added docs and container (podman + docker) setup

docs/README.md

@@ -0,0 +1,98 @@
+# Documentation
+
+> This project is OCI container (podman)-first. Docker specific documentation is provided in docker/docker.md
+
+# Container Quick Reference (Podman/OCI)
+
+## Structure
+
+```
+assets/
+├── Containerfile         ← OCI production (~7MB)
+└── Containerfile.alpine  ← Development (~15MB)
+
+docs/
+├── container.md          ← Main Podman guide ⭐
+└── docker/               ← Docker specifics
+```
+
+## Quick Commands
+
+```bash
+# Build
+podman build -t argparse-builder .
+
+# Run rootless
+podman run -d -p 8080:8080 argparse-builder
+
+# With SELinux
+podman run -d -p 8080:8080 --security-opt label=type:container_t argparse-builder
+
+# Hardened
+podman run -d -p 8080:8080 \
+  --read-only \
+  --cap-drop=ALL \
+  --security-opt=no-new-privileges \
+  --memory=128m \
+  argparse-builder
+```
+
+## SELinux Volumes
+
+```bash
+# Private label (recommended)
+podman run -v ./data:/data:Z argparse-builder
+
+# Shared label
+podman run -v ./shared:/shared:z argparse-builder
+```
+
+## Systemd Integration
+
+```bash
+# Generate unit
+podman generate systemd --new --name argparse-builder > ~/.config/systemd/user/argparse-builder.service
+
+# Enable
+systemctl --user enable --now argparse-builder
+```
+
+## Key Features
+
+- ✅ Rootless by default
+- ✅ SELinux native support
+- ✅ Daemonless operation
+- ✅ OCI compliant
+- ✅ Systemd integration
+- ✅ ~7MB image size
+
+## Makefile
+
+```bash
+make container-build          # Build image
+make container-run           # Run rootless
+make container-run-hardened  # Security hardened
+make container-systemd       # Generate systemd unit
+```
+
+See **docs/container.md** for complete guide.
+
+```
+
+```
+
+```
+
+```
+
+```
+
+```
+
+```
+
+```
+
+```
+
+```