Restructure solution layout by module

samples/ci/buildx-demo/README.md

@@ -1,42 +1,42 @@
-# Buildx SBOM Demo Workflow
-
-This sample GitHub Actions workflow shows how to run the StellaOps BuildX generator alongside a container build.
-
-## What it does
-
-1. Publishes the `StellaOps.Scanner.Sbomer.BuildXPlugin` with the manifest copied beside the binaries.
-2. Calls the plug-in `handshake` command to verify the local CAS directory.
-3. Builds a tiny Alpine-based image via `docker buildx`.
-4. Generates a CycloneDX SBOM from the built image with `docker sbom`.
-5. Emits a descriptor + provenance placeholder referencing the freshly generated SBOM with the `descriptor` command.
-6. Sends the placeholder to a mock Attestor endpoint and uploads the descriptor, SBOM, and captured request as artefacts. (Swap the mock step with your real Attestor URL + `STELLAOPS_ATTESTOR_TOKEN` secret when ready.)
-
-## Files
-
-- `github-actions-buildx-demo.yml` – workflow definition (`workflow_dispatch` + `demo/buildx` branch trigger).
-- `Dockerfile` – minimal demo image.
-- `github-actions-buildx-demo.yml` now captures a real SBOM via `docker sbom`.
-
-## Running locally
-
-```bash
-dotnet publish src/StellaOps.Scanner.Sbomer.BuildXPlugin/StellaOps.Scanner.Sbomer.BuildXPlugin.csproj -c Release -o out/buildx
-
-dotnet out/buildx/StellaOps.Scanner.Sbomer.BuildXPlugin.dll handshake \
-  --manifest out/buildx \
-  --cas out/cas
-
-docker buildx build --load -t stellaops/buildx-demo:ci samples/ci/buildx-demo
-DIGEST=$(docker image inspect stellaops/buildx-demo:ci --format '{{index .RepoDigests 0}}')
-
-docker sbom stellaops/buildx-demo:ci --format cyclonedx-json > out/buildx-sbom.cdx.json
-
-dotnet out/buildx/StellaOps.Scanner.Sbomer.BuildXPlugin.dll descriptor \
-  --manifest out/buildx \
-  --image "$DIGEST" \
-  --sbom out/buildx-sbom.cdx.json \
-  --sbom-name buildx-sbom.cdx.json \
-  > out/buildx-descriptor.json
-```
-
-The descriptor JSON contains deterministic annotations and provenance placeholders ready for the Attestor.
+# Buildx SBOM Demo Workflow
+
+This sample GitHub Actions workflow shows how to run the StellaOps BuildX generator alongside a container build.
+
+## What it does
+
+1. Publishes the `StellaOps.Scanner.Sbomer.BuildXPlugin` with the manifest copied beside the binaries.
+2. Calls the plug-in `handshake` command to verify the local CAS directory.
+3. Builds a tiny Alpine-based image via `docker buildx`.
+4. Generates a CycloneDX SBOM from the built image with `docker sbom`.
+5. Emits a descriptor + provenance placeholder referencing the freshly generated SBOM with the `descriptor` command.
+6. Sends the placeholder to a mock Attestor endpoint and uploads the descriptor, SBOM, and captured request as artefacts. (Swap the mock step with your real Attestor URL + `STELLAOPS_ATTESTOR_TOKEN` secret when ready.)
+
+## Files
+
+- `github-actions-buildx-demo.yml` – workflow definition (`workflow_dispatch` + `demo/buildx` branch trigger).
+- `Dockerfile` – minimal demo image.
+- `github-actions-buildx-demo.yml` now captures a real SBOM via `docker sbom`.
+
+## Running locally
+
+```bash
+dotnet publish src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/StellaOps.Scanner.Sbomer.BuildXPlugin.csproj -c Release -o out/buildx
+
+dotnet out/buildx/StellaOps.Scanner.Sbomer.BuildXPlugin.dll handshake \
+  --manifest out/buildx \
+  --cas out/cas
+
+docker buildx build --load -t stellaops/buildx-demo:ci samples/ci/buildx-demo
+DIGEST=$(docker image inspect stellaops/buildx-demo:ci --format '{{index .RepoDigests 0}}')
+
+docker sbom stellaops/buildx-demo:ci --format cyclonedx-json > out/buildx-sbom.cdx.json
+
+dotnet out/buildx/StellaOps.Scanner.Sbomer.BuildXPlugin.dll descriptor \
+  --manifest out/buildx \
+  --image "$DIGEST" \
+  --sbom out/buildx-sbom.cdx.json \
+  --sbom-name buildx-sbom.cdx.json \
+  > out/buildx-descriptor.json
+```
+
+The descriptor JSON contains deterministic annotations and provenance placeholders ready for the Attestor.