cleanup github integrations

.github/dependabot.yml

@@ -1,6 +1,6 @@
 version: 2
 updates:
   - package-ecosystem: "pip"
-    directory: "/examples/dependabot"
+    directory: "/examples/github/dependabot"
     schedule:
       interval: "monthly"

.github/workflows/codeql-evidence-example.yml

@@ -18,9 +18,9 @@ jobs:
       matrix:
         language_details:
           - name: javascript
-            queries_path: ./examples/codeql/queries/js
+            queries_path: ./examples/github/codeql/queries/js
           - name: go
-            queries_path: ./examples/codeql/queries/go
+            queries_path: ./examples/github/codeql/queries/go
 
     steps:
       # Build and publish the packages to JFrog Artifactory
@@ -32,12 +32,12 @@ jobs:
       - uses: actions/checkout@v4
         with:
           sparse-checkout: |
-            examples/codeql/**
+            examples/github/codeql/**
           sparse-checkout-cone-mode: false
       - name: Build and Publish ${{ matrix.language_details.name }} package
         env:
-          GO_CODE_PATH: examples/codeql/go
-          JS_CODE_PATH: examples/codeql/js
+          GO_CODE_PATH: examples/github/codeql/go
+          JS_CODE_PATH: examples/github/codeql/js
         run: |
           if [ ${{ matrix.language_details.name }} == 'go' ]; then
             cd $GO_CODE_PATH
@@ -62,7 +62,7 @@ jobs:
         uses: github/codeql-action/init@v3
         with:
           languages: ${{ matrix.language_details.name }}
-          config-file: examples/codeql/codeql-config.yml
+          config-file: examples/github/codeql/codeql-config.yml
           queries: ${{ matrix.language_details.queries_path }}
 
       - name: Run CodeQL Analysis for ${{ matrix.language_details.name }}
@@ -76,7 +76,7 @@ jobs:
       - name: Generate optional custom markdown report
         if: env.ATTACH_OPTIONAL_CUSTOM_MARKDOWN_TO_EVIDENCE == 'true'
         run: |
-          python ./examples/codeql/sarif_to_markdown.py \
+          python ./examples/github/codeql/sarif_to_markdown.py \
             results-${{ matrix.language_details.name }}/${{ matrix.language_details.name }}.sarif \
             results-${{ matrix.language_details.name }}/${{ matrix.language_details.name }}-report.md
 
@@ -104,5 +104,6 @@ jobs:
             --key-alias "${{ vars.EVIDENCE_KEY_ALIAS }}" \
             --predicate "results-javascript/javascript.sarif" \
             --predicate-type "http://github.com/CodeQL/static-analysis" \
+            --provider-id "github" \
             ${{ env.ATTACH_OPTIONAL_CUSTOM_MARKDOWN_TO_EVIDENCE == 'true' && '--markdown "results-javascript/javascript-report.md"' || '' }}
           fi

.github/workflows/dependabot-evidence-example.yml

@@ -28,7 +28,7 @@ jobs:
         uses: actions/checkout@v4
       - name: Build and Push Docker Image to Artifactory
         run: |
-          docker build -f ./examples/dependabot/Dockerfile . --tag $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION
+          docker build -f ./examples/github/dependabot/Dockerfile . --tag $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION
           jf rt docker-push $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION $REPO_NAME --build-name=$BUILD_NAME --build-number=$VERSION
 
       # Fetch Dependabot Vulnerability Snapshot
@@ -64,7 +64,7 @@ jobs:
           IMAGE_ID=$(docker images --format "{{.ID}}" "$ARTIFACT_NAME")
           IMAGE_SIZE=$(docker images --format "{{.Size}}" "$ARTIFACT_NAME" | sed 's/MB//' | awk '{print $1 * 1024 * 1024}')
           SCAN_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
-          python ./examples/dependabot/markdown_helper.py \
+          python ./examples/github/dependabot/markdown_helper.py \
             "dependabot.json" \
             "dependabot_report.md" \
             "$REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION" \
@@ -83,4 +83,5 @@ jobs:
             --key-alias "${{ vars.EVIDENCE_KEY_ALIAS }}" \
             --predicate ./dependabot.json \
             --predicate-type http://Github.com/Dependabot/static-analysis \
+            --provider-id "github" \
             ${{ env.ATTACH_OPTIONAL_CUSTOM_MARKDOWN_TO_EVIDENCE == 'true' && '--markdown "dependabot_report.md"' || '' }}

examples/codeql/README.md → examples/github/codeql/README.md

@@ -94,6 +94,7 @@ jf evd create \
 --key-alias ${{ vars.CODEQL_KEY_ALIAS }} \
 --predicate "results-javascript/javascript.sarif" \
 --predicate-type "http://github.com/CodeQL/static-analysis" \
+--provider-id "github" \
 --markdown "results-javascript/javascript-report.md"
 ```
 

examples/codeql/codeql-config.yml → examples/github/codeql/codeql-config.yml

@@ -13,4 +13,4 @@ paths-ignore:
   - '**/*.spec.ts'
 
 paths:
-  - examples/codeql/
+  - examples/github/codeql/

examples/dependabot/Dockerfile → examples/github/dependabot/Dockerfile

@@ -2,7 +2,7 @@ FROM python:3.7-slim-buster
 
 WORKDIR /app
 
-COPY ./examples/dependabot/requirements.txt .
+COPY ./examples/github/dependabot/requirements.txt .
 
 RUN pip install --no-cache-dir -r requirements.txt
 

examples/dependabot/README.md → examples/github/dependabot/README.md

@@ -72,7 +72,7 @@ The Fetch Dependabot Vulnerability Snapshot step retrieves Dependabot alerts and
   The workflow first builds a Docker image and pushes it to your Artifactory instance. This image acts as the "subject" to which the Dependabot evidence will be attached.
 
   ```bash
-    docker build -f ./examples/dependabot/Dockerfile . --tag $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION
+    docker build -f ./examples/github/dependabot/Dockerfile . --tag $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION
     jf rt docker-push $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION $REPO_NAME --build-name=$BUILD_NAME --build-number=$VERSION
   ```
 - **Fetch Dependabot Vulnerability Snapshot**
@@ -108,6 +108,7 @@ The Fetch Dependabot Vulnerability Snapshot step retrieves Dependabot alerts and
             --package-repo-name $REPO_NAME \
             --key "${{ secrets.TEST_PRVT_KEY }}" \
             --key-alias ${{ vars.TEST_PUB_KEY_ALIAS }} \
+            --provider-id "github" \
             --predicate ./dependabot.json \
             --predicate-type http://Github.com/Dependabot/static-analysis
   ```