Adopt new upstream name "Conforma" in cli docs

README.md

@@ -1,11 +1,11 @@
-# `ec` a command line client for evaluating the Enterprise Contract
+# `ec` a command line client for verifying artifacts and evaluating policies
 
-The `ec` tool is used to evaluate Enterprise Contract policies for Software
+The `ec` tool is used to evaluate Conforma policies for Software
 Supply Chain. Various sub-commands can be used to assert facts about an artifact
 such as:
   * Validating container image signature
   * Validating container image provenance
-  * Evaluating Enterprise Contract [policies][pol] over the container image provenance
+  * Evaluating [policies][pol] over the container image provenance
   * Fetching artifact authorization
 
 Consult the [documentation][docs] for available sub-commands, descriptions and

cmd/fetch/fetch_policy.go

@@ -52,9 +52,8 @@ func fetchPolicyCmd() *cobra.Command {
 			documentation for more usage examples and for details on the different types of
 			supported source URLs.
 
-			Note that this command is not typically required to verify the Enterprise
-			Contract. It has been made available for troubleshooting and debugging
-			purposes.
+			Note that this command is not typically required to evaluate policies.
+			It has been made available for troubleshooting and debugging purposes.
 		`),
 
 		Example: hd.Doc(`

cmd/inspect/inspect_policy.go

@@ -63,16 +63,16 @@ func inspectPolicyCmd() *cobra.Command {
 			including the rule annotations which include the rule's title and description
 			and custom fields used by ec to filter the results produced by conftest.
 
-			Note that this command is not typically required to verify the Enterprise
-			Contract. It has been made available for troubleshooting and debugging purposes.
+			Note that this command is not typically required to evaluate policies.
+			It has been made available for troubleshooting and debugging purposes.
 		`),
 
 		Example: hd.Doc(`
-			Print a list of rules and their descriptions from the latest Enterprise Contract release policy:
+			Print a list of rules and their descriptions from the latest release policy:
 
 			  ec inspect policy --source quay.io/enterprise-contract/ec-release-policy
 
-			Display details about the latest Enterprise Contract release policy in json format:
+			Display details about the latest release policy in json format:
 
 			  ec inspect policy --source quay.io/enterprise-contract/ec-release-policy -o json | jq
 		`),

cmd/inspect/inspect_policy_data.go

@@ -56,8 +56,8 @@ func inspectPolicyDataCmd() *cobra.Command {
 			the policy is fetched it reads json and yaml files inside the policy source and
 			displays the data.
 
-			Note that this command is not typically required to verify the Enterprise
-			Contract. It has been made available for troubleshooting and debugging purposes.
+			Note that this command is not typically required to evaluate policies.
+			It has been made available for troubleshooting and debugging purposes.
 		`),
 
 		Example: hd.Doc(`

cmd/root/root_cmd.go

@@ -34,6 +34,7 @@ import (
 	"github.com/enterprise-contract/ec-cli/internal/kubernetes"
 	"github.com/enterprise-contract/ec-cli/internal/logging"
 	"github.com/enterprise-contract/ec-cli/internal/tracing"
+	"github.com/enterprise-contract/ec-cli/internal/version"
 )
 
 var (
@@ -57,12 +58,12 @@ func (customDeadlineExceededError) Temporary() bool { return true }
 func NewRootCmd() *cobra.Command {
 	rootCmd := &cobra.Command{
 		Use:   "ec",
-		Short: "Enterprise Contract CLI",
+		Short: version.CliName() + " CLI",
 
 		Long: hd.Doc(`
-			Enterprise Contract CLI
+			` + version.CliName() + ` CLI
 
-			Set of commands to help validate resources with the Enterprise Contract.
+			Set of commands to help validate resources with the provided policies.
 		`),
 
 		SilenceUsage: true,

cmd/validate/image.go

@@ -82,13 +82,13 @@ func validateImageCmd(validate imageValidationFunc) *cobra.Command {
 
 	cmd := &cobra.Command{
 		Use:   "image",
-		Short: "Validate conformance of container images with the Enterprise Contract",
+		Short: "Validate conformance of container images with the provided policies",
 
 		Long: hd.Doc(`
-			Validate conformance of container images with the Enterprise Contract
+			Validate conformance of container images with the provided policies
 
 			For each image, validation is performed in stages to determine if the image
-			conforms to the Enterprise Contract.
+			conforms to the provided policies.
 
 			The first validation stage determines if an image has been signed, and the
 			signature matches the provided public key. This is akin to the "cosign verify"

cmd/validate/input.go

@@ -57,9 +57,9 @@ func validateInputCmd(validate InputValidationFunc) *cobra.Command {
 	}
 	cmd := &cobra.Command{
 		Use:   "input",
-		Short: "Validate arbitrary JSON or yaml file input conformance with the Enterprise Contract",
+		Short: "Validate arbitrary JSON or yaml file input conformance with the provided policies",
 		Long: hd.Doc(`
-			Validate conformance of arbitrary JSON or yaml file input with the Enterprise Contract
+			Validate conformance of arbitrary JSON or yaml file input with the provided policies
 
 			For each file, validation is performed to determine if the file conforms to rego policies
 			defined in the EnterpriseContractPolicy.

cmd/validate/validate.go

@@ -40,7 +40,7 @@ func init() {
 func NewValidateCmd() *cobra.Command {
 	validateCmd := &cobra.Command{
 		Use:   "validate",
-		Short: "Validate conformance with the Enterprise Contract",
+		Short: "Validate conformance with the provided policies",
 	}
 	validateCmd.PersistentFlags().Bool("show-successes", false, "")
 	return validateCmd

docs/antora.yml

@@ -16,7 +16,7 @@
 
 ---
 name: ec-cli
-title: Enterprise Contract CLI
+title: Conforma CLI (formerly Enterprise Contract CLI)
 version: ~
 nav:
   - modules/ROOT/nav.adoc

docs/modules/ROOT/pages/configuration.adoc

@@ -397,8 +397,8 @@ JSON::
 
 === Specifying that certain tests should be non-blocking
 
-This example shows how to specify that the Enterprise Contract is allowed to
-pass even if certain tests failed or didn't complete.
+This example shows how to specify that Conforma should produce a passing
+result even if certain tests failed or didn't complete.
 
 [tabs]
 ====
@@ -485,7 +485,7 @@ JSON::
 
 == Data Sources
 
-Some of the Enterprise Contract policy rules, defined in the ec-policies git
+Some of the Conforma policy rules, defined in the ec-policies git
 repository, rely on certain data values when evaluated. For example, a policy
 rule exists to ensure all the parent container images used during the build
 process have been retrieved from an acceptable registry. The list of acceptable

docs/modules/ROOT/pages/ec.adoc

@@ -1,12 +1,12 @@
 = ec
 
-Enterprise Contract CLI
+Conforma CLI
 
 == Synopsis
 
-Enterprise Contract CLI
+Conforma CLI
 
-Set of commands to help validate resources with the Enterprise Contract.
+Set of commands to help validate resources with the provided policies.
 
 [source,shell]
 ----

docs/modules/ROOT/pages/ec_fetch.adoc

@@ -18,4 +18,4 @@ Fetch remote resources
 
 == See also
 
- * xref:ec.adoc[ec - Enterprise Contract CLI]
+ * xref:ec.adoc[ec - Conforma CLI]

docs/modules/ROOT/pages/ec_fetch_policy.adoc

@@ -16,9 +16,8 @@ This command is based on 'conftest pull' so you can refer to the conftest pull
 documentation for more usage examples and for details on the different types of
 supported source URLs.
 
-Note that this command is not typically required to verify the Enterprise
-Contract. It has been made available for troubleshooting and debugging
-purposes.
+Note that this command is not typically required to evaluate policies.
+It has been made available for troubleshooting and debugging purposes.
 
 [source,shell]
 ----

docs/modules/ROOT/pages/ec_init.adoc

@@ -18,4 +18,4 @@ Initialize a directory for use
 
 == See also
 
- * xref:ec.adoc[ec - Enterprise Contract CLI]
+ * xref:ec.adoc[ec - Conforma CLI]

docs/modules/ROOT/pages/ec_inspect.adoc

@@ -18,4 +18,4 @@ Inspect policy rules
 
 == See also
 
- * xref:ec.adoc[ec - Enterprise Contract CLI]
+ * xref:ec.adoc[ec - Conforma CLI]

docs/modules/ROOT/pages/ec_inspect_policy-data.adoc

@@ -10,8 +10,8 @@ This fetches policy sources similar to the 'ec fetch policy' command, but once
 the policy is fetched it reads json and yaml files inside the policy source and
 displays the data.
 
-Note that this command is not typically required to verify the Enterprise
-Contract. It has been made available for troubleshooting and debugging purposes.
+Note that this command is not typically required to evaluate policies.
+It has been made available for troubleshooting and debugging purposes.
 
 [source,shell]
 ----

docs/modules/ROOT/pages/ec_inspect_policy.adoc

@@ -14,20 +14,20 @@ This can be used to extract information about each rule in the policy source,
 including the rule annotations which include the rule's title and description
 and custom fields used by ec to filter the results produced by conftest.
 
-Note that this command is not typically required to verify the Enterprise
-Contract. It has been made available for troubleshooting and debugging purposes.
+Note that this command is not typically required to evaluate policies.
+It has been made available for troubleshooting and debugging purposes.
 
 [source,shell]
 ----
 ec inspect policy --source <source-url> [flags]
 ----
 
 == Examples
-Print a list of rules and their descriptions from the latest Enterprise Contract release policy:
+Print a list of rules and their descriptions from the latest release policy:
 
   ec inspect policy --source quay.io/enterprise-contract/ec-release-policy
 
-Display details about the latest Enterprise Contract release policy in json format:
+Display details about the latest release policy in json format:
 
   ec inspect policy --source quay.io/enterprise-contract/ec-release-policy -o json | jq
 

docs/modules/ROOT/pages/ec_opa.adoc

@@ -25,4 +25,4 @@ ec opa [flags]
 
 == See also
 
- * xref:ec.adoc[ec - Enterprise Contract CLI]
+ * xref:ec.adoc[ec - Conforma CLI]

docs/modules/ROOT/pages/ec_sigstore.adoc

@@ -18,4 +18,4 @@ Perform certain sigstore operations
 
 == See also
 
- * xref:ec.adoc[ec - Enterprise Contract CLI]
+ * xref:ec.adoc[ec - Conforma CLI]

docs/modules/ROOT/pages/ec_test.adoc

@@ -105,4 +105,4 @@ the output will include a detailed trace of how the policy was evaluated, e.g.
 
 == See also
 
- * xref:ec.adoc[ec - Enterprise Contract CLI]
+ * xref:ec.adoc[ec - Conforma CLI]

docs/modules/ROOT/pages/ec_track.adoc

@@ -18,4 +18,4 @@ Record resource references for tracking purposes
 
 == See also
 
- * xref:ec.adoc[ec - Enterprise Contract CLI]
+ * xref:ec.adoc[ec - Conforma CLI]

docs/modules/ROOT/pages/ec_validate.adoc

@@ -1,6 +1,6 @@
 = ec validate
 
-Validate conformance with the Enterprise Contract
+Validate conformance with the provided policies
 
 == Options
 
@@ -19,4 +19,4 @@ Validate conformance with the Enterprise Contract
 
 == See also
 
- * xref:ec.adoc[ec - Enterprise Contract CLI]
+ * xref:ec.adoc[ec - Conforma CLI]

docs/modules/ROOT/pages/ec_validate_image.adoc

@@ -1,13 +1,13 @@
 = ec validate image
 
-Validate conformance of container images with the Enterprise Contract
+Validate conformance of container images with the provided policies
 
 == Synopsis
 
-Validate conformance of container images with the Enterprise Contract
+Validate conformance of container images with the provided policies
 
 For each image, validation is performed in stages to determine if the image
-conforms to the Enterprise Contract.
+conforms to the provided policies.
 
 The first validation stage determines if an image has been signed, and the
 signature matches the provided public key. This is akin to the "cosign verify"
@@ -167,4 +167,4 @@ JSON of the "spec" or a reference to a Kubernetes object [<namespace>/]<name>
 
 == See also
 
- * xref:ec_validate.adoc[ec validate - Validate conformance with the Enterprise Contract]
+ * xref:ec_validate.adoc[ec validate - Validate conformance with the provided policies]

docs/modules/ROOT/pages/ec_validate_input.adoc

@@ -1,10 +1,10 @@
 = ec validate input
 
-Validate arbitrary JSON or yaml file input conformance with the Enterprise Contract
+Validate arbitrary JSON or yaml file input conformance with the provided policies
 
 == Synopsis
 
-Validate conformance of arbitrary JSON or yaml file input with the Enterprise Contract
+Validate conformance of arbitrary JSON or yaml file input with the provided policies
 
 For each file, validation is performed to determine if the file conforms to rego policies
 defined in the EnterpriseContractPolicy.
@@ -73,4 +73,4 @@ mark (?) sign, for example: --output text=output.txt?show-successes=false
 
 == See also
 
- * xref:ec_validate.adoc[ec validate - Validate conformance with the Enterprise Contract]
+ * xref:ec_validate.adoc[ec validate - Validate conformance with the provided policies]

docs/modules/ROOT/pages/ec_validate_policy.adoc

@@ -39,4 +39,4 @@ ec validate policy --policy-configuration github.com/org/repo/policy.yaml
 
 == See also
 
- * xref:ec_validate.adoc[ec validate - Validate conformance with the Enterprise Contract]
+ * xref:ec_validate.adoc[ec validate - Validate conformance with the provided policies]

docs/modules/ROOT/pages/ec_version.adoc

@@ -20,4 +20,4 @@ Print version information
 
 == See also
 
- * xref:ec.adoc[ec - Enterprise Contract CLI]
+ * xref:ec.adoc[ec - Conforma CLI]

docs/modules/ROOT/pages/index.adoc

@@ -1,15 +1,16 @@
 :pol: https://github.com/enterprise-contract/ec-policies/
 
-= Enterprise Contract CLI
+= Conforma CLI
 
-The EC CLI is used to evaluate Enterprise Contract policies for Software Supply Chain.
-Various sub-commands can be used to assert facts about an artifact such as:
+The Conforma CLI is used to verify signatures and evaluate policies for
+Software Supply Chain artifacts. Various sub-commands can be used to assert
+facts about an artifact such as:
 
 * Validating container image signature
 * Validating container image provenance
-* Evaluating Enterprise Contract {pol}[policies] over the container image provenance
+* Evaluating {pol}[policies] over the container image provenance
 
-This documentation includes xref:ec.adoc[EC Command Line reference
+This documentation includes xref:ec.adoc[Conforma Command Line reference
 documentation], and documentation on the
 xref:verify-enterprise-contract.adoc[Verify Enterprise Contract Task]
-used to run the EC in a Tekton pipeline.
+used to run Conforma in a Tekton pipeline.

docs/modules/ROOT/pages/policy_input.adoc

@@ -1,7 +1,7 @@
 = Policy Input
 
 The policy input refers the variable `input` in rego. This page describes the structure of the input
-available for policy evaluation when using the Enterprise Contract CLI. The input is different for
+available for policy evaluation when using the Conforma CLI. The input is different for
 each subcommand as each subcommand has a different specialty.
 
 == Validate Image
@@ -112,7 +112,7 @@ only version control system supported is `git`. This information originates from
 ApplicationSnapshot provided to the `ec validate image` command. It is empty if the source
 information is not given to the command.
 
-The SourceDescriptor contains the single `git` attribute which hold an object with information
+The SourceDescriptor contains the single `git` attribute which holds an object with information
 about a git repository. `.revision` is a string holding a git reference. This could be a commit ID,
 branch, etc. `url` is the URL of the git repository.
 

docs/modules/ROOT/pages/signing.adoc

@@ -1,12 +1,12 @@
 = Signing
 
-The Enterprise Contract relies on https://www.sigstore.dev/[Sigstore] signatures to verify the
+Conforma relies on https://www.sigstore.dev/[Sigstore] signatures to verify the
 authenticity of content being verified. Currently, this is integrated with the `ec validate image`
 command.
 
 == Image Verification
 
-When the Enterprise Contract validates an image, there are certain
+When Conforma validates an image, there are certain
 https://enterprisecontract.dev/docs/ec-policies/release_policy.html#builtin_attestation_package[builtin]
 policy rules that are always applied and cannot be skipped. Most of these rely on
 https://github.com/sigstore/cosign[cosign] to fetch and verify image signatures and attestations.
@@ -18,8 +18,8 @@ fulfill the validation of another image.
 == Sigstore Levels
 
 There are different levels of Sigstore adoption. These can be done
-https://www.linuxfoundation.org/blog/blog/adopting-sigstore-incrementally[incrementally]. The
-Enterprise Contract can be used to validate artifacts regardless of the level.
+https://www.linuxfoundation.org/blog/blog/adopting-sigstore-incrementally[incrementally].
+Conforma can be used to validate artifacts regardless of the level.
 
 === Long-Lived Keys