Record SARIF results after security commands to upload for GitHub

[attiasas]

• The pull request is targeting the dev branch.
• The code has been validated to compile successfully by running go vet ./....
• The code has been formatted properly using go fmt ./....
• All static analysis checks passed.
• All tests have passed. If this feature is not already covered by the tests, new tests have been added.
• All changes are detailed at the description. if not already covered at JFrog Documentation, new documentation have been added.

---

Depends on:

• Command Summary - New record functionality jfrog-cli-core#1230

Record SARIF results after security commands to upload for GitHub

Supported commands: docker scan and scan

When running one of those commands using https://github.com/jfrog/setup-jfrog-cli, the command will record the results in SARIF format and be uploaded to the GitHub Security tab if applicable.

Additional Improvements:

• Patch to SARIF content to pass Github Ingestion Rules and to add additional context to the attributes
• Job Summary - if docker image tag was not provided to jf docker scan <image> save record arg as <image>:latest
• Job Summary - pad curation summary details tag with \n at the end to fix section

To Support uploading results from the CLI directly to GitHub Code scanning, transferring code from:
https://github.com/jfrog/frogbot/blob/master/utils/utils.go#L241

[github-actions]

---

🐸 JFrog Frogbot