move to ghcr

docs/advanced-guide/standalone-deployment/signVerify.md

@@ -27,7 +27,7 @@ Following table includes the supported format.
 
 1. Using a Shell-based CLI, download the `valint` CLI tool, created by Scribe:
    ```sh
-   curl -sSfL https://get.scribesecurity.com/install.sh  | sh -s -- -t valint
+   curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh  | sh -s -- -t valint
    ```
 2. Run the `valint bom [target] -o [format]` command on one of the available.
  `format` options: See supported formats table.   

docs/guides/enforcing-sdlc-initiative.md

@@ -22,7 +22,7 @@ For a detailed initiative description, see the **[initiatives](../valint/initiat
 1. Install `valint`:
 
    ```bash
-   curl -sSfL https://get.scribesecurity.com/install.sh  | sh -s -- -t valint
+   curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh  | sh -s -- -t valint
    ```
 
 2. Create an SBOM of the type you want to verify. For a Docker image, the command would be:

docs/integrating-scribe/ci-integrations/general.md

@@ -29,7 +29,7 @@ Replace '\<scribe_api_token\>' with the token you obtained in the previous step.
 
 **Valint** -Scribe CLI- is required to generate evidence in such as SBOMs and SLSA provenance. 
 ```
-curl -sSfL https://get.scribesecurity.com/install.sh  | sh -s -- -t valint
+curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh  | sh -s -- -t valint
 ```
 
 ### 4. Instrument your build scripts

docs/integrating-scribe/ci-integrations/gitlabci.md

@@ -23,14 +23,14 @@ Set your Scribe Hub API token in GitLab with a key named SCRIBE_TOKEN as instruc
 **Valint** (Scribe CLI) is required to generate evidence in such as SBOMs and SLSA provenance. 
 Install Valint on your build runner with the following command:
 ```
-sh 'curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b ./temp/bin'
+sh 'curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b ./temp/bin'
 ```
 Alternatively, add an instalation stage at the beginning of your relevant builds as follows:
 ```yaml
 before_script:
   - apt update
   - apt install git curl -y
-  - curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b /usr/local/bin
+  - curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b /usr/local/bin
 ```
 
 ### 4. Instrument your build scripts
@@ -41,7 +41,7 @@ image: ubuntu:latest
 before_script:
   - apt update
   - apt install git curl -y
-  - curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b /usr/local/bin
+  - curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b /usr/local/bin
 
 stages:
     - scribe-gitlab-stage
@@ -72,7 +72,7 @@ image: ubuntu:latest
 before_script:
   - apt update
   - apt install -y git curl
-  - curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b /usr/local/bin
+  - curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b /usr/local/bin
   - curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin
 
 stages:
@@ -137,7 +137,7 @@ Lastly Use the masked environment variables with Valint by decoding them:
 before_script:
   - apt update
   - apt install git curl -y
-  - curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b /usr/local/bin
+  - curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b /usr/local/bin
 
 stages:
     - scribe-gitlab-job
@@ -326,7 +326,7 @@ save-artifact-job:
 before_script:
   - apk update
   - apk add curl
-  - curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b /usr/local/bin
+  - curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b /usr/local/bin
 
 valint-docker-job:
     tags: [ saas-linux-large-amd64 ]
@@ -356,7 +356,7 @@ valint-docker-job:
 before_script:
   - apk update
   - apk add curl
-  - curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b /usr/local/bin
+  - curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b /usr/local/bin
 
 valint-docker-job:
     tags: [ saas-linux-large-amd64 ]
@@ -490,7 +490,7 @@ services:
 before_script:
   - apt update
   - apt install git curl -y
-  - curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b /usr/local/bin
+  - curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b /usr/local/bin
   - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin [my_registry]
 
 stages:

docs/integrating-scribe/ci-integrations/jenkins.md

@@ -39,14 +39,14 @@ The token is a secret and will not be accessible from the UI after you finalize
 **Valint** - Scribe CLI is required to generate evidence such as SBOMs and SLSA provenance. 
 Install Valint on your build runner with the following command:
 ```bash
-sh 'curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b ./temp/bin'
+sh 'curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b ./temp/bin'
 ```
 
 Alternatively, add an installation stage at the beginning of your relevant builds as follows:
 ```javascript
 stage('install-valint') {
     steps {
-      sh 'curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b ./temp/bin'
+      sh 'curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b ./temp/bin'
     }
 }
 ```
@@ -68,7 +68,7 @@ pipeline {
   stages {
     stage('install-valint') {
         steps {
-          sh 'curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b ./temp/bin'
+          sh 'curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b ./temp/bin'
         }
     }
 
@@ -95,7 +95,7 @@ node {
     "PATH=./temp/bin:$PATH"
   ]) {
     stage('install') {
-      sh 'curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b ./temp/bin'
+      sh 'curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b ./temp/bin'
     }
 
     stage('bom') {
@@ -143,7 +143,7 @@ Following are more examples of integration of Valint with Jenkins deployed in di
     stage('dir-bom') {
       agent {
         docker {
-          image 'scribesecurity/valint:latest'
+          image 'ghcr.io/scribe-security/valint:latest'
           reuseNode true
           args "--entrypoint="
         }
@@ -162,7 +162,7 @@ Following are more examples of integration of Valint with Jenkins deployed in di
     stage('image-bom') {
       agent {
         docker {
-          image 'scribesecurity/valint:latest'
+          image 'ghcr.io/scribe-security/valint:latest'
           reuseNode true
           args "--entrypoint="
         }
@@ -192,7 +192,7 @@ Following are more examples of integration of Valint with Jenkins deployed in di
     stage('slsa-provenance') {
       agent {
         docker {
-          image 'scribesecurity/valint:latest'
+          image 'ghcr.io/scribe-security/valint:latest'
           reuseNode true
           args "--entrypoint="
         }
@@ -210,7 +210,7 @@ Following are more examples of integration of Valint with Jenkins deployed in di
     stage('verify') {
       agent {
         docker {
-          image 'scribesecurity/valint:latest'
+          image 'ghcr.io/scribe-security/valint:latest'
           reuseNode true
           args "--entrypoint="
         }
@@ -298,7 +298,7 @@ spec:
     - name: CONTAINER_ENV_VAR
       value: jnlp
   - name: valint
-    image: scribesecurity/valint:latest 
+    image: ghcr.io/scribe-security/valint:latest 
     command:
     - cat
     tty: true
@@ -363,7 +363,7 @@ spec:
     - name: CONTAINER_ENV_VAR
       value: jnlp
   - name: valint
-    image: scribesecurity/valint:latest 
+    image: ghcr.io/scribe-security/valint:latest 
     command:
     - cat
     tty: true
@@ -510,7 +510,7 @@ pipeline {
   stages {
     stage('install') {
         steps {
-          sh 'curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b ./temp/bin'
+          sh 'curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b ./temp/bin'
         }
     }
     stage('bom') {
@@ -550,7 +550,7 @@ node {
     "PATH=./temp/bin:$PATH"
   ]) {
     stage('install') {
-      sh 'curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b ./temp/bin -D'
+      sh 'curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b ./temp/bin -D'
     }
     stage('bom') {
         sh '''
@@ -697,7 +697,7 @@ pipeline {
   stages {
     stage('install') {
         steps {
-          sh 'curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b ./temp/bin'
+          sh 'curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b ./temp/bin'
         }
     }
     stage('bom') {
@@ -735,7 +735,7 @@ node {
     "PATH=./temp/bin:$PATH"
   ]) {
     stage('install') {
-      sh 'curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b ./temp/bin -D'
+      sh 'curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b ./temp/bin -D'
     }
     stage('bom') {
         sh '''

docs/integrating-scribe/ci-integrations/travis.md

@@ -21,14 +21,14 @@ Add the Scribe Hub API token as SCRIBE_TOKEN to your environment by following th
 **Valint** (Scribe CLI) is required to generate evidence in such as SBOMs and SLSA provenance. 
 Install Valint on your build runner with the following command
 ```
-sh 'curl -sSfL https://get.scribesecurity.com/install.sh | sh -s -- -b ./temp/bin'
+sh 'curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh | sh -s -- -b ./temp/bin'
 ```
 
 Alternatively, add an instalation stage at the beginning of your relevant builds as follows:
 ```yaml
 install:
   - mkdir ./bin
-  - curl -sSfL https://get.scribesecurity.com/install.sh| sh -s -- -b $PWD/bin
+  - curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh| sh -s -- -b $PWD/bin
   - export PATH=$PATH:$PWD/bin/
 ```
 ### 4. Instrument your build scripts
@@ -37,7 +37,7 @@ install:
 ```yaml
 install:
   - mkdir ./bin
-  - curl -sSfL https://get.scribesecurity.com/install.sh| sh -s -- -b $PWD/bin
+  - curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh| sh -s -- -b $PWD/bin
   - export PATH=$PATH:$PWD/bin/
 
 
@@ -72,7 +72,7 @@ jobs:
         depth: false
       install:
         - mkdir ./bin
-        - curl -sSfL https://get.scribesecurity.com/install.sh| sh -s -- -b $PWD/bin
+        - curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh| sh -s -- -b $PWD/bin
         - export PATH=$PATH:$PWD/bin/
       env: test_env=test_env_value
       script:
@@ -209,7 +209,7 @@ For more details see **[Artifact documentation](https://docs.travis-ci.com/user/
 
       install:
         - mkdir ./bin
-        - curl -sSfL https://get.scribesecurity.com/install.sh| sh -s -- -b $PWD/bin
+        - curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh| sh -s -- -b $PWD/bin
         - export PATH=$PATH:$PWD/bin/
 
       script:
@@ -249,7 +249,7 @@ For more details see [Artifact documentation](https://docs.travis-ci.com/user/up
 
       install:
         - mkdir ./bin
-        - curl -sSfL https://get.scribesecurity.com/install.sh| sh -s -- -b $PWD/bin
+        - curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh| sh -s -- -b $PWD/bin
         - export PATH=$PATH:$PWD/bin/
 
       script:

docs/integrating-scribe/vulnerability-scanners.md

@@ -168,7 +168,7 @@ Use our CLI tool to upload your report for analysis and cataloging.
 
 Get the `valint` tool
 ```bash
-curl -sSfL https://get.scribesecurity.com/install.sh  | sh -s -- -t valint
+curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh  | sh -s -- -t valint
 ```
 </details>
 

docs/integrating-scribe/vulnerability-scanners.md.bak

@@ -168,7 +168,7 @@ Use our CLI tool to upload your report for analysis and cataloging.
 
 Get the `valint` tool
 ```bash
-curl -sSfL https://get.scribesecurity.com/install.sh  | sh -s -- -t valint
+curl -sSfL https://raw.githubusercontent.com/scribe-security/misc/master/gh_install.sh  | sh -s -- -t valint
 ```
 </details>
 

docs/platforms/github-integration.md

@@ -568,7 +568,7 @@ jobs:
   discovery-ecr:
     stage: discovery
     image:
-        name: scribesecurity/platforms:${PLATFORMS_VERSION}
+        name: ghcr.io/scribe-security/platforms:${PLATFORMS_VERSION}
         entrypoint: [""]
         pull_policy: always
     cache:
@@ -606,7 +606,7 @@ jobs:
     needs: ["discovery-ecr"]
     timeout: 5 hours
     image:
-        name: scribesecurity/platforms:${PLATFORMS_VERSION}
+        name: ghcr.io/scribe-security/platforms:${PLATFORMS_VERSION}
         entrypoint: [""]
         pull_policy: always
     services:
@@ -649,7 +649,7 @@ jobs:
     needs: ["bom-sign-ecr"] # "policy-gitlab" hack to win some time for the backend to process the SBOMs
     timeout: 5 hours
     image:
-        name: scribesecurity/platforms:${PLATFORMS_VERSION}
+        name: ghcr.io/scribe-security/platforms:${PLATFORMS_VERSION}
         entrypoint: [""]
         pull_policy: always
     services:

docs/platforms/hooks.md

@@ -701,7 +701,7 @@ run: |-
 
 Example:
 ```bash
-docker run -it scribesecurity/platforms:latest discover github --hook trivy_iac_and_secrets_remote
+docker run -it ghcr.io/scribe-security/platforms:latest discover github --hook trivy_iac_and_secrets_remote
 ```
 
 ## Evidence from Hooks