Update project root files based on latest template

Author: rjeberhard

CONTRIBUTING.md

@@ -1,31 +1,55 @@
----
-
----
-
-# Source Code Submissions
-We welcome your contributions and look forward to collaborating with you. We can only accept source code repository
-submissions from users who have signed and returned the Oracle
-Contributor Agreement. You will find details and the agreement to sign at this OTN web page:
-[Oracle Contributor Agreement](http://www.oracle.com/technetwork/community/oca-486395.html).
-
-# Other Contributions
-For all project Submissions other than source code repository contributions, the following also applies: Oracle does
-not claim ownership of Your Submissions. However, in order to fulfill
-the purposes of this project, You must give Oracle and all Users
-the right to post, access, discuss, use, publish, disseminate, and refine
-Your Submissions.
-
-In legalese: *You hereby grant to Oracle and all
-Users a royalty-free, perpetual, irrevocable, worldwide, non-exclusive,
-and fully sub-licensable right and license, under Your intellectual
-property rights, to reproduce, modify, adapt, publish, translate, create
-derivative works from, distribute, perform, display, and use Your
-Submissions (in whole or part) and to incorporate or implement them in
-other works in any form, media, or technology now known or later
-developed, all subject to the obligation to retain any copyright notices
-included in Your Submissions. All Users, Oracle, and their
-sublicensees are responsible for any modifications they make to the
-Submissions of others.*
-
-Copyright 2017, 2019, Oracle and/or its affiliates.
-Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+# Contributing to this repository
+
+We welcome your contributions! There are multiple ways to contribute.
+
+## Opening issues
+
+For bugs or enhancement requests, please file a GitHub issue unless it's
+security related. When filing a bug remember that the better written the bug is,
+the more likely it is to be fixed. If you think you've found a security
+vulnerability, do not raise a GitHub issue and follow the instructions in our
+[security policy](./SECURITY.md).
+
+## Contributing code
+
+We welcome your code contributions. Before submitting code via a pull request,
+you will need to have signed the [Oracle Contributor Agreement][OCA] (OCA) and
+your commits need to include the following line using the name and e-mail
+address you used to sign the OCA:
+
+```text
+Signed-off-by: Your Name <[email protected]>
+```
+
+This can be automatically added to pull requests by committing with `--sign-off`
+or `-s`, e.g.
+
+```text
+git commit --signoff
+```
+
+Only pull requests from committers that can be verified as having signed the OCA
+can be accepted.
+
+## Pull request process
+
+1. Ensure there is an issue created to track and discuss the fix or enhancement
+   you intend to submit.
+1. Fork this repository
+1. Create a branch in your fork to implement the changes. We recommend using
+   the issue number as part of your branch name, e.g. `1234-fixes`
+1. Ensure that any documentation is updated with the changes that are required
+   by your change.
+1. Ensure that any samples are updated if the base image has been changed.
+1. Submit the pull request. *Do not leave the pull request blank*. Explain exactly
+   what your changes are meant to do and provide simple steps on how to validate
+   your changes. Ensure that you reference the issue you created as well.
+1. We will assign the pull request to 2-3 people for review before it is merged.
+
+## Code of conduct
+
+Follow the [Golden Rule](https://en.wikipedia.org/wiki/Golden_Rule). If you'd
+like more specific guidelines, see the [Contributor Covenant Code of Conduct][COC].
+
+[OCA]: https://oca.opensource.oracle.com
+[COC]: https://www.contributor-covenant.org/version/1/4/code-of-conduct/

LICENSE

@@ -0,0 +1,35 @@
+Copyright (c) 2021 Oracle and/or its affiliates.
+
+The Universal Permissive License (UPL), Version 1.0
+
+Subject to the condition set forth below, permission is hereby granted to any
+person obtaining a copy of this software, associated documentation and/or data
+(collectively the "Software"), free of charge and under any and all copyright
+rights in the Software, and any and all patent rights owned or freely
+licensable by each licensor hereunder covering either (i) the unmodified
+Software as contributed to or provided by such licensor, or (ii) the Larger
+Works (as defined below), to deal in both
+
+(a) the Software, and
+(b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+one is included with the Software (each a "Larger Work" to which the Software
+is contributed by such licensors),
+
+without restriction, including without limitation the rights to copy, create
+derivative works of, display, perform, and distribute the Software and make,
+use, sell, offer for sale, import, export, have made, and have sold the
+Software and the Larger Work(s), and to sublicense the foregoing rights on
+either these or other terms.
+
+This license is subject to the following condition:
+The above copyright notice and either this complete permission notice or at
+a minimum a reference to the UPL must be included in all copies or
+substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

LICENSE.txt

@@ -1,5 +1,4 @@
-WebLogic Monitoring Exporter
-=====
+# WebLogic Monitoring Exporter
 
 [![Build Status](https://travis-ci.org/oracle/weblogic-monitoring-exporter.svg?branch=master)](https://travis-ci.org/oracle/weblogic-monitoring-exporter)
 
@@ -127,11 +126,11 @@ include the `restPort` configuration to tell the exporter which port to use.
 * [Chart-based sample](samples/kubernetes/end2end): This is an end-to-end sample that shows you the steps to set up monitoring for WebLogic domains using Prometheus and Grafana. Prometheus and Grafana are installed with Helm charts.
 
 
-# Web application
+### Web application
 
 One way to use the exporter is by creating a WAR file with a default configuration and deploying it to a WebLogic Server instance.
 
-## Setting the configuration
+#### Setting the configuration
 
 The web application has a main landing page, which displays the current [configuration](#configuration) and allows
 you to change it, either by uploading a replacement or an addition to the queries specified with the current one.
@@ -156,11 +155,11 @@ is the Maven-assigned version number.
 Adding `-Dconfiguration=<some-config-file>` will insert the specified configuration as its default and remove
 the version number to simplify deployment to WebLogic Server.
 
-# Sidecar
+## Sidecar
 
 The sidecar is a standalone process that runs the exporter.
 
-## Build and run with Maven
+### Build and run with Maven
 
 There are two ways to build the sidecar implementation. The first is with Maven, using the same `mvn install` command 
 specified [above](#building-from-source). Note that this requires JDK11 or later; building the project with JDK8 will 
@@ -183,7 +182,7 @@ WebLogic host | `localhost` | `WLS_HOST`
 WebLogic port | `7001` | `WLS_PORT`
 Use https | `false` | `WLS_SECURE`
 
-## Configure the exporter
+### Configure the exporter
 
 You configure the sidecar by sending a PUT request to the path `/configuration`. 
 You can do this with `curl`; that is how the operator does it. 
@@ -223,8 +222,19 @@ docker build . --build-arg MAVEN_OPTS="-Dhttps.proxyHost=www-proxy -Dhttps.proxy
 This allows Docker to download the dependencies. 
 
 
- 
-## Copyright
+## Contributing
+
+This project welcomes contributions from the community. Before submitting a pull
+request, please [review our contribution guide](./CONTRIBUTING.md).
+
+## Security
+
+Please consult the [security guide](./SECURITY.md) for our responsible security
+vulnerability disclosure process.
+
+## License
+
+Copyright (c) 2019, 2021 Oracle and/or its affiliates.
 
- Copyright &copy; 2017, 2021, Oracle and/or its affiliates.
- Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+Released under the Universal Permissive License v1.0 as shown at
+<https://oss.oracle.com/licenses/upl/>.

README.md

@@ -0,0 +1,40 @@
+# Reporting security vulnerabilities
+
+Oracle values the independent security research community and believes that
+responsible disclosure of security vulnerabilities helps us ensure the security
+and privacy of all our users.
+
+Please do NOT raise a GitHub Issue to report a security vulnerability. If you
+believe you have found a security vulnerability, please submit a report to
+[[email protected]][1] preferably with a proof of concept. Please review
+some additional information on [how to report security vulnerabilities to Oracle][2].
+We encourage people who contact Oracle Security to use email encryption using
+[our encryption key][3].
+
+We ask that you do not use other channels or contact the project maintainers
+directly.
+
+Non-vulnerability related security issues including ideas for new or improved
+security features are welcome on GitHub Issues.
+
+## Security updates, alerts and bulletins
+
+Security updates will be released on a regular cadence. Many of our projects
+will typically release security fixes in conjunction with the
+[Oracle Critical Patch Update][3] program. Security updates are released on the
+Tuesday closest to the 17th day of January, April, July and October. A pre-release
+announcement will be published on the Thursday preceding each release. Additional
+information, including past advisories, is available on our [security alerts][4]
+page.
+
+## Security-related information
+
+We will provide security related information such as a threat model, considerations
+for secure use, or any known security issues in our documentation. Please note
+that labs and sample code are intended to demonstrate a concept and may not be
+sufficiently hardened for production use.
+
+[1]: mailto:[email protected]
+[2]: https://www.oracle.com/corporate/security-practices/assurance/vulnerability/reporting.html
+[3]: https://www.oracle.com/security-alerts/encryptionkey.html
+[4]: https://www.oracle.com/security-alerts/