Support for OpenSSF Best Practices Badge (#40)

Author: davidbrownell

.github/workflows/standard.yaml

@@ -25,7 +25,7 @@ jobs:
   # ----------------------------------------------------------------------
   action_contexts:
     name: "Display GitHub Action Contexts"
-    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_display_action_contexts.yaml@CI-v0.19.0
+    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_display_action_contexts.yaml@CI-v0.20.0
 
   # ----------------------------------------------------------------------
   validate:
@@ -50,7 +50,7 @@ jobs:
     permissions:
       contents: read
 
-    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_validate_python.yaml@CI-v0.19.0
+    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_validate_python.yaml@CI-v0.20.0
     with:
       operating_system: ${{ matrix.os }}
       python_version: ${{ matrix.python_version }}
@@ -64,7 +64,7 @@ jobs:
     permissions:
       contents: read
 
-    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_package_python_coverage.yaml@CI-v0.19.0
+    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_package_python_coverage.yaml@CI-v0.20.0
     with:
       gist_id: 2f9d770d13e3a148424f374f74d41f4b
       gist_filename: PythonProjectBootstrapper_coverage.json
@@ -96,7 +96,7 @@ jobs:
     permissions:
       contents: read
 
-    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_create_python_package.yaml@CI-v0.19.0
+    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_create_python_package.yaml@CI-v0.20.0
     with:
       operating_system: ${{ matrix.os }}
       python_version: ${{ matrix.python_version }}
@@ -126,7 +126,7 @@ jobs:
     permissions:
       contents: read
 
-    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_validate_python_package.yaml@CI-v0.19.0
+    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_validate_python_package.yaml@CI-v0.20.0
     with:
       operating_system: ${{ matrix.os }}
       python_version: ${{ matrix.python_version }}
@@ -153,7 +153,7 @@ jobs:
     permissions:
       contents: read
 
-    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_create_python_binary.yaml@CI-v0.19.0
+    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_create_python_binary.yaml@CI-v0.20.0
     with:
       operating_system: ${{ matrix.os }}
       python_version: ${{ matrix.python_version }}
@@ -179,7 +179,7 @@ jobs:
     permissions:
       contents: read
 
-    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_validate_python_binary.yaml@CI-v0.19.0
+    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_validate_python_binary.yaml@CI-v0.20.0
     with:
       operating_system: ${{ matrix.os }}
       python_version: ${{ matrix.python_version }}
@@ -196,7 +196,7 @@ jobs:
     permissions:
       contents: write
 
-    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_publish_python.yaml@CI-v0.19.0
+    uses: davidbrownell/dbrownell_DevTools/.github/workflows/callable_publish_python.yaml@CI-v0.20.0
     with:
       release_sources_configuration_filename: .github/release_sources.yaml
     secrets:

README.md

@@ -30,8 +30,10 @@ Tool that helps in the creation of python projects.
 - Python [wheel](https://pythonwheels.com/) creation
 - Wheel deployment to [PyPi](https://pypi.org)
 - Executable generation via [cx_Freeze](https://marcelotduarte.github.io/cx_Freeze/)
-- Optional generation of development environment [docker](https://www.docker.com/) [images](https://aws.amazon.com/compare/the-difference-between-docker-images-and-containers/) in support of [FAIR principles](https://www.go-fair.org/fair-principles/)
 - Full [Continuous Integration](https://en.wikipedia.org/wiki/Continuous_integration), [Continuous Delivery](https://en.wikipedia.org/wiki/Continuous_delivery), and [Continuous Deployment](https://en.wikipedia.org/wiki/Continuous_deployment) (via [GitHub Actions](https://github.com/features/actions)) for everything listed above
+- [Optional] Build artifact signing via [Minisign](https://jedisct1.github.io/minisign/)
+- [Optional] Participation in the [Open Source Security Foundation (OpenSSF) Best Practices Badge Program](https://www.bestpractices.dev/)
+- [Optional] Generation of development environment [docker](https://www.docker.com/) [images](https://aws.amazon.com/compare/the-difference-between-docker-images-and-containers/) in support of [FAIR principles](https://www.go-fair.org/fair-principles/)
 
 #### Project Content Customization
 
@@ -162,6 +164,8 @@ There are other tools available that offer similar functionality, each emphasizi
 
 ### Templating Systems
 
+PythonProjectBootstrapper uses cookiecutter as its underlying templating engine, but others are available within python. Some are listed here if you want to use them directly.
+
 | Tool | Description |
 | --- | --- |
 | [cookiecutter](https://github.com/cookiecutter/cookiecutter) | A cross-platform command-line utility that creates projects from cookiecutters (project templates), e.g. Python package projects, C projects. |

src/PythonProjectBootstrapper/EntryPoint.py

@@ -96,7 +96,7 @@ def _VersionCallback(value: bool) -> None:
 )
 
 _configuration_filename_option = typer.Option(
-    "--configuration-filename",
+    "--configuration",
     dir_okay=False,
     exists=True,
     resolve_path=True,

src/PythonProjectBootstrapper/ProjectGenerationUtils.py

@@ -363,7 +363,6 @@ def DisplayPrompt(output_dir: Path, prompts: list[tuple[str, str]]) -> None:
         ["yellow", "blue", "magenta", "cyan", "green"],
     )
 
-    # ----------------------------------------------------------------------
     # Print out saved prompts
     for prompt_index, (title, prompt) in enumerate(prompts):
         print(

src/PythonProjectBootstrapper/package/cookiecutter.json

@@ -21,6 +21,7 @@
     "gist_username": "{{ cookiecutter.github_username }}",
 
     "sign_binaries": true,
+    "openssf_best_practices_badge_id": "__openssf_badge_id__",
     "create_docker_image": false,
 
     "__empty_dir": "",
@@ -31,15 +32,16 @@
         "name": "\n\nPlease enter your name.\n\nThis value will be used in:\n    - The copyright header for source files\n    - Metadata for the generated python package\n    - Metadata for the generated python binary\n\n",
         "email": "\n\nPlease enter your email address.\n\nThis value will be used in:\n    - Metadata for the generated python package\n    - Metadata for the generated python binary\n\n",
         "project_description": "\n\nPlease enter a short description of your project (less than 100 characters).\n\nThis value will be used in:\n    - Metadata for the generated python package\n    - Metadata for the generated python binary\n\n",
-        "license": "\n\nPlease enter the license you would like to use for your project. https://choosealicense.com/ is a\ngood resource that helps you choose the best license for your project.\n\nThis value will be used in:\n    - Population of the License.txt file (or equivalent)\n    - The copyright header for source files\n    - Metadata for the generated python package\n    - Metadata for the generated python binary\n    - Metadata for the generated docker image (if applicable)\n\n",
-        "github_url": "\n\nPlease enter the GitHub URL. You should use the URL to your GitHub repository as a guide when\nspecifying this value.\n\n    https://github.com/username/projectname\n    ^^^^^^^^^^^^^^^^^^\n    This is the GitHub URL\n\n",
-        "github_username": "\n\nPlease enter your GitHub username. You should use the URL to your GitHub repository as a guide when\nspecifying this value.\n\n    https://github.com/username/projectname\n                       ^^^^^^^^\n                       This is the GitHub username\n\n",
-        "github_project_name": "\n\nPlease enter your GitHub project name. You should use the URL to your GitHub repository as a guide\nwhen specifying this value.\n\n    https://github.com/username/projectname\n                                ^^^^^^^^^^^\n                                This is the GitHub project name\n\n",
-        "pypi_project_name": "\n\nPlease enter the name of your project as it will appear on PyPI (https://pypi.org). This\nname cannot be associated with any other project on PyPI.\n\n",
-        "gist_id": "\n\nPlease enter the GitHub gist id for use with this project.\n\nGitHub defines a gist as \"a simple way to share snippets and pastes with others.\" The generated\npython project will use a gist to store information dynamically generated during the build (for\nexample code coverage information) that can be retrieved at a later time (for example, to display\na code coverage badge in the project's README.md file).\n\nTo create a gist:\n    1. Go to https://gist.github.com/\n    2. Enter the following values in their respective fields:\n\n        Gist description...:                Gist used by GitHub Action workflows to store and retrieve dynamic information (oftentimes used to create and display badges).\n        Filename including extension...:    README.md\n        File contents:                      Gist used by GitHub Action workflows to store and retrieve dynamic information (oftentimes used to create and display badges).\n\n    3. Click the \"Create secret gist\" button\n    4. Copy the gist id (this will be the hex string at the end of the url associated with the gist\n       that was just created). It will look something like:\n\n          https://gist.github.com/<github username>/4c10281ff1abc26cafcb9a5f9a8a443e\n                                                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n                                                           This is the gist id\n\n",
+        "license": "\n\nPlease enter the license you would like to use for your project. https://choosealicense.com/ is a good resource that helps you choose the best license for your project.\n\nThis value will be used in:\n    - Population of the License.txt file (or equivalent)\n    - The copyright header for source files\n    - Metadata for the generated python package\n    - Metadata for the generated python binary\n    - Metadata for the generated docker image (if applicable)\n\n",
+        "github_url": "\n\nPlease enter the GitHub URL. You should use the URL to your GitHub repository as a guide when specifying this value.\n\n    https://github.com/username/projectname\n    ^^^^^^^^^^^^^^^^^^\n    This is the GitHub URL\n\n",
+        "github_username": "\n\nPlease enter your GitHub username. You should use the URL to your GitHub repository as a guide when specifying this value.\n\n    https://github.com/username/projectname\n                       ^^^^^^^^\n                       This is the GitHub username\n\n",
+        "github_project_name": "\n\nPlease enter your GitHub project name. You should use the URL to your GitHub repository as a guide when specifying this value.\n\n    https://github.com/username/projectname\n                                ^^^^^^^^^^^\n                                This is the GitHub project name\n\n",
+        "pypi_project_name": "\n\nPlease enter the name of your project as it will appear on PyPI (https://pypi.org). This name cannot be associated with any other project on PyPI.\n\n",
+        "gist_id": "\n\nPlease enter the GitHub gist id for use with this project.\n\nGitHub defines a gist as \"a simple way to share snippets and pastes with others.\" The generated python project will use a gist to store information dynamically generated during the build (for example code coverage information) that can be retrieved at a later time (for example, to display a code coverage badge in the project's README.md file). To create a gist:\n    1. Go to https://gist.github.com/\n    2. Enter the following values in their respective fields:\n\n        Gist description...:                Gist used by GitHub Action workflows to store and retrieve dynamic information (oftentimes used to create and display badges).\n        Filename including extension...:    README.md\n        File contents:                      Gist used by GitHub Action workflows to store and retrieve dynamic information (oftentimes used to create and display badges).\n\n    3. Click the \"Create secret gist\" button\n    4. Copy the gist id (this will be the hex string at the end of the url associated with the gist\n       that was just created). It will look something like:\n\n          https://gist.github.com/<github username>/4c10281ff1abc26cafcb9a5f9a8a443e\n                                                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n                                                           This is the gist id\n\n",
         "gist_username": "\n\nPlease enter the username associated with your gist_id. In most cases, this will be the same as your GitHub username.\n\n",
-        "sign_binaries": "\n\nWould you like the GitHub Action workflows to sign binaries produced by the project?\n\nA signed binary can be validated against its signature to ensure that changes have not been made\nto it after it was created. This is especially useful when distributing software to others and is\nhighly recommended.\n\n",
-        "create_docker_image": "\n\nWould you like the GitHub Action workflows to create docker images of the development environment?\nThese images can be used to produce exact results across different commits made to the repository\nover time (which is especially valuable when writing scientific software).\n\n"
+        "sign_binaries": "\n\nWould you like the GitHub Action workflows to sign binaries produced by the project?\n\nA signed binary can be validated against its signature to ensure that changes have not been made to it after it was created. This is especially useful when distributing software to others and is highly recommended.\n\n",
+        "openssf_best_practices_badge_id": "\n\nEnter the OpenSSF Best Practices Badge ID to display in your README.md file. Keep this default value if you do not have an OpenSSF Best Practices Badge ID but would like to create one (this is highly recommended). Enter the value 'none' if you do not want to display this badge in your README.md file.\n\nThe Open Source Security Foundation (OpenSSF) Best Practices badge is a way for Free/Libre and Open Source Software (FLOSS) projects to show that they follow best practices. Additional information is available at https://www.bestpractices.dev/.\n\nThis script will automatically generate scaffolding to achieve a 63% score. Completing your project's documentation and following development best practices will raise your score to 100%. Participation in the OpenSSF Best Practices Badge program is highly recommended.\n\n",
+        "create_docker_image": "\n\nWould you like the GitHub Action workflows to create docker images of the development environment? These images can be used to produce exact results across different commits made to the repository over time (which is especially valuable when writing scientific software).\n\n"
     },
 
     "_extensions": [

src/PythonProjectBootstrapper/package/cookiecutter_prompts.yaml

@@ -23,8 +23,7 @@ project_description: |-
       - Metadata for the generated python binary
 
 license: |-
-  Please enter the license you would like to use for your project. https://choosealicense.com/ is a
-  good resource that helps you choose the best license for your project.
+  Please enter the license you would like to use for your project. https://choosealicense.com/ is a good resource that helps you choose the best license for your project.
 
   This value will be used in:
       - Population of the License.txt file (or equivalent)
@@ -34,42 +33,33 @@ license: |-
       - Metadata for the generated docker image (if applicable)
 
 github_url: |-
-  Please enter the GitHub URL. You should use the URL to your GitHub repository as a guide when
-  specifying this value.
+  Please enter the GitHub URL. You should use the URL to your GitHub repository as a guide when specifying this value.
 
       https://github.com/username/projectname
       ^^^^^^^^^^^^^^^^^^
       This is the GitHub URL
 
 github_username: |-
-  Please enter your GitHub username. You should use the URL to your GitHub repository as a guide when
-  specifying this value.
+  Please enter your GitHub username. You should use the URL to your GitHub repository as a guide when specifying this value.
 
       https://github.com/username/projectname
                          ^^^^^^^^
                          This is the GitHub username
 
 github_project_name: |-
-  Please enter your GitHub project name. You should use the URL to your GitHub repository as a guide
-  when specifying this value.
+  Please enter your GitHub project name. You should use the URL to your GitHub repository as a guide when specifying this value.
 
       https://github.com/username/projectname
                                   ^^^^^^^^^^^
                                   This is the GitHub project name
 
 pypi_project_name: |-
-  Please enter the name of your project as it will appear on PyPI (https://pypi.org). This
-  name cannot be associated with any other project on PyPI.
+  Please enter the name of your project as it will appear on PyPI (https://pypi.org). This name cannot be associated with any other project on PyPI.
 
 gist_id: |-
   Please enter the GitHub gist id for use with this project.
 
-  GitHub defines a gist as "a simple way to share snippets and pastes with others." The generated
-  python project will use a gist to store information dynamically generated during the build (for
-  example code coverage information) that can be retrieved at a later time (for example, to display
-  a code coverage badge in the project's README.md file).
-
-  To create a gist:
+  GitHub defines a gist as "a simple way to share snippets and pastes with others." The generated python project will use a gist to store information dynamically generated during the build (for example code coverage information) that can be retrieved at a later time (for example, to display a code coverage badge in the project's README.md file). To create a gist:
       1. Go to https://gist.github.com/
       2. Enter the following values in their respective fields:
 
@@ -91,11 +81,14 @@ gist_username: |-
 sign_binaries: |-
   Would you like the GitHub Action workflows to sign binaries produced by the project?
 
-  A signed binary can be validated against its signature to ensure that changes have not been made
-  to it after it was created. This is especially useful when distributing software to others and is
-  highly recommended.
+  A signed binary can be validated against its signature to ensure that changes have not been made to it after it was created. This is especially useful when distributing software to others and is highly recommended.
+
+openssf_best_practices_badge_id: |-
+  Enter the OpenSSF Best Practices Badge ID to display in your README.md file. Keep this default value if you do not have an OpenSSF Best Practices Badge ID but would like to create one (this is highly recommended). Enter the value 'none' if you do not want to display this badge in your README.md file.
+
+  The Open Source Security Foundation (OpenSSF) Best Practices badge is a way for Free/Libre and Open Source Software (FLOSS) projects to show that they follow best practices. Additional information is available at https://www.bestpractices.dev/.
+
+  This script will automatically generate scaffolding to achieve a 63% score. Completing your project's documentation and following development best practices will raise your score to 100%. Participation in the OpenSSF Best Practices Badge program is highly recommended.
 
 create_docker_image: |-
-  Would you like the GitHub Action workflows to create docker images of the development environment?
-  These images can be used to produce exact results across different commits made to the repository
-  over time (which is especially valuable when writing scientific software).
+  Would you like the GitHub Action workflows to create docker images of the development environment? These images can be used to produce exact results across different commits made to the repository over time (which is especially valuable when writing scientific software).