, build, audit, and tag-based release
artifacts, plus a dev container and top-level README so teammates get the same
bootstrap path in CI and in editor-based Linux environments.

Constraint: The default automation must stay generic enough for pure Python projects while still fitting robotics and ML teams
Rejected: Bake ROS 2 and GPU-specific setup directly into the base workflows | too heavy and too environment-specific for a starter template
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: Keep CI fast on the core path; isolate heavier robotics or platform-specific checks into opt-in workflows later
Tested: uv lock; uv sync --group dev; make check; make build; make run-example-ml; make run-example-robotics; make audit; JSON/YAML parse of devcontainer and workflow files
Not-tested: Actual GitHub-hosted runner execution and Codespaces startup behavior

Author: yujeongdev

.devcontainer/devcontainer.json

@@ -0,0 +1,28 @@
+{
+  "name": "python-template",
+  "image": "mcr.microsoft.com/devcontainers/python:1-3.12-bookworm",
+  "features": {
+    "ghcr.io/devcontainers/features/common-utils:2": {
+      "installZsh": false,
+      "username": "vscode"
+    }
+  },
+  "postCreateCommand": "curl -LsSf https://astral.sh/uv/install.sh | sh && $HOME/.local/bin/uv sync --group dev",
+  "customizations": {
+    "vscode": {
+      "extensions": [
+        "ms-python.python",
+        "ms-python.vscode-pylance",
+        "charliermarsh.ruff",
+        "github.vscode-github-actions"
+      ],
+      "settings": {
+        "python.defaultInterpreterPath": "${containerWorkspaceFolder}/.venv/bin/python",
+        "editor.formatOnSave": true,
+        "editor.codeActionsOnSave": {
+          "source.fixAll.ruff": "explicit"
+        }
+      }
+    }
+  }
+}

.github/workflows/audit.yml

@@ -0,0 +1,30 @@
+name: Audit
+
+on:
+  push:
+    branches:
+      - main
+      - feature/**
+  pull_request:
+  schedule:
+    - cron: '0 3 * * 1'
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  audit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/setup-python@v6
+        with:
+          python-version: '3.12'
+      - uses: astral-sh/setup-uv@v7
+        with:
+          enable-cache: true
+      - name: Sync dependencies
+        run: uv sync --group dev --all-extras --frozen
+      - name: Run pip-audit
+        run: make audit

.github/workflows/build.yml

@@ -0,0 +1,38 @@
+name: Build
+
+on:
+  push:
+    branches:
+      - main
+      - feature/**
+  pull_request:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/setup-python@v6
+        with:
+          python-version-file: .python-version
+      - uses: astral-sh/setup-uv@v7
+        with:
+          enable-cache: true
+      - name: Sync dependencies
+        run: uv sync --group dev --frozen
+      - name: Build wheel and sdist
+        run: make build
+      - name: Smoke-test built wheel
+        run: |
+          python -m venv /tmp/python-template-wheel-test
+          /tmp/python-template-wheel-test/bin/pip install dist/*.whl
+          /tmp/python-template-wheel-test/bin/python -m python_template
+      - name: Upload build artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: python-package-dist
+          path: dist/

.github/workflows/ci.yml

@@ -0,0 +1,58 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+      - feature/**
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  quality:
+    name: quality (${{ matrix.os }}, py${{ matrix.python-version }})
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - os: ubuntu-latest
+            python-version: '3.11'
+          - os: ubuntu-latest
+            python-version: '3.12'
+          - os: ubuntu-latest
+            python-version: '3.13'
+          - os: macos-latest
+            python-version: '3.12'
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/setup-python@v6
+        with:
+          python-version: ${{ matrix.python-version }}
+      - uses: astral-sh/setup-uv@v7
+        with:
+          enable-cache: true
+      - name: Sync dependencies
+        run: uv sync --group dev --frozen
+      - name: Run quality gate
+        run: make check
+
+  examples:
+    name: examples (ubuntu, py3.12)
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/setup-python@v6
+        with:
+          python-version: '3.12'
+      - uses: astral-sh/setup-uv@v7
+        with:
+          enable-cache: true
+      - name: Sync dependencies
+        run: uv sync --group dev --frozen
+      - name: Run example stubs
+        run: |
+          make run-example-ml
+          make run-example-robotics

.github/workflows/release.yml

@@ -0,0 +1,31 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  release-artifacts:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/setup-python@v6
+        with:
+          python-version-file: .python-version
+      - uses: astral-sh/setup-uv@v7
+        with:
+          enable-cache: true
+      - name: Sync dependencies
+        run: uv sync --group dev --frozen
+      - name: Build release artifacts
+        run: make build
+      - name: Upload release artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: python-template-release-${{ github.ref_name }}
+          path: dist/

README.md

@@ -1 +1,97 @@
 # python-template
+
+A modern Python template for robotics and ML teams that want fast local iteration, reproducible
+setup, and CI-enforced quality gates.
+
+## Why this template
+
+This scaffold is optimized for hybrid robotics + ML work:
+
+- **`uv` first** for fast environment and lockfile management
+- **`pyproject.toml` + `src/` layout** for modern packaging
+- **Ruff + Pyright + pytest** for a strong default quality bar
+- **Makefile** as the single memorable task surface for developers and CI
+- **GitHub Actions** for repeatable checks on Python 3.11–3.13
+- **Optional extras** so robotics/ML dependencies do not bloat the base environment
+
+## Quickstart
+
+```bash
+uv sync --group dev
+make check
+make run-example-ml
+make run-example-robotics
+```
+
+To install optional profiles:
+
+```bash
+uv sync --group dev --extra ml
+uv sync --group dev --extra robotics
+uv sync --group dev --all-extras
+```
+
+## Core tasks
+
+| Task | Purpose |
+| --- | --- |
+| `make sync` | Install the base project environment |
+| `make sync-dev` | Install developer dependencies |
+| `make sync-all` | Install developer dependencies and all optional extras |
+| `make fmt` | Format source, tests, and examples |
+| `make lint` | Run Ruff lint checks |
+| `make typecheck` | Run Pyright |
+| `make test` | Run pytest |
+| `make test-cov` | Run pytest with coverage |
+| `make check` | Run format, lint, typecheck, and tests |
+| `make build` | Build wheel and sdist |
+| `make audit` | Run dependency vulnerability checks |
+| `make run-example-ml` | Execute the ML stub |
+| `make run-example-robotics` | Execute the robotics stub |
+
+## Project layout
+
+```text
+.
+├── .devcontainer/
+├── .github/workflows/
+├── docs/
+├── examples/
+│   ├── ml/
+│   └── robotics/
+├── src/python_template/
+└── tests/
+```
+
+## Quality workflow
+
+Local and CI use the same contract:
+
+```bash
+make check
+make build
+```
+
+That keeps the README, local workflow, and GitHub Actions aligned.
+
+## Profiles
+
+- `ml`: data-science friendly optional dependencies for training/evaluation prototypes
+- `robotics`: lightweight robotics-adjacent dependencies for adapters and integration code
+- `viz`: visualization and richer terminal output helpers
+
+See [`docs/ml.md`](docs/ml.md) and [`docs/robotics.md`](docs/robotics.md) for guidance.
+
+## GitHub Actions
+
+The repository ships with:
+
+- `ci.yml` for lint/type/test matrix checks
+- `build.yml` for build + wheel smoke validation
+- `audit.yml` for dependency auditing
+- `release.yml` for tag-driven build artifacts
+
+## Dev container
+
+The included dev container is meant to give teammates a reproducible Linux environment with `uv`
+installed and the dev dependencies synced on first open.