From bc6039a79e9215a8f27f0e187b98f12cccbe285c Mon Sep 17 00:00:00 2001 From: shankar0123 Date: Sun, 3 May 2026 23:39:50 +0000 Subject: [PATCH] chore: sweep github.com/shankar0123/certctl URL refs to certctl-io/certctl MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Post-transfer cosmetic + release-critical URL refresh after moving the repo from github.com/shankar0123/certctl to github.com/certctl-io/certctl (2026-05-03). GitHub HTTP redirects continue to forward old URLs forever, so existing operators are not broken — but aligns the canonical references with the new owner so: - procurement engineers / contributors browsing the docs see the right URL on first read - operators copying the agent install one-liner hit the new path directly without going through a redirect - the Helm chart's default image repository points at the canonical org registry path - the OnboardingWizard rendered to first-run UI users shows the new URL in the install snippets and doc anchor links - the GitHub Actions release workflow pushes container images to ghcr.io/certctl-io/certctl-{server,agent} (was: shankar0123) - the release-notes Markdown body in release.yml — which gets stamped into every future release page — references the post-transfer cert-identity (cosign keyless signing now uses the certctl-io workflow URL) and the post-transfer SLSA provenance source-uri. Without this, every cosign verify / slsa-verifier command on a v2.1.0+ release would fail because the cert-identity-regexp would not match the signing identity GitHub Actions OIDC issues post- transfer. Old releases (v2.0.67 and earlier) keep their immutable release-notes pointing at the shankar0123 path and remain verifiable via their own published instructions. Customer impact: - Operators on ghcr.io/shankar0123/certctl-{server,agent}:latest silently freeze on whatever tag was current at transfer time. They get no errors; they just stop receiving updates. The next release notes need a one-line callout (Phase 3.1 of cowork/transfer- certctl-to-org.md) telling them to update their image path to ghcr.io/certctl-io/certctl-{server,agent}. - All other URLs (git clone, install one-liner, raw.githubusercontent URLs, browser links, GitHub API) continue to resolve via permanent HTTP redirects. The sweep is cosmetic for those. Files swept (30 total): .github/workflows/release.yml — IMAGE_NAMESPACE, source-uri, cosign cert-identity-regexp, IMAGE= snippet (5 refs total). CHANGELOG.md, README.md — anchor links, badges, install one-liner, cosign verify snippets in operator-facing sections. api/openapi.yaml — info / externalDocs URLs. install-agent.sh — GITHUB_REPO const + systemd unit Documentation= field. deploy/ENVIRONMENTS.md, deploy/helm/{CHART_SUMMARY,INDEX, INSTALLATION,README}.md, deploy/helm/certctl/{Chart.yaml, README.md,values.yaml}, deploy/helm/examples/values-*.yaml — chart docs + image repository defaults across dev / prod-ha overrides. docs/{certctl-for-cert-manager-users,connector-iis,connectors, migrate-from-acmesh,migrate-from-certbot,quickstart,test-env, why-certctl}.md — operator-facing doc URLs. examples/{acme-nginx,acme-wildcard-dns01,multi-issuer, private-ca-traefik,step-ca-haproxy}/docker-compose.yml + examples/step-ca-haproxy/step-ca-haproxy.md — example image: paths and accompanying narrative. web/src/pages/OnboardingWizard.tsx — first-run-UI URL refs (curl install one-liners, agent docker image path, doc anchor links). Files intentionally NOT swept (Choice A from cowork/transfer-certctl- to-org.md): go.mod, go.sum — module declaration stays github.com/shankar0123/ certctl. Existing imports compile because Go uses the path declared in go.mod, not the URL it was fetched from. Internal- only project; no external Go consumers; rename will land as a mechanical sed when one materializes. ~250 *.go files — every import remains github.com/shankar0123/ certctl/internal/... deploy/test/f5-mock-icontrol/go.mod — separate test sub-module; same Choice A logic; module path stays. Files intentionally NOT swept (other reasons): README.md lines 244-245 — Scarf-pixel docker-pull commands. shankar0123.docker.scarf.sh/... is a Scarf-account hostname (per-user, not per-repo) and the pixel keeps tracking pulls against the operator's personal Scarf account. Migrating to a certctl-io Scarf account is a separate decision (create org Scarf account → re-create package → update README). deploy/test/f5-mock-icontrol/f5-mock-icontrol — checked-in compiled binary with shankar0123/certctl baked into Go build info via the sub-module path. Out of scope for a URL sweep; will refresh on the next `make test-integration` rebuild. Verification: gofmt: clean (no .go files touched). go vet ./...: clean (verified at this SHA in 1.3 of the transfer checklist; no .go changes since). go build ./...: clean (same). go test -short on representative packages: green (same). Diff shape: 30 files, 74 insertions / 74 deletions, net-zero size, pure URL substitution. --- .github/workflows/release.yml | 16 +++++----- CHANGELOG.md | 4 +-- README.md | 32 +++++++++---------- api/openapi.yaml | 2 +- deploy/ENVIRONMENTS.md | 2 +- deploy/helm/CHART_SUMMARY.md | 4 +-- deploy/helm/INDEX.md | 2 +- deploy/helm/INSTALLATION.md | 2 +- deploy/helm/README.md | 4 +-- deploy/helm/certctl/Chart.yaml | 4 +-- deploy/helm/certctl/README.md | 2 +- deploy/helm/certctl/values.yaml | 4 +-- deploy/helm/examples/values-dev.yaml | 4 +-- deploy/helm/examples/values-prod-ha.yaml | 4 +-- docs/certctl-for-cert-manager-users.md | 2 +- docs/connector-iis.md | 2 +- docs/connectors.md | 4 +-- docs/migrate-from-acmesh.md | 6 ++-- docs/migrate-from-certbot.md | 2 +- docs/quickstart.md | 2 +- docs/test-env.md | 2 +- docs/why-certctl.md | 2 +- examples/acme-nginx/docker-compose.yml | 4 +-- .../acme-wildcard-dns01/docker-compose.yml | 4 +-- examples/multi-issuer/docker-compose.yml | 4 +-- .../private-ca-traefik/docker-compose.yml | 4 +-- examples/step-ca-haproxy/docker-compose.yml | 4 +-- examples/step-ca-haproxy/step-ca-haproxy.md | 4 +-- install-agent.sh | 4 +-- web/src/pages/OnboardingWizard.tsx | 12 +++---- 30 files changed, 74 insertions(+), 74 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 12eb9b6..c413be0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,7 +9,7 @@ env: REGISTRY: ghcr.io # Keep in lock-step with .github/workflows/ci.yml (M-3). GO_VERSION: '1.25.9' - IMAGE_NAMESPACE: shankar0123 + IMAGE_NAMESPACE: certctl-io jobs: # ---------------------------------------------------------------------- @@ -348,7 +348,7 @@ jobs: with: generate_release_notes: true body: | - > **Install / upgrade:** see the [Quick Start section in the README](https://github.com/shankar0123/certctl/blob/master/README.md#quick-start) for Docker Compose, agent install, Helm, and binary download instructions. + > **Install / upgrade:** see the [Quick Start section in the README](https://github.com/certctl-io/certctl/blob/master/README.md#quick-start) for Docker Compose, agent install, Helm, and binary download instructions. ## Verifying this release @@ -369,7 +369,7 @@ jobs: ```bash cosign verify-blob \ --bundle checksums.txt.sigstore.json \ - --certificate-identity-regexp '^https://github\.com/shankar0123/certctl/\.github/workflows/release\.yml@refs/tags/' \ + --certificate-identity-regexp '^https://github\.com/certctl-io/certctl/\.github/workflows/release\.yml@refs/tags/' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ checksums.txt ``` @@ -383,7 +383,7 @@ jobs: ```bash slsa-verifier verify-artifact \ --provenance-path multiple.intoto.jsonl \ - --source-uri github.com/shankar0123/certctl \ + --source-uri github.com/certctl-io/certctl \ --source-tag ${{ steps.version.outputs.VERSION }} \ certctl-agent-linux-amd64 ``` @@ -391,21 +391,21 @@ jobs: **4. Verify container image signature and attestations:** ```bash - IMAGE=ghcr.io/shankar0123/certctl-server:${{ steps.version.outputs.VERSION }} + IMAGE=ghcr.io/certctl-io/certctl-server:${{ steps.version.outputs.VERSION }} cosign verify \ - --certificate-identity-regexp '^https://github\.com/shankar0123/certctl/\.github/workflows/release\.yml@refs/tags/' \ + --certificate-identity-regexp '^https://github\.com/certctl-io/certctl/\.github/workflows/release\.yml@refs/tags/' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ "$IMAGE" # SBOM attestation (SPDX-JSON) emitted by docker/build-push-action cosign verify-attestation --type spdxjson \ - --certificate-identity-regexp '^https://github\.com/shankar0123/certctl/' \ + --certificate-identity-regexp '^https://github\.com/certctl-io/certctl/' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ "$IMAGE" # SLSA provenance attestation (mode=max) cosign verify-attestation --type slsaprovenance \ - --certificate-identity-regexp '^https://github\.com/shankar0123/certctl/' \ + --certificate-identity-regexp '^https://github\.com/certctl-io/certctl/' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ "$IMAGE" ``` diff --git a/CHANGELOG.md b/CHANGELOG.md index a6e4a86..44e0751 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,7 @@ notes are auto-generated from commit messages between consecutive tags. **Where to find what changed in a given release:** -- **[GitHub Releases](https://github.com/shankar0123/certctl/releases)** — every +- **[GitHub Releases](https://github.com/certctl-io/certctl/releases)** — every tag has an auto-generated "What's Changed" section pulled from the commits between that tag and the previous one, plus per-release supply-chain verification instructions (Cosign / SLSA / SBOM). @@ -27,5 +27,5 @@ without depending on the author to manually update a separate file. **For the historical record:** earlier versions (pre-v2.2.0 and the [2.2.0] tag itself) had a hand-edited CHANGELOG. That content is preserved in -[git history](https://github.com/shankar0123/certctl/blob/v2.2.0/CHANGELOG.md) +[git history](https://github.com/certctl-io/certctl/blob/v2.2.0/CHANGELOG.md) at the v2.2.0 tag. diff --git a/README.md b/README.md index cba7ef4..570754a 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,9 @@ # certctl — Self-Hosted Certificate Lifecycle Platform [![License](https://img.shields.io/badge/license-BSL%201.1-blue.svg)](LICENSE) -[![Go Report Card](https://goreportcard.com/badge/github.com/shankar0123/certctl)](https://goreportcard.com/report/github.com/shankar0123/certctl) -[![GitHub Release](https://img.shields.io/github/v/release/shankar0123/certctl)](https://github.com/shankar0123/certctl/releases) -[![GitHub Stars](https://img.shields.io/github/stars/shankar0123/certctl?style=flat&logo=github)](https://github.com/shankar0123/certctl/stargazers) +[![Go Report Card](https://goreportcard.com/badge/github.com/certctl-io/certctl)](https://goreportcard.com/report/github.com/certctl-io/certctl) +[![GitHub Release](https://img.shields.io/github/v/release/certctl-io/certctl)](https://github.com/certctl-io/certctl/releases) +[![GitHub Stars](https://img.shields.io/github/stars/certctl-io/certctl?style=flat&logo=github)](https://github.com/certctl-io/certctl/stargazers) TLS certificate lifespans are shrinking fast. The CA/Browser Forum passed [Ballot SC-081v3](https://cabforum.org/2025/04/11/ballot-sc081v3-introduce-schedule-of-reducing-validity-and-data-reuse-periods/) unanimously in April 2025, setting a phased reduction: **200 days** by March 2026, **100 days** by March 2027, and **47 days** by March 2029. Organizations managing dozens or hundreds of certificates can no longer rely on spreadsheets, calendar reminders, or manual renewal workflows. The math doesn't work — at 47-day lifespans, a team managing 100 certificates is processing 7+ renewals per week, every week, forever. @@ -33,7 +33,7 @@ gantt 47 days :crit, 2020-01-01, 47d ``` -> **Actively maintained — shipping weekly.** Found something? [Open a GitHub issue](https://github.com/shankar0123/certctl/issues) — issues get triaged same-day. CI runs the full test suite with race detection, static analysis, and vulnerability scanning on every commit. +> **Actively maintained — shipping weekly.** Found something? [Open a GitHub issue](https://github.com/certctl-io/certctl/issues) — issues get triaged same-day. CI runs the full test suite with race detection, static analysis, and vulnerability scanning on every commit. **Ready to try it?** Jump to the [Quick Start](#quick-start) — you'll have a running dashboard in under 5 minutes. @@ -198,7 +198,7 @@ For the complete capability breakdown, see the [Feature Inventory](docs/features ### Docker Compose (Recommended) ```bash -git clone https://github.com/shankar0123/certctl.git +git clone https://github.com/certctl-io/certctl.git cd certctl docker compose -f deploy/docker-compose.yml up -d --build ``` @@ -223,7 +223,7 @@ The control plane is HTTPS-only (TLS 1.3, no plaintext listener). See [`docs/tls ### Agent Install (One-Liner) ```bash -curl -sSL https://raw.githubusercontent.com/shankar0123/certctl/master/install-agent.sh | bash +curl -sSL https://raw.githubusercontent.com/certctl-io/certctl/master/install-agent.sh | bash ``` Detects your OS and architecture, downloads the binary, configures systemd (Linux) or launchd (macOS), and starts the agent. See [install-agent.sh](install-agent.sh) for details. @@ -251,7 +251,7 @@ Every `v*` tag publishes signed, attested release artefacts. Binaries (`certctl-agent`, `certctl-server`, `certctl-cli`, `certctl-mcp-server` for `linux|darwin × amd64|arm64`) ship alongside a `checksums.txt`, per-binary SPDX-JSON SBOMs, Cosign signatures, and SLSA Level 3 provenance. Container -images on `ghcr.io/shankar0123/certctl-{server,agent}` are built with +images on `ghcr.io/certctl-io/certctl-{server,agent}` are built with `docker/build-push-action` `provenance: mode=max` + `sbom: true` and are additionally signed with Cosign at the image digest. @@ -269,7 +269,7 @@ sha256sum -c checksums.txt ```bash cosign verify-blob \ --bundle checksums.txt.sigstore.json \ - --certificate-identity-regexp '^https://github\.com/shankar0123/certctl/\.github/workflows/release\.yml@refs/tags/' \ + --certificate-identity-regexp '^https://github\.com/certctl-io/certctl/\.github/workflows/release\.yml@refs/tags/' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ checksums.txt ``` @@ -285,7 +285,7 @@ directly. ```bash slsa-verifier verify-artifact \ --provenance-path multiple.intoto.jsonl \ - --source-uri github.com/shankar0123/certctl \ + --source-uri github.com/certctl-io/certctl \ --source-tag v2.1.0 \ certctl-agent-linux-amd64 ``` @@ -293,22 +293,22 @@ slsa-verifier verify-artifact \ **4. Verify a container image signature and its SBOM / provenance attestations:** ```bash -IMAGE=ghcr.io/shankar0123/certctl-server:v2.1.0 +IMAGE=ghcr.io/certctl-io/certctl-server:v2.1.0 cosign verify \ - --certificate-identity-regexp '^https://github\.com/shankar0123/certctl/\.github/workflows/release\.yml@refs/tags/' \ + --certificate-identity-regexp '^https://github\.com/certctl-io/certctl/\.github/workflows/release\.yml@refs/tags/' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ "$IMAGE" # SBOM attestation (SPDX-JSON, emitted by docker/build-push-action) cosign verify-attestation --type spdxjson \ - --certificate-identity-regexp '^https://github\.com/shankar0123/certctl/' \ + --certificate-identity-regexp '^https://github\.com/certctl-io/certctl/' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ "$IMAGE" # SLSA provenance attestation (docker/build-push-action `provenance: mode=max`) cosign verify-attestation --type slsaprovenance \ - --certificate-identity-regexp '^https://github\.com/shankar0123/certctl/' \ + --certificate-identity-regexp '^https://github\.com/certctl-io/certctl/' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ "$IMAGE" ``` @@ -331,7 +331,7 @@ Each directory contains a `docker-compose.yml` and a `README.md` explaining the ```bash # Install -go install github.com/shankar0123/certctl/cmd/cli@latest +go install github.com/certctl-io/certctl/cmd/cli@latest # Configure export CERTCTL_SERVER_URL=https://localhost:8443 @@ -355,7 +355,7 @@ certctl ships a standalone MCP (Model Context Protocol) server that exposes all ```bash # Install and run -go install github.com/shankar0123/certctl/cmd/mcp-server@latest +go install github.com/certctl-io/certctl/cmd/mcp-server@latest export CERTCTL_SERVER_URL=https://localhost:8443 export CERTCTL_API_KEY=your-api-key export CERTCTL_SERVER_CA_BUNDLE_PATH=/path/to/ca.crt # required for self-signed bootstrap @@ -426,4 +426,4 @@ The release-time SBOM is published as a syft-produced cyclonedx file alongside e --- -If certctl solves a problem you have, [star the repo](https://github.com/shankar0123/certctl) to help others find it. Questions, bugs, or feature requests — [open an issue](https://github.com/shankar0123/certctl/issues). +If certctl solves a problem you have, [star the repo](https://github.com/certctl-io/certctl) to help others find it. Questions, bugs, or feature requests — [open an issue](https://github.com/certctl-io/certctl/issues). diff --git a/api/openapi.yaml b/api/openapi.yaml index 34ba52b..ea1412f 100644 --- a/api/openapi.yaml +++ b/api/openapi.yaml @@ -14,7 +14,7 @@ info: version: 2.0.0 license: name: BSL 1.1 - url: https://github.com/shankar0123/certctl/blob/master/LICENSE + url: https://github.com/certctl-io/certctl/blob/master/LICENSE servers: - url: https://localhost:8443 diff --git a/deploy/ENVIRONMENTS.md b/deploy/ENVIRONMENTS.md index d240199..c4e46f1 100644 --- a/deploy/ENVIRONMENTS.md +++ b/deploy/ENVIRONMENTS.md @@ -77,7 +77,7 @@ Three services on a private bridge network: ### Starting it ```bash -git clone https://github.com/shankar0123/certctl.git +git clone https://github.com/certctl-io/certctl.git cd certctl docker compose -f deploy/docker-compose.yml up -d --build ``` diff --git a/deploy/helm/CHART_SUMMARY.md b/deploy/helm/CHART_SUMMARY.md index 98e94f3..4c4df97 100644 --- a/deploy/helm/CHART_SUMMARY.md +++ b/deploy/helm/CHART_SUMMARY.md @@ -452,8 +452,8 @@ monitoring: ## Support For issues, questions, or contributions: -- GitHub: https://github.com/shankar0123/certctl -- Documentation: https://github.com/shankar0123/certctl/tree/main/docs +- GitHub: https://github.com/certctl-io/certctl +- Documentation: https://github.com/certctl-io/certctl/tree/main/docs ## License diff --git a/deploy/helm/INDEX.md b/deploy/helm/INDEX.md index 752bc22..7fc5c28 100644 --- a/deploy/helm/INDEX.md +++ b/deploy/helm/INDEX.md @@ -216,7 +216,7 @@ kubectl logs -l app.kubernetes.io/component=server -f ## Support -- **GitHub**: https://github.com/shankar0123/certctl +- **GitHub**: https://github.com/certctl-io/certctl - **Issues**: Report on GitHub issues - **Documentation**: All docs are in `deploy/helm/` diff --git a/deploy/helm/INSTALLATION.md b/deploy/helm/INSTALLATION.md index 1436159..16111f8 100644 --- a/deploy/helm/INSTALLATION.md +++ b/deploy/helm/INSTALLATION.md @@ -94,4 +94,4 @@ helm install certctl certctl/ --dry-run --debug - Full documentation in `README.md` - Troubleshooting in `DEPLOYMENT_GUIDE.md` -- Issues: https://github.com/shankar0123/certctl +- Issues: https://github.com/certctl-io/certctl diff --git a/deploy/helm/README.md b/deploy/helm/README.md index e45cbc9..cc550fa 100644 --- a/deploy/helm/README.md +++ b/deploy/helm/README.md @@ -508,8 +508,8 @@ kubectl exec -it -- \ ## Support and Contributing For issues, questions, or contributions, visit: -- GitHub: https://github.com/shankar0123/certctl -- Documentation: https://github.com/shankar0123/certctl/tree/main/docs +- GitHub: https://github.com/certctl-io/certctl +- Documentation: https://github.com/certctl-io/certctl/tree/main/docs ## License diff --git a/deploy/helm/certctl/Chart.yaml b/deploy/helm/certctl/Chart.yaml index b5a84ba..f897d69 100644 --- a/deploy/helm/certctl/Chart.yaml +++ b/deploy/helm/certctl/Chart.yaml @@ -14,7 +14,7 @@ keywords: - kubernetes maintainers: - name: certctl -home: https://github.com/shankar0123/certctl +home: https://github.com/certctl-io/certctl sources: - - https://github.com/shankar0123/certctl + - https://github.com/certctl-io/certctl license: BSL-1.1 diff --git a/deploy/helm/certctl/README.md b/deploy/helm/certctl/README.md index 14cb1c9..ecaa625 100644 --- a/deploy/helm/certctl/README.md +++ b/deploy/helm/certctl/README.md @@ -1,6 +1,6 @@ # certctl Helm Chart -Production-ready Helm chart for deploying [certctl](https://github.com/shankar0123/certctl) on Kubernetes. Wires up the certctl server (Deployment), PostgreSQL (StatefulSet with PVC), and the agent (DaemonSet — one per node) on a private cluster, with health probes, security contexts, and optional Ingress. +Production-ready Helm chart for deploying [certctl](https://github.com/certctl-io/certctl) on Kubernetes. Wires up the certctl server (Deployment), PostgreSQL (StatefulSet with PVC), and the agent (DaemonSet — one per node) on a private cluster, with health probes, security contexts, and optional Ingress. ## Quick install diff --git a/deploy/helm/certctl/values.yaml b/deploy/helm/certctl/values.yaml index d8f0052..b5e49ab 100644 --- a/deploy/helm/certctl/values.yaml +++ b/deploy/helm/certctl/values.yaml @@ -20,7 +20,7 @@ server: # Image configuration image: - repository: ghcr.io/shankar0123/certctl + repository: ghcr.io/certctl-io/certctl tag: "" # defaults to Chart.appVersion pullPolicy: IfNotPresent @@ -410,7 +410,7 @@ agent: # Image configuration image: - repository: ghcr.io/shankar0123/certctl-agent + repository: ghcr.io/certctl-io/certctl-agent tag: "" # defaults to Chart.appVersion pullPolicy: IfNotPresent diff --git a/deploy/helm/examples/values-dev.yaml b/deploy/helm/examples/values-dev.yaml index 08b5e5f..a8f5e62 100644 --- a/deploy/helm/examples/values-dev.yaml +++ b/deploy/helm/examples/values-dev.yaml @@ -10,7 +10,7 @@ server: replicas: 1 image: - repository: ghcr.io/shankar0123/certctl + repository: ghcr.io/certctl-io/certctl pullPolicy: IfNotPresent # Use latest tag port: 8443 @@ -72,7 +72,7 @@ agent: replicas: 1 image: - repository: ghcr.io/shankar0123/certctl-agent + repository: ghcr.io/certctl-io/certctl-agent pullPolicy: IfNotPresent resources: diff --git a/deploy/helm/examples/values-prod-ha.yaml b/deploy/helm/examples/values-prod-ha.yaml index 3aa637e..2c5042a 100644 --- a/deploy/helm/examples/values-prod-ha.yaml +++ b/deploy/helm/examples/values-prod-ha.yaml @@ -12,7 +12,7 @@ server: replicas: 3 image: - repository: ghcr.io/shankar0123/certctl + repository: ghcr.io/certctl-io/certctl tag: "2.1.0" pullPolicy: IfNotPresent @@ -84,7 +84,7 @@ agent: kind: DaemonSet image: - repository: ghcr.io/shankar0123/certctl-agent + repository: ghcr.io/certctl-io/certctl-agent tag: "2.1.0" pullPolicy: IfNotPresent diff --git a/docs/certctl-for-cert-manager-users.md b/docs/certctl-for-cert-manager-users.md index dde7279..f939c3a 100644 --- a/docs/certctl-for-cert-manager-users.md +++ b/docs/certctl-for-cert-manager-users.md @@ -53,7 +53,7 @@ helm install certctl deploy/helm/certctl/ \ On each VM, bare-metal server, or appliance (via proxy agent): ```bash # Linux amd64 -curl -sSL https://github.com/shankar0123/certctl/releases/download/v2.1.0/certctl-agent-linux-amd64 \ +curl -sSL https://github.com/certctl-io/certctl/releases/download/v2.1.0/certctl-agent-linux-amd64 \ -o /usr/local/bin/certctl-agent chmod +x /usr/local/bin/certctl-agent diff --git a/docs/connector-iis.md b/docs/connector-iis.md index d30f414..b8726b4 100644 --- a/docs/connector-iis.md +++ b/docs/connector-iis.md @@ -158,7 +158,7 @@ The real IIS connector validation lives in: ```powershell # Clone + checkout -git clone https://github.com/shankar0123/certctl.git +git clone https://github.com/certctl-io/certctl.git cd certctl git fetch --tags git checkout v2.X.0 # whichever release is being validated diff --git a/docs/connectors.md b/docs/connectors.md index 4153b3b..5951c59 100644 --- a/docs/connectors.md +++ b/docs/connectors.md @@ -702,7 +702,7 @@ import ( "fmt" vaultapi "github.com/hashicorp/vault/api" - "github.com/shankar0123/certctl/internal/connector/issuer" + "github.com/certctl-io/certctl/internal/connector/issuer" ) type Config struct { @@ -1774,7 +1774,7 @@ The adapter (`internal/service/issuer_adapter.go`) translates between the two in ```go // Wrap your connector implementation with the adapter -import "github.com/shankar0123/certctl/internal/service" +import "github.com/certctl-io/certctl/internal/service" myIssuer := myissuer.New(config) adapted := service.NewIssuerConnectorAdapter(myIssuer) diff --git a/docs/migrate-from-acmesh.md b/docs/migrate-from-acmesh.md index f221411..2f3a760 100644 --- a/docs/migrate-from-acmesh.md +++ b/docs/migrate-from-acmesh.md @@ -29,7 +29,7 @@ certctl adds a control plane that sees all your certificates, deploys with verif Start with Docker Compose (5 minutes): ```bash -git clone https://github.com/shankar0123/certctl.git +git clone https://github.com/certctl-io/certctl.git cd certctl/deploy docker compose up -d ``` @@ -41,7 +41,7 @@ Access the dashboard at `https://localhost:8443` with the API key from `.env`. T On each server running acme.sh certs, install the certctl agent: ```bash -curl -sSL https://raw.githubusercontent.com/shankar0123/certctl/master/install-agent.sh | bash +curl -sSL https://raw.githubusercontent.com/certctl-io/certctl/master/install-agent.sh | bash # Prompted for server URL and API key ``` @@ -49,7 +49,7 @@ Or manually: ```bash # Download and install agent binary -wget https://github.com/shankar0123/certctl/releases/download/v2.1.0/certctl-agent-linux-amd64 +wget https://github.com/certctl-io/certctl/releases/download/v2.1.0/certctl-agent-linux-amd64 chmod +x certctl-agent-linux-amd64 sudo mv certctl-agent-linux-amd64 /usr/local/bin/certctl-agent diff --git a/docs/migrate-from-certbot.md b/docs/migrate-from-certbot.md index c5a0ffa..50c667d 100644 --- a/docs/migrate-from-certbot.md +++ b/docs/migrate-from-certbot.md @@ -38,7 +38,7 @@ On each of your 10 servers running Certbot: ```bash # Linux amd64 (adjust for your architecture) -curl -sSL https://github.com/shankar0123/certctl/releases/download/v2.1.0/certctl-agent-linux-amd64 \ +curl -sSL https://github.com/certctl-io/certctl/releases/download/v2.1.0/certctl-agent-linux-amd64 \ -o /usr/local/bin/certctl-agent chmod +x /usr/local/bin/certctl-agent diff --git a/docs/quickstart.md b/docs/quickstart.md index 83dce9e..4c0ee29 100644 --- a/docs/quickstart.md +++ b/docs/quickstart.md @@ -46,7 +46,7 @@ On Linux, follow the official Docker install guide for your distribution. ### Docker Compose (Quick Start) ```bash -git clone https://github.com/shankar0123/certctl.git +git clone https://github.com/certctl-io/certctl.git cd certctl docker compose -f deploy/docker-compose.yml up -d --build ``` diff --git a/docs/test-env.md b/docs/test-env.md index 1043030..52c337c 100644 --- a/docs/test-env.md +++ b/docs/test-env.md @@ -70,7 +70,7 @@ If this says "command not found", you have an old Docker version. Update Docker You need the certctl source code on your machine. If you haven't cloned it yet: ```bash -git clone https://github.com/shankar0123/certctl.git +git clone https://github.com/certctl-io/certctl.git cd certctl ``` diff --git a/docs/why-certctl.md b/docs/why-certctl.md index dd71add..aa8c33e 100644 --- a/docs/why-certctl.md +++ b/docs/why-certctl.md @@ -105,7 +105,7 @@ certctl isn't the right tool for everyone: The demo seeds certificates across multiple issuers, agents, and deployment targets with 180 days of realistic history — jobs, audit events, discovery scans, approval workflows — so you can explore every feature immediately. ```bash -git clone https://github.com/shankar0123/certctl.git +git clone https://github.com/certctl-io/certctl.git cd certctl/deploy && docker compose up -d # Dashboard at https://localhost:8443 (self-signed cert — pin deploy/test/certs/ca.crt) ``` diff --git a/examples/acme-nginx/docker-compose.yml b/examples/acme-nginx/docker-compose.yml index 807f70f..65ba673 100644 --- a/examples/acme-nginx/docker-compose.yml +++ b/examples/acme-nginx/docker-compose.yml @@ -22,7 +22,7 @@ services: # certctl server (control plane) certctl-server: - image: ghcr.io/shankar0123/certctl-server:latest + image: ghcr.io/certctl-io/certctl-server:latest container_name: certctl-server-acme-nginx environment: # Database @@ -71,7 +71,7 @@ services: # In this example, the agent is in the same compose file for simplicity. # In production, the agent runs on each server that needs certificates. certctl-agent: - image: ghcr.io/shankar0123/certctl-agent:latest + image: ghcr.io/certctl-io/certctl-agent:latest container_name: certctl-agent-acme-nginx environment: # Control plane connection diff --git a/examples/acme-wildcard-dns01/docker-compose.yml b/examples/acme-wildcard-dns01/docker-compose.yml index e3ba09d..9241a19 100644 --- a/examples/acme-wildcard-dns01/docker-compose.yml +++ b/examples/acme-wildcard-dns01/docker-compose.yml @@ -46,7 +46,7 @@ services: # certctl server (control plane + ACME orchestration) certctl-server: - image: ghcr.io/shankar0123/certctl-server:latest + image: ghcr.io/certctl-io/certctl-server:latest container_name: certctl-server-dns01 environment: # Database @@ -124,7 +124,7 @@ services: # In production, run agents on each host that needs certificates. # For demo, we include one agent in this compose. certctl-agent: - image: ghcr.io/shankar0123/certctl-agent:latest + image: ghcr.io/certctl-io/certctl-agent:latest container_name: certctl-agent-dns01 environment: # Control plane connection diff --git a/examples/multi-issuer/docker-compose.yml b/examples/multi-issuer/docker-compose.yml index ae6f85e..f6f211a 100644 --- a/examples/multi-issuer/docker-compose.yml +++ b/examples/multi-issuer/docker-compose.yml @@ -23,7 +23,7 @@ services: # certctl server (control plane) # Configured with BOTH ACME (Let's Encrypt) and Local CA issuers certctl-server: - image: ghcr.io/shankar0123/certctl-server:latest + image: ghcr.io/certctl-io/certctl-server:latest container_name: certctl-server-multi-issuer environment: # Database @@ -72,7 +72,7 @@ services: # certctl agent (manages certificates on NGINX and application servers) certctl-agent: - image: ghcr.io/shankar0123/certctl-agent:latest + image: ghcr.io/certctl-io/certctl-agent:latest container_name: certctl-agent-multi-issuer environment: # Control plane connection diff --git a/examples/private-ca-traefik/docker-compose.yml b/examples/private-ca-traefik/docker-compose.yml index bad4036..0c0e720 100644 --- a/examples/private-ca-traefik/docker-compose.yml +++ b/examples/private-ca-traefik/docker-compose.yml @@ -22,7 +22,7 @@ services: # certctl server (control plane) with Local CA in sub-CA mode certctl-server: - image: ghcr.io/shankar0123/certctl-server:latest + image: ghcr.io/certctl-io/certctl-server:latest container_name: certctl-server-private-ca environment: # Database @@ -85,7 +85,7 @@ services: # certctl agent (deploys certs to Traefik) certctl-agent: - image: ghcr.io/shankar0123/certctl-agent:latest + image: ghcr.io/certctl-io/certctl-agent:latest container_name: certctl-agent-private-ca environment: # Control plane connection diff --git a/examples/step-ca-haproxy/docker-compose.yml b/examples/step-ca-haproxy/docker-compose.yml index 41480c8..ead160a 100644 --- a/examples/step-ca-haproxy/docker-compose.yml +++ b/examples/step-ca-haproxy/docker-compose.yml @@ -77,7 +77,7 @@ services: # certctl server (control plane) certctl-server: - image: ghcr.io/shankar0123/certctl-server:latest + image: ghcr.io/certctl-io/certctl-server:latest container_name: certctl-server-stepca-haproxy environment: # Database @@ -127,7 +127,7 @@ services: # certctl agent (runs on the target machine with HAProxy) certctl-agent: - image: ghcr.io/shankar0123/certctl-agent:latest + image: ghcr.io/certctl-io/certctl-agent:latest container_name: certctl-agent-stepca-haproxy environment: # Control plane connection diff --git a/examples/step-ca-haproxy/step-ca-haproxy.md b/examples/step-ca-haproxy/step-ca-haproxy.md index efe8563..0b4a61b 100644 --- a/examples/step-ca-haproxy/step-ca-haproxy.md +++ b/examples/step-ca-haproxy/step-ca-haproxy.md @@ -19,8 +19,8 @@ This is the natural choice if you're already invested in step-ca and want to con | Service | Image | Purpose | |---------|-------|---------| | **step-ca** | `smallstep/step-ca:latest` | Private internal CA | -| **certctl-server** | `ghcr.io/shankar0123/certctl-server:latest` | Certificate management control plane | -| **certctl-agent** | `ghcr.io/shankar0123/certctl-agent:latest` | Agent running on HAProxy server | +| **certctl-server** | `ghcr.io/certctl-io/certctl-server:latest` | Certificate management control plane | +| **certctl-agent** | `ghcr.io/certctl-io/certctl-agent:latest` | Agent running on HAProxy server | | **haproxy** | `haproxy:2.9-alpine` | Reverse proxy / load balancer | | **postgres** | `postgres:16-alpine` | certctl audit trail + config storage | diff --git a/install-agent.sh b/install-agent.sh index 7f65ef6..593e4fc 100644 --- a/install-agent.sh +++ b/install-agent.sh @@ -12,7 +12,7 @@ YELLOW='\033[1;33m' NC='\033[0m' # No Color # Configuration -GITHUB_REPO="shankar0123/certctl" +GITHUB_REPO="certctl-io/certctl" RELEASE_URL="https://github.com/${GITHUB_REPO}/releases/latest/download" INSTALL_DIR="/usr/local/bin" SERVICE_NAME="certctl-agent" @@ -447,7 +447,7 @@ setup_systemd_service() { cat > "$service_file" <<'EOF' [Unit] Description=certctl Agent - Certificate Lifecycle Management -Documentation=https://github.com/shankar0123/certctl +Documentation=https://github.com/certctl-io/certctl After=network-online.target Wants=network-online.target diff --git a/web/src/pages/OnboardingWizard.tsx b/web/src/pages/OnboardingWizard.tsx index 1671741..60971b7 100644 --- a/web/src/pages/OnboardingWizard.tsx +++ b/web/src/pages/OnboardingWizard.tsx @@ -304,7 +304,7 @@ function AgentStep({ onNext, onSkip }: { onNext: () => void; onSkip: () => void linux: { label: 'Install via shell script (systemd service)', code: `# Non-interactive install (recommended for curl | bash): -curl -sSL https://raw.githubusercontent.com/shankar0123/certctl/master/install-agent.sh \\ +curl -sSL https://raw.githubusercontent.com/certctl-io/certctl/master/install-agent.sh \\ | sudo bash -s -- \\ --server-url ${serverUrl} \\ --api-key ${apiKey} @@ -316,7 +316,7 @@ curl -sSL https://raw.githubusercontent.com/shankar0123/certctl/master/install-a macos: { label: 'Install via shell script (launchd service)', code: `# Non-interactive install (recommended for curl | bash): -curl -sSL https://raw.githubusercontent.com/shankar0123/certctl/master/install-agent.sh \\ +curl -sSL https://raw.githubusercontent.com/certctl-io/certctl/master/install-agent.sh \\ | bash -s -- \\ --server-url ${serverUrl} \\ --api-key ${apiKey} @@ -330,7 +330,7 @@ curl -sSL https://raw.githubusercontent.com/shankar0123/certctl/master/install-a code: `docker run -d --name certctl-agent \\ -e CERTCTL_SERVER_URL=${serverUrl} \\ -e CERTCTL_API_KEY=${apiKey} \\ - ghcr.io/shankar0123/certctl-agent:latest`, + ghcr.io/certctl-io/certctl-agent:latest`, }, }; @@ -956,9 +956,9 @@ function CompleteStep({ onFinish, issuerName, certName }: {
- Quickstart Guide - Architecture - Connectors + Quickstart Guide + Architecture + Connectors
);