chore: use policy instead of policycontroller

Signed-off-by: hectorj2f <hectorf@vmware.com>

.github/workflows/kind-e2e-cosigned.yaml

@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-name: Cosigned KinD E2E
+name: Policy Controller KinD E2E
 
 on:
   pull_request:
@@ -121,7 +121,7 @@ jobs:
       run: |
         ./test/e2e_test_policy_crd.sh
 
-    - name: Run Cosigned Tests
+    - name: Run Policy Controller Tests
       run: |
         ./test/e2e_test_policy_controller.sh
 

cmd/cosign/policy_webhook/main.go

@@ -33,9 +33,9 @@ import (
 	"knative.dev/pkg/webhook/resourcesemantics/validation"
 	"sigs.k8s.io/release-utils/version"
 
-	"github.com/sigstore/cosign/pkg/apis/policycontroller"
-	"github.com/sigstore/cosign/pkg/apis/policycontroller/v1alpha1"
-	"github.com/sigstore/cosign/pkg/apis/policycontroller/v1beta1"
+	"github.com/sigstore/cosign/pkg/apis/policy"
+	"github.com/sigstore/cosign/pkg/apis/policy/v1alpha1"
+	"github.com/sigstore/cosign/pkg/apis/policy/v1beta1"
 	"github.com/sigstore/cosign/pkg/reconciler/clusterimagepolicy"
 
 	// Register the provider-specific plugins
@@ -135,7 +135,7 @@ func newConversionController(ctx context.Context, cmw configmap.Watcher) *contro
 		// Specify the types of custom resource definitions that should be converted
 		map[schema.GroupKind]conversion.GroupKindConversion{
 			v1beta1.Kind("ClusterImagePolicy"): {
-				DefinitionName: policycontroller.ClusterImagePolicyResource.String(),
+				DefinitionName: policy.ClusterImagePolicyResource.String(),
 				HubVersion:     v1alpha1GroupVersion,
 				Zygotes: map[string]conversion.ConvertibleObject{
 					v1alpha1GroupVersion: &v1alpha1.ClusterImagePolicy{},

cmd/cosign/webhook/main.go

@@ -52,7 +52,7 @@ var secretName = flag.String("secret-name", "", "The name of the secret in the w
 //    ./config/500-webhook-configuration.yaml
 //    https://github.com/sigstore/helm-charts/blob/main/charts/policy-controller/templates/webhook/webhook_mutating.yaml
 //    https://github.com/sigstore/helm-charts/blob/main/charts/policy-controller/templates/webhook/webhook_validating.yaml
-var webhookName = flag.String("webhook-name", "policycontroller.sigstore.dev", "The name of the validating and mutating webhook configurations as well as the webhook name that is automatically configured, if exists, with different rules and client settings setting how the admission requests to be dispatched to policy-controller.")
+var webhookName = flag.String("webhook-name", "policy.sigstore.dev", "The name of the validating and mutating webhook configurations as well as the webhook name that is automatically configured, if exists, with different rules and client settings setting how the admission requests to be dispatched to policy-controller.")
 
 func main() {
 	opts := webhook.Options{

cmd/schema/main.go

@@ -20,7 +20,7 @@ import (
 	"knative.dev/hack/schema/commands"
 	"knative.dev/hack/schema/registry"
 
-	v1alpha1 "github.com/sigstore/cosign/pkg/apis/policycontroller/v1alpha1"
+	v1alpha1 "github.com/sigstore/cosign/pkg/apis/policy/v1alpha1"
 )
 
 // schema is a tool to dump the schema for Eventing resources.

config/100-namespace.yaml

@@ -17,4 +17,4 @@ kind: Namespace
 metadata:
   name: cosign-system
   labels:
-    policycontroller.sigstore.dev/include: "false"
+    policy.sigstore.dev/include: "false"

config/200-clusterrole.yaml

@@ -28,7 +28,7 @@ rules:
   - apiGroups: ["admissionregistration.k8s.io"]
     resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"]
     verbs: ["get", "update"]
-    resourceNames: ["policycontroller.sigstore.dev", "validating.clusterimagepolicy.sigstore.dev", "defaulting.clusterimagepolicy.sigstore.dev"]
+    resourceNames: ["policy.sigstore.dev", "validating.clusterimagepolicy.sigstore.dev", "defaulting.clusterimagepolicy.sigstore.dev"]
 
   - apiGroups: [""]
     resources: ["namespaces"]
@@ -45,10 +45,10 @@ rules:
   - apiGroups: ["apiextensions.k8s.io"]
     resources: ["customresourcedefinitions"]
     verbs: ["get", "update"]
-    resourceNames: ["clusterimagepolicies.policycontroller.sigstore.dev"]
+    resourceNames: ["clusterimagepolicies.policy.sigstore.dev"]
 
   # Allow reconciliation of the ClusterImagePolic CRDs.
-  - apiGroups: ["policycontroller.sigstore.dev"]
+  - apiGroups: ["policy.sigstore.dev"]
     resources: ["clusterimagepolicies"]
     verbs: ["get", "list", "update", "watch", "patch"]
 

config/300-clusterimagepolicy.yaml

@@ -14,9 +14,9 @@
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
-  name: clusterimagepolicies.policycontroller.sigstore.dev
+  name: clusterimagepolicies.policy.sigstore.dev
 spec:
-  group: policycontroller.sigstore.dev
+  group: policy.sigstore.dev
   names:
     kind: ClusterImagePolicy
     plural: clusterimagepolicies

config/500-webhook-configuration.yaml

@@ -15,13 +15,13 @@
 apiVersion: admissionregistration.k8s.io/v1
 kind: ValidatingWebhookConfiguration
 metadata:
-  name: policycontroller.sigstore.dev
+  name: policy.sigstore.dev
 webhooks:
-- name: policycontroller.sigstore.dev
+- name: policy.sigstore.dev
   namespaceSelector:
     # The webhook should only apply to things that opt-in
     matchExpressions:
-    - key: policycontroller.sigstore.dev/include
+    - key: policy.sigstore.dev/include
       operator: In
       values: ["true"]
   admissionReviewVersions: [v1]
@@ -37,13 +37,13 @@ webhooks:
 apiVersion: admissionregistration.k8s.io/v1
 kind: MutatingWebhookConfiguration
 metadata:
-  name: policycontroller.sigstore.dev
+  name: policy.sigstore.dev
 webhooks:
-- name: policycontroller.sigstore.dev
+- name: policy.sigstore.dev
   namespaceSelector:
     # The webhook should only apply to things that opt-in
     matchExpressions:
-    - key: policycontroller.sigstore.dev/include
+    - key: policy.sigstore.dev/include
       operator: In
       values: ["true"]
   admissionReviewVersions: [v1]

config/policy-webhook.yaml

@@ -60,7 +60,7 @@ spec:
         - name: CONFIG_LOGGING_NAME
           value: config-logging
         - name: METRICS_DOMAIN
-          value: sigstore.dev/policycontroller
+          value: sigstore.dev/policy
         - name: WEBHOOK_NAME
           value: policy-webhook
 

config/webhook.yaml

@@ -60,7 +60,7 @@ spec:
         - name: CONFIG_LOGGING_NAME
           value: config-logging
         - name: METRICS_DOMAIN
-          value: sigstore.dev/policycontroller
+          value: sigstore.dev/policy
         - name: WEBHOOK_NAME
           value: webhook
         # Since we need to validate against different Rekor clients based on

hack/update-codegen.sh

@@ -45,15 +45,15 @@ group "Kubernetes Codegen"
 #                  instead of the $GOPATH directly. For normal projects this can be dropped.
 ${CODEGEN_PKG}/generate-groups.sh "deepcopy,client,informer,lister" \
   github.com/sigstore/cosign/pkg/client github.com/sigstore/cosign/pkg/apis \
-  "policycontroller:v1alpha1 policycontroller:v1beta1" \
+  "policy:v1alpha1 policy:v1beta1" \
   --go-header-file ${REPO_ROOT_DIR}/hack/boilerplate/boilerplate.go.txt
 
 group "Knative Codegen"
 
 # Knative Injection
 ${KNATIVE_CODEGEN_PKG}/hack/generate-knative.sh "injection" \
   github.com/sigstore/cosign/pkg/client github.com/sigstore/cosign/pkg/apis \
-  "policycontroller:v1alpha1 policycontroller:v1beta1" \
+  "policy:v1alpha1 policy:v1beta1" \
   --go-header-file ${REPO_ROOT_DIR}/hack/boilerplate/boilerplate.go.txt
 
 group "Update CRD Schema"

pkg/apis/config/testdata/config-image-policies.yaml

@@ -18,7 +18,7 @@ metadata:
   name: config-image-policies
   namespace: cosign-system
   labels:
-    policycontroller.sigstore.dev/release: devel
+    policy.sigstore.dev/release: devel
 
 data:
   _example: |

pkg/apis/policycontroller/register.go → pkg/apis/policy/register.go

@@ -12,13 +12,13 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package policycontroller
+package policy
 
 import "k8s.io/apimachinery/pkg/runtime/schema"
 
 const (
 	// GroupName is the name of the API group.
-	GroupName = "policycontroller.sigstore.dev"
+	GroupName = "policy.sigstore.dev"
 )
 
 var (

pkg/apis/policycontroller/v1alpha1/clusterimagepolicy_conversion.go → pkg/apis/policy/v1alpha1/clusterimagepolicy_conversion.go

@@ -18,7 +18,7 @@ import (
 	"context"
 	"fmt"
 
-	"github.com/sigstore/cosign/pkg/apis/policycontroller/v1beta1"
+	"github.com/sigstore/cosign/pkg/apis/policy/v1beta1"
 	v1 "k8s.io/api/core/v1"
 	"knative.dev/pkg/apis"
 )

pkg/apis/policycontroller/v1alpha1/clusterimagepolicy_conversion_test.go → pkg/apis/policy/v1alpha1/clusterimagepolicy_conversion_test.go

@@ -22,7 +22,7 @@ import (
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
-	"github.com/sigstore/cosign/pkg/apis/policycontroller/v1beta1"
+	"github.com/sigstore/cosign/pkg/apis/policy/v1beta1"
 )
 
 // Test v1alpha1 -> v1beta1 -> v1alpha1

pkg/apis/policycontroller/v1alpha1/doc.go → pkg/apis/policy/v1alpha1/doc.go

@@ -13,5 +13,5 @@
 // limitations under the License.
 
 // +k8s:deepcopy-gen=package
-// +groupName=policycontroller.sigstore.dev
+// +groupName=policy.sigstore.dev
 package v1alpha1

pkg/apis/policycontroller/v1alpha1/register.go → pkg/apis/policy/v1alpha1/register.go

@@ -15,15 +15,15 @@
 package v1alpha1
 
 import (
-	policycontroller "github.com/sigstore/cosign/pkg/apis/policycontroller"
+	policy "github.com/sigstore/cosign/pkg/apis/policy"
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 )
 
 // SchemeGroupVersion is group version used to register these objects
-var SchemeGroupVersion = schema.GroupVersion{Group: policycontroller.GroupName, Version: "v1alpha1"}
+var SchemeGroupVersion = schema.GroupVersion{Group: policy.GroupName, Version: "v1alpha1"}
 
 // Kind takes an unqualified kind and returns back a Group qualified GroupKind
 func Kind(kind string) schema.GroupKind {

pkg/apis/policycontroller/v1beta1/doc.go → pkg/apis/policy/v1beta1/doc.go

@@ -13,5 +13,5 @@
 // limitations under the License.
 
 // +k8s:deepcopy-gen=package
-// +groupName=policycontroller.sigstore.dev
+// +groupName=policy.sigstore.dev
 package v1beta1

pkg/apis/policycontroller/v1beta1/register.go → pkg/apis/policy/v1beta1/register.go

@@ -15,15 +15,15 @@
 package v1beta1
 
 import (
-	policycontroller "github.com/sigstore/cosign/pkg/apis/policycontroller"
+	policy "github.com/sigstore/cosign/pkg/apis/policy"
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 )
 
 // SchemeGroupVersion is group version used to register these objects
-var SchemeGroupVersion = schema.GroupVersion{Group: policycontroller.GroupName, Version: "v1beta1"}
+var SchemeGroupVersion = schema.GroupVersion{Group: policy.GroupName, Version: "v1beta1"}
 
 // Kind takes an unqualified kind and returns back a Group qualified GroupKind
 func Kind(kind string) schema.GroupKind {