Update references to smithy

.github/settings.yml

@@ -4,13 +4,13 @@ repository:
   # See https://docs.github.com/en/rest/reference/repos#update-a-repository for all available settings.
 
   # The name of the repository. Changing this will rename the repository
-  name: 'dracon'
+  name: 'smithy'
 
   # A short description of the repository that will show up on GitHub
-  description: 'Security scanning & static analysis tool - forked and rewritten from @thought-machine/dracon'
+  description: 'Security scanning & static analysis tool - forked and rewritten from @thought-machine/smithy'
 
   # A URL with more information about the repository
-  homepage: 'https://ocurity.com'
+  homepage: 'https://smithy.security/'
 
   # A comma-separated list of topics to set on the repository
   topics: 'SAST, DAST, DevSecOps, Pipelines, Tekton'

.github/workflows/publish.yml

@@ -28,26 +28,26 @@ jobs:
       - name: Publish Docker images
         run: |
           make -j 16 publish-containers
-          make draconctl-image-publish DRACON_VERSION=latest
+          make smithyctl-image-publish SMITHY_VERSION=latest
 
       - name: Publish component Helm package
         run: |
           set -e
-          DRACON_VERSION_SEMVER=$(sed 's/v//' <<< ${{ github.ref_name }})
+          SMITHY_VERSION_SEMVER=$(sed 's/v//' <<< ${{ github.ref_name }})
 
           # Package and Publish Migrations
           # this must be the first step, because the migrations are a dependency of the components
           # it is not set explicitly yet as a dependency, but it will be set soon
           helm package --dependency-update \
                        --app-version ${{ github.ref_name }} \
-                       --version ${DRACON_VERSION_SEMVER} \
+                       --version ${SMITHY_VERSION_SEMVER} \
                        ./deploy/deduplication-db-migrations/chart
-          helm push deduplication-db-migrations-${DRACON_VERSION_SEMVER}.tgz oci://ghcr.io/ocurity/dracon/charts
+          helm push deduplication-db-migrations-${SMITHY_VERSION_SEMVER}.tgz oci://ghcr.io/smithy-security/smithy/charts
 
-          make cmd/draconctl/bin
+          make cmd/smithyctl/bin
           # Package and Publish Components
-          bin/cmd/linux/amd64/draconctl components package --version ${{ github.ref_name }} \
-                                               --chart-version ${DRACON_VERSION_SEMVER} \
-                                               --name dracon-oss-components \
+          bin/cmd/linux/amd64/smithyctl components package --version ${{ github.ref_name }} \
+                                               --chart-version ${SMITHY_VERSION_SEMVER} \
+                                               --name smithy-security-oss-components \
                                                ./components
-          helm push dracon-oss-components-${DRACON_VERSION_SEMVER}.tgz oci://ghcr.io/ocurity/dracon/charts
+          helm push smithy-security-oss-components-${SMITHY_VERSION_SEMVER}.tgz oci://ghcr.io/smithy-security/smithy/charts

.gitignore

@@ -6,5 +6,5 @@ bin
 .custom_image
 tests/output
 .vscode/
-deploy/dracon/chart/charts
+deploy/smithy/chart/charts
 .idea/

.reviewdog.yml

@@ -1,11 +1,11 @@
 ---
 runner:
   go/vet:
-    cmd: go vet $(go list ./... | grep -v /vendor/ | grep -v github.com/ocurity/dracon/api/proto/)
+    cmd: go vet $(go list ./... | grep -v /vendor/ | grep -v github.com/smithy-security/smithy/api/proto/)
     format: govet
 
   go/staticcheck:
-    cmd: staticcheck -checks "all,-SA1019,-ST1000" $(go list ./... | grep -v /vendor/ | grep -v github.com/ocurity/dracon/api/proto)
+    cmd: staticcheck -checks "all,-SA1019,-ST1000" $(go list ./... | grep -v /vendor/ | grep -v github.com/smithy-security/smithy/api/proto)
     format: staticcheck
 
   go/revive:
@@ -14,22 +14,22 @@ runner:
       - '%f:%l:%c: %m'
 
   go/containedctx:
-    cmd: go vet -vettool=$(which containedctx) $(go list ./... | grep -v /vendor/ | grep -v github.com/ocurity/dracon/api/proto)
+    cmd: go vet -vettool=$(which containedctx) $(go list ./... | grep -v /vendor/ | grep -v github.com/smithy-security/smithy/api/proto)
     errorformat:
       - '%f:%l:%c: %m'
 
   go/ineffassign:
-    cmd: ineffassign $(go list ./... | grep -v /vendor/ | grep -v github.com/ocurity/dracon/api/proto)
+    cmd: ineffassign $(go list ./... | grep -v /vendor/ | grep -v github.com/smithy-security/smithy/api/proto)
     errorformat:
       - '%f:%l:%c: %m'
 
   go/errorlint:
-    cmd: go-errorlint -errorf-multi -errorf -test $(go list ./... | grep -v /vendor/ | grep -v github.com/ocurity/dracon/api/proto)
+    cmd: go-errorlint -errorf-multi -errorf -test $(go list ./... | grep -v /vendor/ | grep -v github.com/smithy-security/smithy/api/proto)
     errorformat:
       - '%f:%l:%c: %m'
 
   go/errcheck:
-    cmd: errcheck -asserts -blank $(go list ./... | grep -v /vendor/ | grep -v github.com/ocurity/dracon/api/proto)
+    cmd: errcheck -asserts -blank $(go list ./... | grep -v /vendor/ | grep -v github.com/smithy-security/smithy/api/proto)
     errorformat:
       - '%f:%l:%c:%m'
 

Makefile

@@ -13,12 +13,12 @@ GO_TEST_PACKAGES=$(shell go list ./... | grep -v /vendor/)
 # Deployment vars
 # The following variables are used to define the deployment environment
 # e.g. what are the versions of the components, or the container registry, these are used by make targets that deploy things
-CONTAINER_REPO=ghcr.io/ocurity/dracon
-SOURCE_CODE_REPO=https://github.com/ocurity/dracon
-DRACON_DEV_VERSION=$(shell echo $(latest_tag)$$([ $(commits_since_latest_tag) -eq 0 ] || echo "-$$(git log -n 1 --pretty='format:%h')" )$$([ -z "$$(git status --porcelain=v1 2>/dev/null)" ] || echo "-dirty" ))
-DRACON_VERSION=$(shell (echo $(CONTAINER_REPO) | grep -q '^ghcr' && echo $(latest_tag)) || echo $(DRACON_DEV_VERSION) )
-DRACON_OSS_COMPONENTS_NAME=dracon-oss-components
-DRACON_OSS_COMPONENTS_PACKAGE_URL=oci://ghcr.io/ocurity/dracon/charts/$(DRACON_OSS_COMPONENTS_NAME)
+CONTAINER_REPO=ghcr.io/smithy-security/smithy
+SOURCE_CODE_REPO=https://github.com/smithy-security/smithy
+SMITHY_DEV_VERSION=$(shell echo $(latest_tag)$$([ $(commits_since_latest_tag) -eq 0 ] || echo "-$$(git log -n 1 --pretty='format:%h')" )$$([ -z "$$(git status --porcelain=v1 2>/dev/null)" ] || echo "-dirty" ))
+SMITHY_VERSION=$(shell (echo $(CONTAINER_REPO) | grep -q '^ghcr' && echo $(latest_tag)) || echo $(SMITHY_DEV_VERSION) )
+SMITHY_OSS_COMPONENTS_NAME=smithy-security-oss-components
+SMITHY_OSS_COMPONENTS_PACKAGE_URL=oci://ghcr.io/smithy-security/smithy/charts/$(SMITHY_OSS_COMPONENTS_NAME)
 
 TEKTON_VERSION=0.44.0
 TEKTON_DASHBOARD_VERSION=0.29.2
@@ -31,7 +31,7 @@ ES_OPERATOR_VERSION=2.2.0
 ES_VERSION=8.3.2
 MONGODB_VERSION=13.3.0
 PG_VERSION=11.9.8
-DRACON_NS=dracon
+SMITHY_NS=smithy
 TEKTON_NS=tekton-pipelines
 ARANGODB_NS=arangodb
 
@@ -44,7 +44,7 @@ export
 ########################################
 ############# BUILD TARGETS ############
 ########################################
-.PHONY: components component-binaries cmd/draconctl/bin protos build publish-component-containers publish-containers draconctl-image draconctl-image-publish clean-protos clean
+.PHONY: components component-binaries cmd/smithyctl/bin protos build publish-component-containers publish-containers smithyctl-image smithyctl-image-publish clean-protos clean
 
 $(component_binaries):
 	./scripts/build_component_binary.sh $@
@@ -58,23 +58,23 @@ $(component_containers): %/docker: %/bin
 
 components: $(component_containers)
 
-cmd/draconctl/bin:
+cmd/smithyctl/bin:
 	$(eval GOOS:=linux)
 	$(eval GOARCH:=amd64)
-	CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(GOARCH) go build -o bin/cmd/$(GOOS)/$(GOARCH)/draconctl cmd/draconctl/main.go
+	CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(GOARCH) go build -o bin/cmd/$(GOOS)/$(GOARCH)/smithyctl cmd/smithyctl/main.go
 
-draconctl-image: cmd/draconctl/bin
+smithyctl-image: cmd/smithyctl/bin
 	$(eval GOOS:=linux)
 	$(eval GOARCH:=amd64)
-	$(DOCKER) build -t "${CONTAINER_REPO}/draconctl:${DRACON_VERSION}" \
+	$(DOCKER) build -t "${CONTAINER_REPO}/smithyctl:${SMITHY_VERSION}" \
 		--build-arg GOOS=$(GOOS) \
 		--build-arg GOARCH=$(GOARCH) \
 		$$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \
-		-f containers/Dockerfile.draconctl . \
+		-f containers/Dockerfile.smithyctl . \
 		--platform "$(GOOS)/$(GOARCH)"
 
-draconctl-image-publish: draconctl-image
-	$(DOCKER) push "${CONTAINER_REPO}/draconctl:${DRACON_VERSION}"
+smithyctl-image-publish: smithyctl-image
+	$(DOCKER) push "${CONTAINER_REPO}/smithyctl:${SMITHY_VERSION}"
 
 third_party/tektoncd/swagger-v$(TEKTON_VERSION).json:
 	@wget "https://raw.githubusercontent.com/tektoncd/pipeline/v$(TEKTON_VERSION)/pkg/apis/pipeline/v1beta1/swagger.json" -O $@
@@ -95,7 +95,7 @@ $(component_containers_publish): %/publish: %/docker
 
 publish-component-containers: $(component_containers_publish)
 
-publish-containers: publish-component-containers draconctl-image-publish
+publish-containers: publish-component-containers smithyctl-image-publish
 
 clean-protos:
 	@find . -not -path './vendor/*' -name '*.pb.go' -delete
@@ -135,7 +135,7 @@ go-tests:
 go-cover: go-tests
 	@go tool cover -html=tests/output/cover.out -o=tests/output/cover.html && open tests/output/cover.html
 
-migration-tests: cmd/draconctl/bin
+migration-tests: cmd/smithyctl/bin
 	cd tests/migrations/ && docker compose up --abort-on-container-exit --build --exit-code-from tester
 
 test: go-tests migration-tests
@@ -169,7 +169,7 @@ print-%:
 ########## DEPLOYMENT TARGETS ##########
 ########################################
 .PHONY: deploy-nginx deploy-arangodb-crds deploy-arangodb-operator add-es-helm-repo deploy-elasticoperator \
-		tektoncd-dashboard-helm deploy-tektoncd-dashboard add-bitnami-repo dev-dracon dev-deploy dev-teardown \
+		tektoncd-dashboard-helm deploy-tektoncd-dashboard add-bitnami-repo dev-smithy dev-deploy dev-teardown \
 		install install-oss-components deploy-cluster
 
 deploy-nginx:
@@ -229,16 +229,16 @@ deploy-cluster:
 
 install: deploy-cluster dev-infra deploy-elasticoperator deploy-arangodb-crds add-bitnami-repo
 	@echo "fetching dependencies if needed"
-	@helm dependency build ./deploy/dracon/chart
+	@helm dependency build ./deploy/smithy/chart
 
-	@echo "deploying dracon"
-	@helm upgrade dracon ./deploy/dracon/chart \
+	@echo "deploying smithy"
+	@helm upgrade smithy ./deploy/smithy/chart \
 		--install \
-		--values ./deploy/dracon/values/dev.yaml \
+		--values ./deploy/smithy/values/dev.yaml \
 		--create-namespace \
 		--set "image.registry=$(CONTAINER_REPO)" \
-		--namespace $(DRACON_NS) \
-		--version $(DRACON_VERSION) \
+		--namespace $(SMITHY_NS) \
+		--version $(SMITHY_VERSION) \
 		--wait
 
 	@echo "Applying migrations"
@@ -247,69 +247,69 @@ install: deploy-cluster dev-infra deploy-elasticoperator deploy-arangodb-crds ad
 		--values ./deploy/deduplication-db-migrations/values/dev.yaml \
 		--create-namespace \
 		--set "image.registry=$(CONTAINER_REPO)" \
-		--namespace $(DRACON_NS) \
-		--set "image.tag=$(DRACON_VERSION)" \
+		--namespace $(SMITHY_NS) \
+		--set "image.tag=$(SMITHY_VERSION)" \
 		--wait
 
 	@echo "Installing Components"
 	# we are setting the container repo to it's own value so that we can override it from other make targets
 	# e.g. when installing oss components from locally built components, we want to `make install` with CONTAINER_REPO being the kind-registry, and the package_url being the component tar.gz
-	$(MAKE) install-oss-components CONTAINER_REPO=$(CONTAINER_REPO) DRACON_OSS_COMPONENTS_PACKAGE_URL=$(DRACON_OSS_COMPONENTS_PACKAGE_URL)
+	$(MAKE) install-oss-components CONTAINER_REPO=$(CONTAINER_REPO) SMITHY_OSS_COMPONENTS_PACKAGE_URL=$(SMITHY_OSS_COMPONENTS_PACKAGE_URL)
 
 dev-deploy-oss-components:
-	@echo "Deploying components in local dracon instance"
+	@echo "Deploying components in local smithy instance"
 	$(MAKE) dev-build-oss-components CONTAINER_REPO=$(CONTAINER_REPO)
-	$(MAKE) install-oss-components CONTAINER_REPO=$(CONTAINER_REPO) DRACON_OSS_COMPONENTS_PACKAGE_URL=$(DRACON_OSS_COMPONENTS_PACKAGE_URL)
+	$(MAKE) install-oss-components CONTAINER_REPO=$(CONTAINER_REPO) SMITHY_OSS_COMPONENTS_PACKAGE_URL=$(SMITHY_OSS_COMPONENTS_PACKAGE_URL)
 
 install-oss-components:
-	@helm upgrade $(DRACON_OSS_COMPONENTS_NAME) \
-		$(DRACON_OSS_COMPONENTS_PACKAGE_URL) \
+	@helm upgrade $(SMITHY_OSS_COMPONENTS_NAME) \
+		$(SMITHY_OSS_COMPONENTS_PACKAGE_URL) \
 		--install \
 		--create-namespace \
-		--namespace $(DRACON_NS) \
+		--namespace $(SMITHY_NS) \
 		--set image.registry=$(CONTAINER_REPO) \
 		--values ./deploy/deduplication-db-migrations/values/dev.yaml
-	@echo "Done! Bumped version to $(DRACON_VERSION)"
+	@echo "Done! Bumped version to $(SMITHY_VERSION)"
 
 dev-build-oss-components:
-	@echo "Building open-source components for local dracon instance..."
+	@echo "Building open-source components for local smithy instance..."
 	$(eval GOOS:=linux)
 	$(eval GOARCH:=amd64)
-	$(eval CONTAINER_REPO:=localhost:5000/ocurity/dracon)
+	$(eval CONTAINER_REPO:=localhost:5000/smithy-security/smithy)
 	$(eval TMP_DIR:=tmp)
 
 	@mkdir $(TMP_DIR)
-	$(MAKE) cmd/draconctl/bin
+	$(MAKE) cmd/smithyctl/bin
 	$(MAKE) -j 16 publish-component-containers CONTAINER_REPO=$(CONTAINER_REPO)
 	@docker run \
 		--platform $(GOOS)/$(GOARCH) \
 		-v ./components:/components \
 		-v ./tmp:/tmp \
-		$(CONTAINER_REPO)/draconctl:$(DRACON_VERSION) components package \
-			--version $(DRACON_VERSION) \
-			--chart-version $(DRACON_VERSION) \
-			--name $(DRACON_OSS_COMPONENTS_NAME) \
+		$(CONTAINER_REPO)/smithyctl:$(SMITHY_VERSION) components package \
+			--version $(SMITHY_VERSION) \
+			--chart-version $(SMITHY_VERSION) \
+			--name $(SMITHY_OSS_COMPONENTS_NAME) \
 			./components
 	@rm -r $(TMP_DIR)
 
-dev-dracon:
+dev-smithy:
 	$(eval GOOS:=linux)
 	$(eval GOARCH:=amd64)
-	$(eval CONTAINER_REPO:=localhost:5000/ocurity/dracon)
-	$(eval DRACON_OSS_COMPONENTS_PACKAGE_URL:=./$(DRACON_OSS_COMPONENTS_NAME)-$(DRACON_VERSION).tgz)
-	$(eval IN_CLUSTER_CONTAINER_REPO:=kind-registry:5000/ocurity/dracon)
+	$(eval CONTAINER_REPO:=localhost:5000/smithy-security/smithy)
+	$(eval SMITHY_OSS_COMPONENTS_PACKAGE_URL:=./$(SMITHY_OSS_COMPONENTS_NAME)-$(SMITHY_VERSION).tgz)
+	$(eval IN_CLUSTER_CONTAINER_REPO:=kind-registry:5000/smithy-security/smithy)
 
-	$(MAKE) -j 16 draconctl-image-publish CONTAINER_REPO=$(CONTAINER_REPO)
+	$(MAKE) -j 16 smithyctl-image-publish CONTAINER_REPO=$(CONTAINER_REPO)
 	$(MAKE) -j 16 dev-build-oss-components CONTAINER_REPO=$(CONTAINER_REPO)
 
-	$(MAKE) install CONTAINER_REPO=$(IN_CLUSTER_CONTAINER_REPO) DRACON_OSS_COMPONENTS_PACKAGE_URL=$(DRACON_OSS_COMPONENTS_PACKAGE_URL)
+	$(MAKE) install CONTAINER_REPO=$(IN_CLUSTER_CONTAINER_REPO) SMITHY_OSS_COMPONENTS_PACKAGE_URL=$(SMITHY_OSS_COMPONENTS_PACKAGE_URL)
 
 dev-infra: deploy-nginx deploy-tektoncd-pipeline deploy-tektoncd-dashboard
 
-dev-deploy: deploy-cluster dev-infra dev-dracon
+dev-deploy: deploy-cluster dev-infra dev-smithy
 
 dev-teardown:
-	@kind delete clusters dracon-demo
+	@kind delete clusters smithy-demo
 
 build-buf-container:
 	$(DOCKER) build . -t $(BUF_CONTAINER) -f containers/Dockerfile.buf

README.md

@@ -1,18 +1,18 @@
-# Dracon
+# Smithy
 
-[![Lint](https://github.com/ocurity/dracon/actions/workflows/lint.yml/badge.svg)](https://github.com/ocurity/dracon/actions/workflows/lint.yml)
-[![Format](https://github.com/ocurity/dracon/actions/workflows/format.yml/badge.svg)](https://github.com/ocurity/dracon/actions/workflows/format.yml)
-[![Test](https://github.com/ocurity/dracon/actions/workflows/test.yml/badge.svg)](https://github.com/ocurity/dracon/actions/workflows/test.yml)
-[![Publish](https://github.com/ocurity/dracon/actions/workflows/publish.yml/badge.svg)](https://github.com/ocurity/dracon/actions/workflows/publish.yml)
+[![Lint](https://github.com/smithy-security/smithy/actions/workflows/lint.yml/badge.svg)](https://github.com/smithy-security/smithy/actions/workflows/lint.yml)
+[![Format](https://github.com/smithy-security/smithy/actions/workflows/format.yml/badge.svg)](https://github.com/smithy-security/smithy/actions/workflows/format.yml)
+[![Test](https://github.com/smithy-security/smithy/actions/workflows/test.yml/badge.svg)](https://github.com/smithy-security/smithy/actions/workflows/test.yml)
+[![Publish](https://github.com/smithy-security/smithy/actions/workflows/publish.yml/badge.svg)](https://github.com/smithy-security/smithy/actions/workflows/publish.yml)
 
 <p align="center">
-  <img alt="dracon-logo-dark-mode" src="assets/dracon-logo-light.svg#gh-dark-mode-only"/>
+  <img alt="smithy-logo-dark-mode" src="assets/smithy-logo-light.svg#gh-dark-mode-only"/>
 </p>
 <p align="center">
-  <img alt="dracon-logo-light-mode" src="assets/dracon-logo-dark.svg#gh-light-mode-only"/>
+  <img alt="smithy-logo-light-mode" src="assets/smithy-logo-dark.svg#gh-light-mode-only"/>
 </p>
 
-By [Ocurity](https://ocurity.com)
+By [Smithy](https://smithy.security/)
 Security scanning,results unification and enrichment tool
 ([ASOC](https://www.gartner.com/reviews/market/application-security-orchestration-and-correlation-asoc-tools))
 
@@ -66,21 +66,21 @@ flowchart LR
 ## Getting Started
 
 The [Getting Started](docs/getting-started.md) tutorial explains
-how to get started with Dracon.
+how to get started with Smithy.
 You can also access our community contributed pipelines
-[here](https://github.com/ocurity/dracon-community-pipelines).
+[here](https://github.com/smithy-security/smithy-community-pipelines).
 
 ## Announcements
 
-This version of Dracon was announced at OWASP Appsec Dublin in 2023. Check out
+This version of Smithy was announced at OWASP Appsec Dublin in 2023. Check out
 [the slides](docs/presentations/Global_AppSecDublin_Presentation.pdf) and
 [the video](https://www.youtube.com/watch?app=desktop\&list=PLpr-xdpM8wG8479ud_l4W93WU5MP2bg78\&v=i9j7n0WDBO0\&feature=youtu.be)
 of the presentation.
 
 ## Support
 
 If you have questions, reach out to us by opening a new
-[issue](https://github.com/ocurity/dracon/issues/new) on GitHub.
+[issue](https://github.com/smithy-security/smithy/issues/new) on GitHub.
 
 You can also get support on our [Discord server](https://discord.gg/xzsHxUxK).
 
@@ -91,5 +91,5 @@ and [releasing](docs/contributers/RELEASES.md) guides on how to get started.
 
 ## License
 
-Dracon is under the Apache 2.0 license. See the [LICENSE](LICENSE) file for
+Smithy is under the Apache 2.0 license. See the [LICENSE](LICENSE) file for
 details.