{"id":49178952,"url":"https://github.com/redhat-cop/viewfinder-upstream","last_synced_at":"2026-04-23T00:30:35.983Z","repository":{"id":337652860,"uuid":"1153852285","full_name":"redhat-cop/viewfinder-upstream","owner":"redhat-cop","description":"Upstream version of the \"Red Hat Sovereignty Readiness Assessment\"","archived":false,"fork":false,"pushed_at":"2026-02-24T07:44:34.000Z","size":2324,"stargazers_count":23,"open_issues_count":3,"forks_count":4,"subscribers_count":1,"default_branch":"master","last_synced_at":"2026-02-24T13:47:51.651Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://www.chrisj.co.uk/viewfinder","language":"CSS","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/redhat-cop.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-09T18:35:02.000Z","updated_at":"2026-02-24T10:44:04.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/redhat-cop/viewfinder-upstream","commit_stats":null,"previous_names":["redhat-cop/viewfinder-lite","redhat-cop/viewfinder-upstream"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/redhat-cop/viewfinder-upstream","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/redhat-cop%2Fviewfinder-upstream","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/redhat-cop%2Fviewfinder-upstream/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/redhat-cop%2Fviewfinder-upstream/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/redhat-cop%2Fviewfinder-upstream/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/redhat-cop","download_url":"https://codeload.github.com/redhat-cop/viewfinder-upstream/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/redhat-cop%2Fviewfinder-upstream/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32161319,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-22T17:06:48.269Z","status":"ssl_error","status_checked_at":"2026-04-22T17:06:19.037Z","response_time":58,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-04-23T00:30:34.724Z","updated_at":"2026-04-23T00:30:35.964Z","avatar_url":"https://github.com/redhat-cop.png","language":"CSS","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Digital Sovereignty Readiness Assessment\n\nA streamlined Digital Sovereignty assessment tool focused on providing organizations with a quick and actionable readiness evaluation.\n\n## Overview\n\nThis tool helps organizations evaluate their digital sovereignty posture across 7 critical domains in just 10-15 minutes.\n\n## Screenshots\n\n### Landing Page\nThe landing page features the Digital Sovereignty Readiness Assessment.\n\n![Landing Page - Balanced Profile](images/screenshots/landing-page-balanced.png)\n\n### Assessment Page\nThe assessment questionnaire presents 21 questions across 7 domains with Yes/No/\"Don't Know\" response options. Progress is auto-saved to browser storage.\n\n![Assessment Page](images/screenshots/assessment-page.png)\n\n### Results Pages\nComprehensive results display showing scoring, maturity level, domain analysis, and actionable recommendations.\n\n![Results Page - Overview](images/screenshots/results-page1.png)\n\n![Results Page - Domain Analysis](images/screenshots/results-page2.png)\n\n![Results Page - Recommendations](images/screenshots/results-page3.png)\n\n### PDF Report\nProfessional PDF report with scores, domain breakdown, maturity level assessment, and tailored improvement actions.\n\n![PDF Report Sample](images/screenshots/pdf-report-sample.png)\n\n## Features\n\n### Digital Sovereignty Readiness Assessment\n- **Quick Assessment**: Complete evaluation in 10-15 minutes\n- **7 Critical Domains**: Comprehensive coverage across:\n  - Data Sovereignty\n  - Technical Sovereignty\n  - Operational Sovereignty\n  - Assurance Sovereignty\n  - Open Source Strategy\n  - Executive Oversight\n  - Managed Services\n- **21 Key Questions**: 2-3 targeted questions per domain\n- **Multiple Response Options**: Yes/No/\"Don't Know\" format\n- **Instant Scoring**: Real-time maturity level calculation\n- **Maturity Levels**: Foundation, Developing, Strategic, Advanced\n- **Actionable Recommendations**: Tailored guidance based on assessment results\n- **Research Questions**: Track \"Don't Know\" responses for follow-up investigation\n- **PDF Export**: Professional downloadable reports\n- **Progress Auto-Save**: Browser-based session persistence\n- **Keyboard Navigation**: Arrow keys for quick navigation, Ctrl+S to save\n\n## Installation\n\n### Podman Installation (easiest option)\n\n1. **Clone the repository**:\n   ```bash\n   $ git clone https://github.com/redhat-cop/viewfinder-upstream.git\n   $ cd viewfinder-upstream\n   ```\n2. **Build the container**:\n   ```bash\n   podman build -t viewfinder-upstream:latest .\n   ```\n\n3. **Run the container**:\n   ```bash\n   podman run -p 8080:8080 --name viewfinder-upstream viewfinder-upstream:latest\n   ```\n\n4. **Access the application**:\n   ```\n   http://localhost:8080\n   ```\n\n### Prerequisites\n- PHP 8.1 or higher\n- Apache or Nginx web server\n- Composer (for dependency management)\n\n### Local Installation\n\n1. **Clone or extract the application**:\n   ```bash\n   cd /var/www/html/viewfinder-upstream\n   $ cd \u003cyour working directory\u003e\n   $ git clone https://github.com/redhat-cop/viewfinder-upstream.git\n   $ # Copy files from your working directory to your apache directory\n   $ cp -r viewfinder-upstream /var/www/html/\n   $ cd /var/www/html/viewfinder-upstream\n   ```\n\n2. **Install dependencies**:\n   ```bash\n   composer install --no-dev --optimize-autoloader\n   ```\n\n   **Note**: If you encounter a \"composer.lock does not contain valid JSON\" error, the lock file may have been corrupted during file transfer. Fix it by running:\n   ```bash\n   rm composer.lock\n   composer install --no-dev --optimize-autoloader\n   ```\n\n3. **Set file permissions**:\n   ```bash\n   # Set ownership (adjust user/group for your system)\n   sudo chown -R apache:apache /var/www/html/viewfinder-upstream\n\n   # Set directory permissions\n   sudo chmod 755 /var/www/html/viewfinder-upstream\n   sudo chmod 775 /var/www/html/viewfinder-upstream/logs\n\n   # Set file permissions\n   find /var/www/html/viewfinder-upstream -type f -exec chmod 644 {} \\;\n   ```\n\n4. **Configure web server**:\n   - See [Web Server Configuration](#web-server-configuration) below\n\n5. **Access the application**:\n   ```\n   http://your-server/viewfinder-upstream\n   ```\n\n\n1. **Build the container**:\n   ```bash\n   cd /var/www/html/viewfinder-upstream\n   podman build -t viewfinder-upstream:latest .\n   ```\n\n2. **Run the container**:\n   ```bash\n   podman run -d -p 8080:8080 --name viewfinder-upstream viewfinder-upstream:latest\n   ```\n\n3. **Access the application**:\n   ```\n   http://localhost:8080\n   ```\n\n## Web Server Configuration\n\n### Apache Configuration\n\n**VirtualHost Example** (`/etc/httpd/conf.d/viewfinder-upstream.conf`):\n```apache\n\u003cVirtualHost *:80\u003e\n    ServerName viewfinder-upstream.example.com\n    DocumentRoot /var/www/html/viewfinder-upstream\n\n    \u003cDirectory /var/www/html/viewfinder-upstream\u003e\n        Options -Indexes +FollowSymLinks\n        AllowOverride All\n        Require all granted\n\n        # Security headers\n        Header always set X-Content-Type-Options \"nosniff\"\n        Header always set X-Frame-Options \"SAMEORIGIN\"\n        Header always set X-XSS-Protection \"1; mode=block\"\n    \u003c/Directory\u003e\n\n    # Logging\n    ErrorLog /var/log/httpd/viewfinder-upstream-error.log\n    CustomLog /var/log/httpd/viewfinder-upstream-access.log combined\n\u003c/VirtualHost\u003e\n```\n\n### Nginx Configuration\n\n**Server Block Example** (`/etc/nginx/conf.d/viewfinder-upstream.conf`):\n```nginx\nserver {\n    listen 80;\n    server_name viewfinder-upstream.example.com;\n    root /var/www/html/viewfinder-upstream;\n    index index.php;\n\n    # Security headers\n    add_header X-Content-Type-Options \"nosniff\" always;\n    add_header X-Frame-Options \"SAMEORIGIN\" always;\n    add_header X-XSS-Protection \"1; mode=block\" always;\n\n    location / {\n        try_files $uri $uri/ /index.php?$query_string;\n    }\n\n    location ~ \\.php$ {\n        fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;\n        fastcgi_index index.php;\n        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;\n        include fastcgi_params;\n    }\n\n    # Deny access to sensitive files\n    location ~ /\\. {\n        deny all;\n    }\n\n    # Logging\n    access_log /var/log/nginx/viewfinder-upstream-access.log;\n    error_log /var/log/nginx/viewfinder-upstream-error.log;\n}\n```\n\n## File Structure\n\n```\nviewfinder-upstream/\n├── index.php                    # Landing page\n├── composer.json                # PHP dependencies\n├── composer.lock                # Dependency lock file\n├── Dockerfile                   # Container build configuration\n├── README.md                    # This file\n├── CHANGES.md                   # Change log\n├── IMPLEMENTATION_SUMMARY.txt   # Implementation details\n│\n├── ds-qualifier/                # Digital Sovereignty Readiness Assessment\n│   ├── index.php               # Assessment questionnaire interface\n│   ├── results.php             # Results and recommendations page\n│   ├── config.php              # Questions configuration\n│   ├── generate-pdf.php        # PDF report generator\n│   ├── css/\n│   │   └── ds-qualifier.css    # Assessment-specific styles\n│   └── js/\n│       └── ds-qualifier.js     # Interactive features \u0026 auto-save\n│\n├── includes/                    # Core backend classes\n│   ├── Config.php              # Application configuration\n│   ├── Security.php            # Security utilities\n│   ├── Logger.php              # Logging functionality\n│   └── Exceptions/             # Custom exception classes\n│       ├── ViewfinderException.php\n│       ├── FileSystemException.php\n│       ├── DataValidationException.php\n│       ├── ConfigurationException.php\n│       └── ViewfinderJsonException.php\n│\n├── css/                         # Shared stylesheets\n│   ├── bootstrap.min.css       # Bootstrap framework\n│   ├── brands.css              # Font Awesome brands\n│   ├── style.css               # Main application styles\n│   ├── tab-dark.css            # Dark theme tab styling\n│   ├── patternfly.css          # Red Hat PatternFly design system\n│   └── patternfly-addons.css   # PatternFly extensions\n│\n├── js/                          # Shared JavaScript files\n│\n├── images/                      # Images and logos\n│   └── screenshots/             # Documentation screenshots\n│       ├── landing-page-balanced.png\n│       ├── assessment-page.png\n│       ├── results-page1.png\n│       ├── results-page2.png\n│       ├── results-page3.png\n│       └── pdf-report-sample.png\n│\n├── error-pages/                 # Error handling pages\n│   └── error-handler.php\n│\n├── logs/                        # Application logs (created at runtime)\n│\n└── vendor/                      # Composer dependencies (created by composer install)\n```\n\n## Usage\n\n### Landing Page\nNavigate to the root URL to access the landing page featuring the Digital Sovereignty Readiness Assessment card.\n\n### Taking an Assessment\n\n1. **Start Assessment**: Click \"Start Assessment\" button to begin\n2. **Answer Questions**: Progress through 7 domains\n   - Use Next/Previous buttons to navigate\n   - Answer Yes/No or select \"Don't Know\" for uncertain items\n   - Questions are validated before proceeding\n   - Progress auto-saves to browser storage\n3. **Submit**: Click \"Complete Assessment\" on the final section\n4. **View Results**: Review your maturity level and recommendations\n5. **Download Report**: Generate PDF report for stakeholders\n6. **Take New Assessment**: Start fresh assessment anytime\n\n### Understanding Results\n\n#### Maturity Levels\n\nBased on your score (0-21 points):\n\n- **Foundation (0-5 points)**: Early-stage maturity\n  - Ad-hoc processes with minimal sovereignty controls\n  - Significant dependencies on external providers\n  - Focus: Establish executive awareness and basic policies\n\n- **Developing (6-10 points)**: Growing maturity\n  - Basic controls are in place but not yet standardized\n  - Projects are planned but processes may not be repeatable organization-wide\n  - Focus: Build repeatable practices and implement foundational controls\n\n- **Strategic (11-16 points)**: Mature posture\n  - Processes are well characterized, understood, documented, and standardized\n  - Digital sovereignty practices are consistent and repeatable across the organization\n  - Clear governance structures and policies are in place\n  - Focus: Ensure organization-wide consistency and pursue certifications\n\n- **Advanced (17-21 points)**: Leading maturity\n  - Continuous improvement through quantitative feedback and innovation\n  - Proactive identification and deployment of innovative sovereignty practices\n  - Industry-leading posture with thought leadership contributions\n  - Focus: Drive innovation and lead industry best practices\n\n#### Results Components\n\n- **Score Breakdown**: Percentage-based maturity indicator\n- **Domain Analysis Table**: Shows score and maturity level per domain\n  - Progress bars show percentage completion per domain\n- **Improvement Actions**: Recommended next steps based on maturity level\n- **Domain Insights**: Detailed view of strengths and improvement areas\n- **Research Questions**: \"Don't Know\" responses flagged for further investigation\n\n## Configuration\n\n### Application Settings\nEdit `includes/Config.php` to modify:\n- Application name and version\n- Base paths\n- Error handling settings\n- Security configuration\n\n### Assessment Questions\nEdit `ds-qualifier/config.php` to customize:\n- Question text\n- Domain definitions\n- Tooltips and help text\n\n## Dependencies\n\n### PHP Requirements\n- **PHP**: ^8.1\n- **Extensions**: ext-json\n\n### Composer Packages\n- **monolog/monolog** (^3.5): Logging framework\n- **dompdf/dompdf** (^3.1): PDF report generation\n\n### Frontend Libraries (CDN)\n- jQuery 3.6.0\n- jQuery UI 1.13.2\n- Font Awesome 8.x\n- Bootstrap (included locally)\n- PatternFly (included locally)\n\n## Security Features\n\n- **Input Validation**: Comprehensive sanitization of all user inputs\n- **CSRF Protection**: Session-based CSRF token validation\n- **Secure Headers**: X-Content-Type-Options, X-Frame-Options, X-XSS-Protection\n- **Path Traversal Prevention**: Secure file path handling\n- **Error Logging**: Detailed logging without exposing sensitive data\n- **Session Timeout**: Automatic session expiration (1 hour)\n- **Secure File Operations**: Atomic file writes with rollback capability\n\n## Comparison with Full Viewfinder\n\n| Feature | Full Viewfinder | Viewfinder Lite |\n|---------|----------------|-----------------|\n| Profile Management | ✓ | ✗ |\n| Full Maturity Assessments | ✓ | ✗ |\n| Readiness Assessment | ✓ | ✓ |\n| Digital Sovereignty Quiz | ✓ | ✗ |\n| Operation Sovereign Shield | ✓ | ✗ |\n| Compliance Framework Mapping | ✓ | ✗ |\n| Line of Business Content | ✓ | ✗ |\n| Approximate Size | ~100+ MB | ~60-65 MB |\n\n## Troubleshooting\n\n### Common Issues\n\n**Issue**: Permission denied errors\n```bash\n# Solution: Set correct ownership and permissions\nsudo chown -R apache:apache /var/www/html/viewfinder-upstream\nsudo chmod 755 /var/www/html/viewfinder-upstream\nsudo chmod 775 /var/www/html/viewfinder-upstream/logs\n```\n\n**Issue**: Composer dependencies not found\n```bash\n# Solution: Run composer install\ncd /var/www/html/viewfinder-upstream\ncomposer install --no-dev --optimize-autoloader\n```\n\n**Issue**: PDF generation fails\n```bash\n# Solution: Check dompdf is installed\ncomposer show dompdf/dompdf\n# If not found, reinstall dependencies\ncomposer install --no-dev --optimize-autoloader\n```\n\n**Issue**: Sessions not persisting\n```bash\n# Solution: Check session directory permissions\nsudo chmod 1733 /var/lib/php/session  # For RHEL/CentOS\nsudo chmod 1733 /var/lib/php/sessions # For Debian/Ubuntu\n```\n\n### Logging\n\nView application logs for troubleshooting:\n\n```bash\n# View recent logs\ntail -f /var/www/html/viewfinder-upstream/logs/app.log\n\n# Search for errors\ngrep ERROR /var/www/html/viewfinder-upstream/logs/app.log\n\n# View web server logs\ntail -f /var/log/httpd/error_log    # Apache (RHEL/CentOS)\ntail -f /var/log/apache2/error.log  # Apache (Debian/Ubuntu)\ntail -f /var/log/nginx/error.log    # Nginx\n```\n\n## Development\n\n### Adding Custom Questions\n\n1. Edit `ds-qualifier/config.php`\n2. Add questions to the appropriate domain\n3. Follow the existing format:\n   ```php\n   'questions' =\u003e [\n       [\n           'id' =\u003e 'unique-id',\n           'text' =\u003e 'Your question text?',\n           'tooltip' =\u003e 'Helpful explanation'\n       ]\n   ]\n   ```\n\n### Customizing Styling\n\n- **Main application**: Edit `css/style.css`\n- **Assessment interface**: Edit `ds-qualifier/css/ds-qualifier.css`\n- **Dark theme**: Edit `css/tab-dark.css`\n\n### Modifying Maturity Levels\n\nEdit `ds-qualifier/results.php` to adjust:\n- Score thresholds\n- Maturity level names\n- Recommendations per level\n\n## License\n\nApache-2.0 License - Red Hat\n\n## Support\n\nThis is a community-supported open source project. For issues, questions, or feature requests:\n\n- **GitHub Issues**: https://github.com/redhat-cop/viewfinder-upstream/issues\n- **GitHub Discussions**: https://github.com/redhat-cop/viewfinder-upstream/discussions\n- **Red Hat Community of Practice**: https://github.com/redhat-cop\n\nFor enterprise support and the enhanced CMMI version, contact your Red Hat representative.\nFor issues, questions, or feature requests, please refer to the main Viewfinder project documentation or contact your Red Hat representative.\n\n## Disclaimer\n\nThis application is provided for informational purposes only. The information is provided \"as is\" with no guarantee or warranty of accuracy, completeness, or fitness for a particular purpose. Users should conduct their own validation and testing before relying on assessment results for decision-making.\n\n---\n\n**Viewfinder Lite** - Streamlined Digital Sovereignty Readiness Assessment\n\nVersion: 1.0.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fredhat-cop%2Fviewfinder-upstream","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fredhat-cop%2Fviewfinder-upstream","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fredhat-cop%2Fviewfinder-upstream/lists"}