Standardized the folder structure

.github/dependabot.yml

@@ -1,6 +1,6 @@
 version: 2
 updates:
   - package-ecosystem: "pip"
-    directory: "/examples/dependabot-alerts-example"
+    directory: "/examples/dependabot"
     schedule:
       interval: "daily"

.github/workflows/cypress-evidence-example.yml

@@ -27,11 +27,11 @@ jobs:
         uses: actions/checkout@v4
         with:
           sparse-checkout: |
-            examples/cypress-test-reports-example/**
+            examples/cypress/**
           sparse-checkout-cone-mode: false
       - name: Build and publish Docker image
         run: |
-          docker build . --file ./examples/cypress-test-reports-example/Dockerfile --tag $REGISTRY_URL/$REPO_NAME/$IMAGE_NAME:$TAG_NAME
+          docker build . --file ./examples/cypress/Dockerfile --tag $REGISTRY_URL/$REPO_NAME/$IMAGE_NAME:$TAG_NAME
           jf rt docker-push $REGISTRY_URL/$REPO_NAME/$IMAGE_NAME:$TAG_NAME $REPO_NAME --build-name=$BUILD_NAME --build-number=$BUILD_NUMBER
           jf rt build-publish $BUILD_NAME $BUILD_NUMBER
 
@@ -46,25 +46,25 @@ jobs:
           quiet: true
           wait-on: 'http://localhost:3000/app.html'
           wait-on-timeout: 120
-          working-directory: examples/cypress-test-reports-example
+          working-directory: examples/cypress
         env:
           CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }}
         continue-on-error: true
       - name: Merge Cypress results
         run: npm run merge-results
-        working-directory: examples/cypress-test-reports-example
+        working-directory: examples/cypress
 
       # This is an optional step to generate a markdown report
       - name: Generate optional markdown report
         if: env.ATTACH_OPTIONAL_MARKDOWN_TO_EVIDENCE == 'true'
         run: npm run generate:md
-        working-directory: examples/cypress-test-reports-example
+        working-directory: examples/cypress
         env:
           IMAGE_REF: ${{ env.REGISTRY_URL }}/${{ env.REPO_NAME }}/${{ env.IMAGE_NAME }}:${{ env.TAG_NAME }}
 
       #Steps to attach evidence to the package
       - name: Attach evidence to the package
-        working-directory: examples/cypress-test-reports-example
+        working-directory: examples/cypress
         run: |
           jf evd create \
           --package-name $IMAGE_NAME \

.github/workflows/dependabot-evidence-example.yml

@@ -28,7 +28,7 @@ jobs:
         uses: actions/checkout@v4
       - name: Build and Push Docker Image to Artifactory
         run: |
-          docker build -f ./examples/dependabot-alerts-example/Dockerfile . --tag $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION
+          docker build -f ./examples/dependabot/Dockerfile . --tag $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION
           jf rt docker-push $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION $REPO_NAME --build-name=$BUILD_NAME --build-number=$VERSION
 
       # Fetch Dependabot Vulnerability Snapshot
@@ -64,7 +64,7 @@ jobs:
           IMAGE_ID=$(docker images --format "{{.ID}}" "$ARTIFACT_NAME")
           IMAGE_SIZE=$(docker images --format "{{.Size}}" "$ARTIFACT_NAME" | sed 's/MB//' | awk '{print $1 * 1024 * 1024}')
           SCAN_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
-          python ./examples/dependabot-alerts-example/markdown_helper.py \
+          python ./examples/dependabot/markdown_helper.py \
             "dependabot.json" \
             "dependabot_report.md" \
             "$REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION" \

.github/workflows/trivy-evidence-example.yml

@@ -28,7 +28,7 @@ jobs:
         uses: actions/checkout@v4
       - name: Build and publish Docker Image to Artifactory
         run: |
-          docker build . --file ./examples/trivy-verify-example/Dockerfile --tag $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION
+          docker build . --file ./examples/trivy/Dockerfile --tag $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION
           echo "Pushing Docker Image to Artifactory"
           jf rt docker-push $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION $REPO_NAME --build-name=$BUILD_NAME --build-number=${{ github.run_number }}
           echo "Pushing Docker Image to Artifactory completed"
@@ -48,7 +48,7 @@ jobs:
       - name: Generate optional custom markdown report
         if: env.ATTACH_OPTIONAL_CUSTOM_MARKDOWN_TO_EVIDENCE == 'true'
         run: |
-          python ./examples/trivy-verify-example/trivy_json_to_markdown_helper.py trivy-results.json
+          python ./examples/trivy/trivy_json_to_markdown_helper.py trivy-results.json
 
       # Attaching the evidence to associated package
       - name: Attach evidence using jfrog cli

examples/codeql/README.md

@@ -19,36 +19,30 @@ The workflow performs CodeQL analysis on Go and JavaScript codebases, publishes
 - Go
 - JavaScript
 
-## Workflow Steps
-1. **Checkout Repository**
-    - Performs sparse checkout of required directories
-    - Only checks out the necessary CodeQL examples and queries
-
-2. **Setup CodeQL**
-    - Initializes CodeQL for the specified language
-    - Configures custom queries from `examples/codeql/queries/{language}`
-
-3. **Setup Build Environment**
-    - For Go: Installs Go 1.24.3
-    - For JavaScript: Installs Node.js
-    - Configures JFrog CLI with Artifactory credentials
-
-4. **Run CodeQL Analysis**
-    - Performs CodeQL analysis for security and quality
-    - Generates SARIF format results
-    - Saves results without uploading to GitHub
-
-5. **Build and Publish Packages**
-    - For Go:
-        - Configures JFrog CLI for Go repository
-        - Publishes package to Artifactory Go repository
-    - For JavaScript:
-        - Configures JFrog CLI for npm repository
-        - Publishes package to Artifactory npm repository
-
-6. **Attach Evidence**
-    - Attaches CodeQL analysis results as signed evidence to the published packages
-
+## Workflow
+
+```mermaid
+graph TD
+    A[Workflow Dispatch Trigger] --> Matrix{Language Matrix: Go or JavaScript?}
+    Matrix --> |Go|GoSetup[Setup JFrog CLI]
+    Matrix --> |JavaScript|JSSetup[Setup Jfrog CLI]
+    JSSetup -->JSCheckout[Checkout Repository]
+    GoSetup -->GoCheckout[Checkout Repository]
+    JSCheckout -->I[Set up CodeQL for JavaScript]
+    GoCheckout -->H[Set up CodeQL for Go]
+    H --> J[Run CodeQL Analysis for Go]
+    I --> K[Run CodeQL Analysis for JavaScript]
+    J --> L{Attach Optional Custom Markdown Report?}
+    K --> M{Attach Optional Custom Markdown Report?}
+    L -->|Yes| N[Generate Markdown Report for Go]
+    L -->|No| O[Skip Markdown Report for Go]
+    M -->|Yes| P[Generate Markdown Report for JavaScript]
+    M -->|No| Q[Skip Markdown Report for JavaScript]
+    N --> R[Attach Evidence for Go]
+    O --> R[Attach Evidence for Go]
+    P --> S[Attach Evidence for JavaScript]
+    Q --> S[Attach Evidence for JavaScript]
+```
 ## Environment Setup
 
 ### Go Package Configuration

examples/cypress-test-reports-example/Dockerfile → examples/cypress/Dockerfile

@@ -5,7 +5,7 @@ FROM node:20
 WORKDIR /app
 
 # Copy package files and install dependencies
-COPY examples/cypress-test-reports-example/package*.json ./
+COPY examples/cypress/package*.json ./
 RUN npm install
 
 # Copy the rest of the app

examples/cypress-test-reports-example/README.md → examples/cypress/README.md

@@ -30,23 +30,21 @@ The workflow builds a Docker image, runs Cypress tests, generates test result ev
 - `ATTACH_OPTIONAL_MARKDOWN_TO_EVIDENCE` - Set to `true` to attach a Markdown report as evidence
 - `UPLOAD_CYPRESS_REPORT_TO_CLOUD` - Set to `true` to record Cypress results to the Cypress Dashboard
 
-## Workflow Steps
-
-1. **Install JFrog CLI**
-    - Installs the JFrog CLI using the official GitHub Action.
-2. **Checkout Repository**
-    - Checks out the source code for the build context.
-3. **Build and Publish Docker Image**
-    - Builds the Docker image and pushes it to Artifactory using JFrog CLI.
-4. **Run Cypress Tests**
-    - Runs Cypress end-to-end tests, records results, and waits for the application to be available.
-5. **Merge Cypress Results**
-    - Merges Cypress test results into a single JSON file.
-6. **Generate Optional Markdown Report**
-    - If enabled, generates a Markdown report from the Cypress results.
-7. **Attach Cypress Evidence Using JFrog CLI**
-    - Attaches the Cypress test results as signed evidence to the Docker image package in Artifactory.
+## Workflow
 
+```mermaid
+graph TD
+    A[Workflow Dispatch Trigger] --> B[Setup JFrog CLI]
+    B --> C[Checkout Repository]
+    C --> D[Build and Publish Docker Image]
+    D --> E[Run Cypress Tests]
+    E --> F[Merge Cypress Results]
+    F --> G{Attach Optional Markdown Report?}
+    G -->|Yes| H[Generate Markdown Report]
+    G -->|No| I[Skip Markdown Report]
+    H --> J[Attach Evidence to Package]
+    I --> J[Attach Evidence to Package]
+```
 ## Example Usage
 
 You can trigger the workflow manually from the GitHub Actions tab. The workflow will:
@@ -60,7 +58,7 @@ You can trigger the workflow manually from the GitHub Actions tab. The workflow
 
 - **Build and Push Docker Image:**
   ```bash
-  docker build . --file ./examples/cypress-test-reports-example/Dockerfile --tag $REGISTRY_URL/$REPO_NAME/$IMAGE_NAME:$TAG_NAME
+  docker build . --file ./examples/cypress/Dockerfile --tag $REGISTRY_URL/$REPO_NAME/$IMAGE_NAME:$TAG_NAME
   jf rt docker-push $REGISTRY_URL/$REPO_NAME/$IMAGE_NAME:$TAG_NAME $REPO_NAME --build-name=$BUILD_NAME --build-number=$BUILD_NUMBER
   jf rt build-publish $BUILD_NAME $BUILD_NUMBER
   ```

examples/cypress-test-reports-example/cypress.config.js → examples/cypress/cypress.config.js

@@ -1,7 +1,7 @@
 const { defineConfig } = require("cypress");
 
 module.exports = defineConfig({
-  projectId: "cypress-test-reports-example", // Replace with your actual project ID
+  projectId: "cypress-example", // Replace with your actual project ID
   fixturesFolder: false,
   reporter: "mochawesome",
   reporterOptions: {

examples/cypress-test-reports-example/package.json → examples/cypress/package.json

@@ -1,5 +1,5 @@
 {
-  "name": "cypress-test-reports-example",
+  "name": "cypress",
   "version": "1.0.0",
   "description": "",
   "main": "cypress.config.js",

examples/dependabot-alerts-example/Dockerfile → examples/dependabot/Dockerfile

@@ -2,7 +2,7 @@ FROM python:3.7-slim-buster
 
 WORKDIR /app
 
-COPY ./examples/dependabot-alerts-example/requirements.txt .
+COPY ./examples/dependabot/requirements.txt .
 
 RUN pip install --no-cache-dir -r requirements.txt
 

examples/dependabot-alerts-example/README.md → examples/dependabot/README.md

@@ -27,22 +27,20 @@ The workflow builds a Docker image, fetches open Dependabot vulnerability alerts
 - `VERSION` - Image version
 - `BUILD_NAME` - Name for the build info 
 
-## Workflow Steps
-1. **Checkout Repository**
-   - Checks out the source code for the build context.
-2. **Setup JFrog CLI**
-   - Install and Setup the JFrog CLI using the official GitHub Action.
-3. **Log in to Artifactory Docker Registry**
-   - Authenticates Docker with Artifactory for pushing the image.
-4. **Set up Docker Buildx**
-   - Prepares Docker Buildx for advanced build and push operations.
-5. **Build and Push Docker Image to Artifactory**
-   - Builds the Docker image using the provided Dockerfile and tags it for the Artifactory registry.
-   - Pushes the tagged Docker image to the Artifactory Docker registry using JFrog CLI.
-8. **Fetch Dependabot Vulnerability Snapshot**
-   - Fetchs the snapshot of open Dependabot vulnerability alerts for the repository and outputs the results in JSON format.
-9. **Create Dependabot Evidence Using JFrog CLI**
-   - Attaches the Dependabot vulnerability snapshot as signed evidence to the Docker image package in Artifactory.
+## Workflow
+
+```mermaid
+graph TD
+    A[Workflow Dispatch Trigger] --> B[Setup JFrog CLI]
+    B --> C[Checkout Code]
+    C --> D[Build and Push Docker Image to Artifactory]
+    D --> E[Fetch Dependabot Vulnerability Snapshot]
+    E --> F{Attach Optional Custom Markdown Report?}
+    F -->|Yes| G[Generate Custom Markdown Report]
+    F -->|No| H[Skip Markdown Report]
+    G --> I[Attach Evidence to Package]
+    H --> I[Attach Evidence to Package]
+```
 
 ## Example Dependabot Vulnerability Alert Data
 
@@ -62,7 +60,7 @@ The Fetch Dependabot Vulnerability Snapshot step retrieves Dependabot alerts and
 
 - **Build and Push Docker Image to Artifactory**
   ```bash
-    docker build -f ./examples/dependabot-alerts-example/Dockerfile . --tag $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION
+    docker build -f ./examples/dependabot/Dockerfile . --tag $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION
     jf rt docker-push $REGISTRY_DOMAIN/$REPO_NAME/$IMAGE_NAME:$VERSION $REPO_NAME --build-name=$BUILD_NAME --build-number=$VERSION
   ```
 - **Fetch Dependabot Vulnerability Snapshot**

examples/trivy-verify-example/README.md → examples/trivy/README.md

@@ -25,25 +25,20 @@ scanning in your CI/CD pipeline.
 
 - `REGISTRY_DOMAIN` - Docker registry domain
 
-## Workflow Steps
-
-1. **Install JFrog CLI**
-    - Installs the JFrog CLI using the official GitHub Action.
-2. **Checkout Repository**
-    - Checks out the source code for the build context.
-3. **Build Docker Image**
-    - Builds the Docker image using the provided Dockerfile and tags it for the Artifactory registry.
-4. **Run Trivy Security Scan**
-    - Scans the built Docker image for vulnerabilities using Trivy and outputs the results in JSON format.
-5. **Generate Custom Markdown For Trivy Results**
-    - (Optional) Converts the Trivy JSON scan results to markdown format for better readability using a python script
-      with predefined static markdown template.
-6. **Push Docker Image to Artifactory**
-    - Pushes the tagged Docker image to the Artifactory Docker registry using JFrog CLI.
-7. **Publish Build Info**
-    - Publishes build information to Artifactory for traceability.
-8. **Attach Trivy Evidence Using JFrog CLI**
-    - Attaches the Trivy scan results as signed evidence to the Docker image package in Artifactory.
+## Workflow
+
+```mermaid
+graph TD
+    A[Workflow Dispatch Trigger] --> B[Setup JFrog CLI]
+    B --> C[Checkout Repository]
+    C --> D[Build and Publish Docker Image to Artifactory]
+    D --> E[Run Trivy Vulnerability Scan]
+    E --> F{Attach Optional Custom Markdown Report?}
+    F -->|Yes| G[Generate Custom Markdown Report]
+    F -->|No| H[Skip Markdown Report]
+    G --> I[Attach Evidence to Package]
+    H --> I[Attach Evidence to Package]
+```
 
 ## Example Usage