chore: update references to config repo

.vscode/launch.json

@@ -102,7 +102,7 @@
                 "--public-key",
                 "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEZP/0htjhVt2y0ohjgtIIgICOtQtA\nnaYJRuLprwIv6FDhZ5yFjYUEtsmoNcW7rx2KM6FOXGsCX3BNc7qhHELT+g==\n-----END PUBLIC KEY-----",
                 "--policy",
-                "github.com/enterprise-contract/config//slsa3",
+                "github.com/conforma/config//slsa3",
                 "--image",
                 "quay.io/konflux-ci/ec-golden-image:latest",
                 "--ignore-rekor",

docs/modules/ROOT/pages/verify-conforma-konflux-ta.adoc

@@ -17,7 +17,7 @@ Verify the enterprise contract is met
 resource) to use. `namespace/name` or `name` syntax supported. If
 namespace is omitted the namespace where the task runs is used.
 You can also specify a policy configuration using a git url, e.g.
-`github.com/enterprise-contract/config//slsa3`.
+`github.com/conforma/config//slsa3`.
 
 +
 *Default*: `enterprise-contract-service/default`

docs/modules/ROOT/pages/verify-enterprise-contract.adoc

@@ -28,7 +28,7 @@ Each `containerImage` in the `components` array is validated.
 resource) to use. `namespace/name` or `name` syntax supported. If
 namespace is omitted the namespace where the task runs is used.
 You can also specify a policy configuration using a git url, e.g.
-`github.com/enterprise-contract/config//slsa3`.
+`github.com/conforma/config//slsa3`.
 
 +
 *Default*: `enterprise-contract-service/default`

hack/cut-release.sh

@@ -130,9 +130,9 @@ For example (in policy repo):
 You have some flexibility around what sha to use, but the current upstream/main is probably good choice.
 
 The config PR should add one more of these for ${RELEASE_NAME}:
-https://github.com/enterprise-contract/config/blob/ddfe77d02b8feb20e0701290dcf84e6d6d10abf0/src/data.json#L31-L40
+https://github.com/conforma/config/blob/ddfe77d02b8feb20e0701290dcf84e6d6d10abf0/src/data.json#L31-L40
 Don't forget to do 'make refresh' and check in the changes.
-When it's merged we should see it at https://github.com/enterprise-contract/config/blob/main/default-${RELEASE_NAME}/policy.yaml
+When it's merged we should see it at https://github.com/conforma/config/blob/main/default-${RELEASE_NAME}/policy.yaml
 
 Deciding when to update the tssc-sample-pipelines repo is up to the RHTAP developers and may depend on their release
 schedule and the release schedule of RHTAS. Note that there are two places to change it:

hack/keyless-demo.sh

@@ -25,7 +25,7 @@ IDENTITY_ISSUER=${IDENTITY_ISSUER:-"https://token.actions.githubusercontent.com"
 #IDENTITY_REGEXP=${IDENTITY_REGEXP:-"https:\/\/github\.com\/(slsa-framework\/slsa-github-generator|lcarva\/festoji)\/"}
 #IDENTITY_ISSUER=${IDENTITY_ISSUER:-"https://token.actions.githubusercontent.com"}
 
-POLICY_YAML=${POLICY_YAML:-"github.com/enterprise-contract/config//github-default"}
+POLICY_YAML=${POLICY_YAML:-"github.com/conforma/config//github-default"}
 #POLICY_YAML=${POLICY_YAML:-"./policy.yaml"}
 
 OUTPUT=${OUTPUT:-yaml}

hack/simple-demo.sh

@@ -60,8 +60,8 @@ PUBLIC_KEY=${PUBLIC_KEY:-$KONFLUX_PROD_KEY}
 #PUBLIC_KEY=${PUBLIC_KEY:-$KONFLUX_STAGE_KEY}
 
 # Adjust as required
-POLICY_YAML=${POLICY_YAML:-"github.com/enterprise-contract/config//default"}
-#POLICY_YAML=${POLICY_YAML:-"github.com/enterprise-contract/config//redhat-no-hermetic"}
+POLICY_YAML=${POLICY_YAML:-"github.com/conforma/config//default"}
+#POLICY_YAML=${POLICY_YAML:-"github.com/conforma/config//redhat-no-hermetic"}
 #POLICY_YAML=${POLICY_YAML:-"./policy.yaml"}
 
 OUTPUT=${OUTPUT:-text}

tasks/verify-conforma-konflux-ta/0.1/verify-conforma-konflux-ta.yaml

@@ -46,7 +46,7 @@
         resource) to use. `namespace/name` or `name` syntax supported. If
         namespace is omitted the namespace where the task runs is used.
         You can also specify a policy configuration using a git url, e.g.
-        `github.com/enterprise-contract/config//slsa3`.
+        `github.com/conforma/config//slsa3`.
       default: "enterprise-contract-service/default"
 
     - name: PUBLIC_KEY
@@ -118,20 +118,20 @@
       description: Merge additional Rego variables into the policy data. Use syntax "key=value,key2=value2..."
       default: ""
 
     - name: TIMEOUT
       type: string
       description: >
         This param is deprecated and will be removed in future. Its value is ignored. EC will
         be run without a timeout. (If you do want to apply a timeout use the Tekton task timeout.)
       default: ""
 
     - name: WORKERS
       type: string
       description: >
         Number of parallel workers to use for policy evaluation. This parameter is currently not used. All
         policy evaluations are run with 35 workers.
       default: "35"
 
     - name: SINGLE_COMPONENT
       description: Reduce the Snapshot to only the component whose build caused the Snapshot to be created
       type: string

tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml

@@ -53,7 +53,7 @@
         resource) to use. `namespace/name` or `name` syntax supported. If
         namespace is omitted the namespace where the task runs is used.
         You can also specify a policy configuration using a git url, e.g.
-        `github.com/enterprise-contract/config//slsa3`.
+        `github.com/conforma/config//slsa3`.
       default: "enterprise-contract-service/default"
 
     - name: PUBLIC_KEY
@@ -125,13 +125,13 @@
       description: Merge additional Rego variables into the policy data. Use syntax "key=value,key2=value2..."
       default: ""
 
     - name: TIMEOUT
       type: string
       description: >
         This param is deprecated and will be removed in future. Its value is ignored. EC will
         be run without a timeout. (If you do want to apply a timeout use the Tekton task timeout.)
       default: ""
 
     - name: WORKERS
       type: string
       description: Number of parallel workers to use for policy evaluation.