Add security documentation for OpenSSF Silver badge

[jkowall]

This PR adds comprehensive security documentation required for the OpenSSF Best Practices Silver badge.

Documentation is organized in docs/security/ and includes:

• Security Assurance Case
• Security Architecture
• Threat Model
• Release Verification Guide
• Self-Assessment

Minimal updates were made to SECURITY.md, CONTRIBUTING.md, and SECURITY-INSIGHTS.yml to link these documents.

Built on a fresh branch from upstream/main to ensure no stale changes persist.

[Copilot]

Pull request overview

This PR adds comprehensive security documentation to support the OpenSSF Best Practices Silver badge application. The documentation provides detailed threat modeling, security assurance, and operational guidance for the Jaeger distributed tracing system.

Changes:

• Added five new security documentation files covering threat model, assurance case, security architecture, self-assessment, and release verification
• Updated SECURITY.md with a table linking to the new security documentation
• Updated SECURITY-INSIGHTS.yml metadata with current dates and additional self-assessment reference
• Enhanced CONTRIBUTING.md with explicit testing policy statement

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
docs/security/verifying-releases.md	Provides instructions for verifying GPG signatures on releases and git tags
docs/security/threat-model.md	Documents threat actors, trust boundaries, and security mitigations across the system
docs/security/self-assessment.md	CNCF TAG Security self-assessment summary with metadata
docs/security/assurance-case.md	Maps security requirements to design principles and common weakness mitigations
docs/security/architecture.md	Details TLS configuration, input validation, and system hardening practices
SECURITY.md	Added Security Documentation section with table of links to new documentation
SECURITY-INSIGHTS.yml	Updated timestamps and added local self-assessment reference
CONTRIBUTING.md	Added explicit testing policy statement requiring tests for new functionality

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 8 out of 8 changed files in this pull request and generated 5 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 95.45%. Comparing base (afdf1c3) to head (659cadd).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7896      +/-   ##
==========================================
+ Coverage   95.44%   95.45%   +0.01%     
==========================================
  Files         305      305              
  Lines       16192    16192              
==========================================
+ Hits        15454    15456       +2     
+ Misses        577      576       -1     
+ Partials      161      160       -1     

Flag	Coverage Δ
badger_v1	9.22% <ø> (ø)
badger_v2	1.93% <ø> (ø)
cassandra-4.x-v1-manual	13.64% <ø> (ø)
cassandra-4.x-v2-auto	1.92% <ø> (ø)
cassandra-4.x-v2-manual	1.92% <ø> (ø)
cassandra-5.x-v1-manual	13.64% <ø> (ø)
cassandra-5.x-v2-auto	1.92% <ø> (ø)
cassandra-5.x-v2-manual	1.92% <ø> (ø)
clickhouse	1.98% <ø> (ø)
elasticsearch-6.x-v1	17.61% <ø> (ø)
elasticsearch-7.x-v1	17.64% <ø> (ø)
elasticsearch-8.x-v1	17.79% <ø> (ø)
elasticsearch-8.x-v2	1.93% <ø> (ø)
elasticsearch-9.x-v2	1.93% <ø> (ø)
grpc_v1	8.61% <ø> (ø)
grpc_v2	1.93% <ø> (ø)
kafka-3.x-v2	1.93% <ø> (ø)
memory_v2	1.93% <ø> (ø)
opensearch-1.x-v1	17.68% <ø> (ø)
opensearch-2.x-v1	17.68% <ø> (ø)
opensearch-2.x-v2	1.93% <ø> (ø)
opensearch-3.x-v2	1.93% <ø> (ø)
query	1.93% <ø> (ø)
tailsampling-processor	0.55% <ø> (ø)
unittests	94.10% <ø> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

Metrics Comparison Summary

Total changes across all snapshots: 0

Detailed changes per snapshot

summary_metrics_snapshot_cassandra

📊 Metrics Diff Summary

Total Changes: 0

• 🆕 Added: 0 metrics
• ❌ Removed: 0 metrics
• 🔄 Modified: 0 metrics
• 🚫 Excluded: 53 metrics

summary_metrics_snapshot_cassandra

📊 Metrics Diff Summary

Total Changes: 0

• 🆕 Added: 0 metrics
• ❌ Removed: 0 metrics
• 🔄 Modified: 0 metrics
• 🚫 Excluded: 106 metrics

summary_metrics_snapshot_cassandra

📊 Metrics Diff Summary

Total Changes: 0

• 🆕 Added: 0 metrics
• ❌ Removed: 0 metrics
• 🔄 Modified: 0 metrics
• 🚫 Excluded: 106 metrics

summary_metrics_snapshot_cassandra

📊 Metrics Diff Summary

Total Changes: 0

• 🆕 Added: 0 metrics
• ❌ Removed: 0 metrics
• 🔄 Modified: 0 metrics
• 🚫 Excluded: 53 metrics

➡️ View full metrics file