docs: Update community files

Co-Authored-By: Alessandro Fael Garcia <[email protected]>

Author: DylenTurnbull

.github/CODEOWNERS

@@ -0,0 +1,5 @@
+#####################
+# Main global owner #
+#####################
+
+*

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,67 @@
+---
+name: 🐛 Bug report
+description: Create a report to help us improve
+labels: bug
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report!
+
+        Before you continue filling out this report, please take a moment to check that your bug has not been [already reported on GitHub][issue search] 🙌
+
+        Remember to redact any sensitive information such as authentication credentials and/or license keys!
+
+        **Note:** If you are seeking community support or have a question, please consider starting a new thread via [GitHub discussions][discussions] or the [NGINX Community forum][forum].
+
+        [issue search]: ../search?q=is%3Aissue&type=issues
+
+        [discussions]: ../discussions
+        [forum]: https://community.nginx.org
+
+  - type: textarea
+    id: overview
+    attributes:
+      label: Bug Overview
+      description: A clear and concise overview of the bug.
+      placeholder: When I do "X" with the NGINX unprivileged Docker image, "Y" happens instead of "Z".
+    validations:
+      required: true
+
+  - type: textarea
+    id: behavior
+    attributes:
+      label: Expected Behavior
+      description: A clear and concise description of what you expected to happen.
+      placeholder: When I do "X" with the NGINX unprivileged Docker image, I expect "Z" to happen.
+    validations:
+      required: true
+
+  - type: textarea
+    id: steps
+    attributes:
+      label: Steps to Reproduce the Bug
+      description: Detail the series of steps required to reproduce the bug. Deploy NGINX Unprivileged Docker image, View output/logs/configuration on '...', See error.
+      placeholder: When I run the NGINX Docker unprivileged image using [...], the image fails with an error message. If I check the terminal outputs and/or logs, I see the following error info.
+    validations:
+      required: true
+
+  - type: textarea
+    id: environment
+    attributes:
+      label: Environment Details
+      description: Please provide details about your environment.
+      value: |
+        - Version of Docker and method of installation: [e.g. Docker Desktop / Docker Server]
+        - Version/tag of the NGINX Docker unprivileged image or specific commit: [e.g. 1.4.3/commit hash]
+        - Target deployment platform: [e.g. OpenShift/Kubernetes/Docker Compose/local cluster/etc...]
+        - Target OS: [e.g. RHEL 9/Ubuntu 24.04/etc...]
+    validations:
+      required: true
+
+  - type: textarea
+    id: context
+    attributes:
+      label: Additional Context
+      description: Add any other context about the problem here.
+      placeholder: Feel free to add any other context/information/screenshots/etc... that you think might be relevant to this issue in here.

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,12 @@
+---
+blank_issues_enabled: false
+contact_links:
+  - name: 💬 Talk to the NGINX community!
+    url: https://community.nginx.org
+    about: A community forum for NGINX users, developers, and contributors
+  - name: 📝 Code of Conduct
+    url: https://www.contributor-covenant.org/version/2/1/code_of_conduct
+    about: NGINX follows the Contributor Covenant Code of Conduct to ensure a safe and inclusive community
+  - name: 💼 For commercial & enterprise users
+    url: https://www.f5.com/products/nginx
+    about: F5 offers a wide range of NGINX products for commercial & enterprise users

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,41 @@
+---
+name: ✨ Feature request
+description: Suggest an idea for this project
+labels: enhancement
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this feature request!
+
+        Before you continue filling out this request, please take a moment to check that your feature has not been [already requested on GitHub][issue search] 🙌
+
+        **Note:** If you are seeking community support or have a question, please consider starting a new thread via [GitHub discussions][discussions] or the [NGINX Community forum][forum].
+
+        [issue search]: ../search?q=is%3Aissue&type=issues
+
+        [discussions]: ../discussions
+        [forum]: https://community.nginx.org
+
+  - type: textarea
+    id: overview
+    attributes:
+      label: Feature Overview
+      description: A clear and concise description of what the feature request is.
+      placeholder: I would like the NGINX Docker unprivileged image to be able to do "X".
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives Considered
+      description: Detail any potential alternative solutions/workarounds you've used or considered.
+      placeholder: I have done/might be able to do "X" using the NGINX Docker unprivileged image by doing "Y".
+
+  - type: textarea
+    id: context
+    attributes:
+      label: Additional Context
+      description: Add any other context about the problem here.
+      placeholder: Feel free to add any other context/information/screenshots/etc... that you think might be relevant to this feature request here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,35 @@
+---
+name: ⚠️ Security advisory
+description: Warn of a security advisory
+labels: security
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this security advisory!
+
+        Before you continue filling out this request, please take a moment to check that your advisory complies with the guidance in the [security documentation][security] and has not been [already reported on GitHub][issue search] 🙌
+
+        **Note:** If you are seeking community support or have a question, please consider starting a new thread via [GitHub discussions][discussions] or the [NGINX Community forum][forum].
+
+        [security]: https://github.com/nginx/docker-nginx-unprivileged/blob/main/SECURITY.md
+        [issue search]: ../search?q=is%3Aissue&type=issues
+
+        [discussions]: ../discussions
+        [forum]: https://community.nginx.org
+
+  - type: textarea
+    id: overview
+    attributes:
+      label: Security advisory overview
+      description: A clear and concise description of what the security advisory is.
+      placeholder: The NGINX Docker unprivileged image is vulnerable to CVE "X".
+    validations:
+      required: true
+
+  - type: textarea
+    id: context
+    attributes:
+      label: Additional Context
+      description: Add any other context about the problem here.
+      placeholder: Feel free to add any other context/information/screenshots/etc... that you think might be relevant to this security advisory here.

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -6,7 +6,8 @@ Describe the use case and detail of the change. If this PR addresses an issue on
 
 Before creating a PR, run through this checklist and mark each as complete:
 
-- [ ] I have read the [`CONTRIBUTING`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/CONTRIBUTING.md) document
-- [ ] I have run `./update.sh` and ensured all entrypoint/Dockerfile template changes have been applied to the relevant image entrypoint scripts & Dockerfiles
-- [ ] I have tested that the NGINX Unprivileged Docker images build and run correctly on all supported architectures on an unprivileged environment (check out the [`README`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/README.md) for more details)
-- [ ] I have updated any relevant documentation ([`README`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/README.md))
+- [ ] I have read the [contributing guidelines](/CONTRIBUTING.md)
+- [ ] I have signed the [F5 Contributor License Agreement (CLA)](https://github.com/f5/f5-cla/blob/main/docs/f5_cla.md)
+- [ ] I have run the [`update.sh`](/update.sh) script and ensured all entrypoint/Dockerfile template changes have been applied to the relevant image entrypoint scripts & Dockerfiles
+- [ ] I have tested that the NGINX Docker unprivileged image builds and runs correctly on all supported architectures on an unprivileged environment (check out the [`README`](/README.md) for more details)
+- [ ] I have updated any relevant documentation ([`README.md`](/README.md))

.github/ISSUE_TEMPLATE/security_report.md

@@ -0,0 +1,7 @@
+---
+annotations:
+  - checks:
+      - fuzzing
+      - sast
+    reasons:
+      - reason: not-applicable

.github/ISSUE_TEMPLATE/security_report.yml

@@ -0,0 +1,42 @@
+---
+name: F5 CLA
+on:
+  issue_comment:
+    types: [created]
+  pull_request_target:
+    types: [opened, closed, synchronize]
+permissions: read-all
+jobs:
+  f5-cla:
+    name: F5 CLA
+    runs-on: ubuntu-24.04
+    permissions:
+      actions: write
+      pull-requests: write
+      statuses: write
+    steps:
+      - name: Run F5 Contributor License Agreement (CLA) assistant
+        if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have hereby read the F5 CLA and agree to its terms') || github.event_name == 'pull_request_target'
+        uses: contributor-assistant/github-action@ca4a40a7d1004f18d9960b404b97e5f30a505a08 # v2.6.1
+        with:
+          # Any pull request targeting the following branch will trigger a CLA check.
+          # NOTE: You might need to edit this value to 'master'.
+          branch: main
+          # Path to the CLA document.
+          path-to-document: https://github.com/f5/f5-cla/blob/main/docs/f5_cla.md
+          # Custom CLA messages.
+          custom-notsigned-prcomment: '🎉 Thank you for your contribution! It appears you have not yet signed the [F5 Contributor License Agreement (CLA)](https://github.com/f5/f5-cla/blob/main/docs/f5_cla.md), which is required for your changes to be incorporated into an F5 Open Source Software (OSS) project. Please kindly read the [F5 CLA](https://github.com/f5/f5-cla/blob/main/docs/f5_cla.md) and reply on a new comment with the following text to agree:'
+          custom-pr-sign-comment: 'I have hereby read the F5 CLA and agree to its terms'
+          custom-allsigned-prcomment: '✅ All required contributors have signed the F5 CLA for this PR. Thank you!'
+          # Remote repository storing CLA signatures.
+          remote-organization-name: f5
+          remote-repository-name: f5-cla-data
+          path-to-signatures: signatures/signatures.json
+          # Comma separated list of usernames for maintainers or any other individuals who should not be prompted for a CLA.
+          # NOTE: You will want to edit the usernames to suit your project needs.
+          allowlist: bot*
+          # Do not lock PRs after a merge.
+          lock-pullrequest-aftermerge: false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PERSONAL_ACCESS_TOKEN: ${{ secrets.F5_CLA_TOKEN }}

.github/pull_request_template.md

@@ -0,0 +1,52 @@
+---
+# This workflow uses actions that are not certified by GitHub. They are provided by a third-party and are governed by separate terms of service, privacy policy, and support documentation.
+name: OSSF Scorecard
+on:
+  # For Branch-Protection check. Only the default branch is supported. See https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection.
+  branch_protection_rule:
+  # To guarantee Maintained check is occasionally updated. See https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained.
+  schedule:
+    - cron: "0 0 * * 1"
+  push:
+    branches: [main]
+  workflow_dispatch:
+# Declare default permissions as read only.
+permissions: read-all
+jobs:
+  analysis:
+    name: Scorecard analysis
+    runs-on: ubuntu-24.04
+    # Delete the conditional below if you are using the OSSF Scorecard on a private repository.
+    if: ${{ github.event.repository.private == false }}
+    permissions:
+      # Needed if using Code Scanning alerts.
+      security-events: write
+      # Needed for GitHub OIDC token if publish_results is true.
+      id-token: write
+    steps:
+      - name: Check out the codebase
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          persist-credentials: false
+
+      - name: Run analysis
+        uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
+        with:
+          results_file: results.sarif
+          results_format: sarif
+          # Publish the results for public repositories to enable scorecard badges. For more details, see https://github.com/ossf/scorecard-action#publishing-results.
+          publish_results: true
+
+      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF format to the repository Actions tab.
+      - name: Upload artifact
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        with:
+          name: SARIF file
+          path: results.sarif
+          retention-days: 5
+
+      # Upload the results to GitHub's code scanning dashboard.
+      - name: Upload SARIF results to code scanning
+        uses: github/codeql-action/upload-sarif@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12
+        with:
+          sarif_file: results.sarif

.github/scorecard.yml

@@ -10,20 +10,19 @@ We pledge to act and interact in ways that contribute to an open, welcoming, div
 
 Examples of behavior that contributes to a positive environment for our community include:
 
-- Demonstrating empathy and kindness toward other people
-- Being respectful of differing opinions, viewpoints, and experiences
-- Giving and gracefully accepting constructive feedback
-- Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience
-- Focusing on what is best not just for us as individuals, but for the overall community
+- Demonstrating empathy and kindness toward other people.
+- Being respectful of differing opinions, viewpoints, and experiences.
+- Giving and gracefully accepting constructive feedback.
+- Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience.
+- Focusing on what is best not just for us as individuals, but for the overall community.
 
 Examples of unacceptable behavior include:
 
-- The use of sexualized language or imagery, and sexual attention or advances of
-  any kind
-- Trolling, insulting or derogatory comments, and personal or political attacks
-- Public or private harassment
-- Publishing others' private information, such as a physical or email address, without their explicit permission
-- Other conduct which could reasonably be considered inappropriate in a professional setting
+- The use of sexualized language or imagery, and sexual attention or advances of any kind.
+- Trolling, insulting or derogatory comments, and personal or political attacks.
+- Public or private harassment.
+- Publishing others' private information, such as a physical or email address, without their explicit permission.
+- Other conduct which could reasonably be considered inappropriate in a professional setting.
 
 ## Enforcement Responsibilities