Investment Tracker

A personal investment tracking application built with Python, Streamlit, and Poetry.

Project Structure

merlin/
├── .github/            # GitHub Actions workflows & config
│   └── workflows/      # CI/CD, CodeQL, and scheduled jobs
├── config/             # Configuration templates
├── data/               # Data persistence (gitignored)
├── src/                # Application source code
│   └── app.py          # Main application entry point
├── tests/              # Test suite
├── .gitignore          # Git ignore rules
├── .markdownlint.json  # Markdownlint configuration
├── .pre-commit-config.yaml # Pre-commit hooks configuration
├── .secrets.baseline   # Detect-secrets baseline file
├── docker-compose.yml  # Docker Compose service definition
├── Dockerfile          # Docker image definition
├── justfile            # Task runner configuration
├── poetry.lock         # Locked dependencies
├── pyproject.toml      # Project configuration and dependencies
└── README.md           # This file

Quality & Security

This project employs a comprehensive suite of tools to ensure high code quality and security standards.

Static Analysis & Linting

• Black: Uncompromising code formatter.
• Ruff: Extremely fast Python linter.
• Isort: Import sorter.
• Mypy: Static type checker.
• Yamllint: YAML style and syntax checker.
• Markdownlint: Markdown style checker.

Security

• Semgrep: Static analysis for security vulnerabilities.
• Bandit: Security linter for Python.
• Detect Secrets: Scans for committed secrets/credentials.
• Pip Audit: Audits Python environment for known vulnerabilities.
• CodeQL: GitHub's semantic code analysis engine (Weekly analysis).

CI/CD

All checks are enforced locally via pre-commit and verified in GitHub Actions (CI workflow). A weekly workflow runs deeper security audits.

Getting Started

Prerequisites

• Python 3.12+
• Poetry
• Docker & Docker Compose (optional, for containerization)
• just task runner (recommended)

Installation

1. Clone the repository

   git clone <repository_url>
   cd merlin

2. Setup environment

   This command installs dependencies and pre-commit hooks.

   just setup

3. Configure application

   Copy the example configuration files.

   cp config/example.env config/.env
   cp config/example.yaml config/config.yaml

Usage

Run Development Server

just dev

The application will be available at http://localhost:8501.

Run Tests

just test

Format & Lint Code

just format
just lint

Docker Deployment

Build & Run

just docker-run

This builds the Docker image and starts the container using Docker Compose. The app will be available at http://localhost:8501.

License

MIT