https://github.com/redhat-cop/viewfinder-upstream
Upstream version of the "Red Hat Sovereignty Readiness Assessment"
https://github.com/redhat-cop/viewfinder-upstream
Last synced: about 2 months ago
JSON representation
Upstream version of the "Red Hat Sovereignty Readiness Assessment"
- Host: GitHub
- URL: https://github.com/redhat-cop/viewfinder-upstream
- Owner: redhat-cop
- License: apache-2.0
- Created: 2026-02-09T18:35:02.000Z (4 months ago)
- Default Branch: master
- Last Pushed: 2026-02-24T07:44:34.000Z (4 months ago)
- Last Synced: 2026-02-24T13:47:51.651Z (4 months ago)
- Language: CSS
- Homepage: https://www.chrisj.co.uk/viewfinder
- Size: 2.22 MB
- Stars: 23
- Watchers: 1
- Forks: 4
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Digital Sovereignty Readiness Assessment
A streamlined Digital Sovereignty assessment tool focused on providing organizations with a quick and actionable readiness evaluation.
## Overview
This tool helps organizations evaluate their digital sovereignty posture across 7 critical domains in just 10-15 minutes.
## Screenshots
### Landing Page
The landing page features the Digital Sovereignty Readiness Assessment.
### Assessment Page
The assessment questionnaire presents 21 questions across 7 domains with Yes/No/"Don't Know" response options. Progress is auto-saved to browser storage.
### Results Pages
Comprehensive results display showing scoring, maturity level, domain analysis, and actionable recommendations.
### PDF Report
Professional PDF report with scores, domain breakdown, maturity level assessment, and tailored improvement actions.
## Features
### Digital Sovereignty Readiness Assessment
- **Quick Assessment**: Complete evaluation in 10-15 minutes
- **7 Critical Domains**: Comprehensive coverage across:
- Data Sovereignty
- Technical Sovereignty
- Operational Sovereignty
- Assurance Sovereignty
- Open Source Strategy
- Executive Oversight
- Managed Services
- **21 Key Questions**: 2-3 targeted questions per domain
- **Multiple Response Options**: Yes/No/"Don't Know" format
- **Instant Scoring**: Real-time maturity level calculation
- **Maturity Levels**: Foundation, Developing, Strategic, Advanced
- **Actionable Recommendations**: Tailored guidance based on assessment results
- **Research Questions**: Track "Don't Know" responses for follow-up investigation
- **PDF Export**: Professional downloadable reports
- **Progress Auto-Save**: Browser-based session persistence
- **Keyboard Navigation**: Arrow keys for quick navigation, Ctrl+S to save
## Installation
### Podman Installation (easiest option)
1. **Clone the repository**:
```bash
$ git clone https://github.com/redhat-cop/viewfinder-upstream.git
$ cd viewfinder-upstream
```
2. **Build the container**:
```bash
podman build -t viewfinder-upstream:latest .
```
3. **Run the container**:
```bash
podman run -p 8080:8080 --name viewfinder-upstream viewfinder-upstream:latest
```
4. **Access the application**:
```
http://localhost:8080
```
### Prerequisites
- PHP 8.1 or higher
- Apache or Nginx web server
- Composer (for dependency management)
### Local Installation
1. **Clone or extract the application**:
```bash
cd /var/www/html/viewfinder-upstream
$ cd
$ git clone https://github.com/redhat-cop/viewfinder-upstream.git
$ # Copy files from your working directory to your apache directory
$ cp -r viewfinder-upstream /var/www/html/
$ cd /var/www/html/viewfinder-upstream
```
2. **Install dependencies**:
```bash
composer install --no-dev --optimize-autoloader
```
**Note**: If you encounter a "composer.lock does not contain valid JSON" error, the lock file may have been corrupted during file transfer. Fix it by running:
```bash
rm composer.lock
composer install --no-dev --optimize-autoloader
```
3. **Set file permissions**:
```bash
# Set ownership (adjust user/group for your system)
sudo chown -R apache:apache /var/www/html/viewfinder-upstream
# Set directory permissions
sudo chmod 755 /var/www/html/viewfinder-upstream
sudo chmod 775 /var/www/html/viewfinder-upstream/logs
# Set file permissions
find /var/www/html/viewfinder-upstream -type f -exec chmod 644 {} \;
```
4. **Configure web server**:
- See [Web Server Configuration](#web-server-configuration) below
5. **Access the application**:
```
http://your-server/viewfinder-upstream
```
1. **Build the container**:
```bash
cd /var/www/html/viewfinder-upstream
podman build -t viewfinder-upstream:latest .
```
2. **Run the container**:
```bash
podman run -d -p 8080:8080 --name viewfinder-upstream viewfinder-upstream:latest
```
3. **Access the application**:
```
http://localhost:8080
```
## Web Server Configuration
### Apache Configuration
**VirtualHost Example** (`/etc/httpd/conf.d/viewfinder-upstream.conf`):
```apache
ServerName viewfinder-upstream.example.com
DocumentRoot /var/www/html/viewfinder-upstream
Options -Indexes +FollowSymLinks
AllowOverride All
Require all granted
# Security headers
Header always set X-Content-Type-Options "nosniff"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-XSS-Protection "1; mode=block"
# Logging
ErrorLog /var/log/httpd/viewfinder-upstream-error.log
CustomLog /var/log/httpd/viewfinder-upstream-access.log combined
```
### Nginx Configuration
**Server Block Example** (`/etc/nginx/conf.d/viewfinder-upstream.conf`):
```nginx
server {
listen 80;
server_name viewfinder-upstream.example.com;
root /var/www/html/viewfinder-upstream;
index index.php;
# Security headers
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# Deny access to sensitive files
location ~ /\. {
deny all;
}
# Logging
access_log /var/log/nginx/viewfinder-upstream-access.log;
error_log /var/log/nginx/viewfinder-upstream-error.log;
}
```
## File Structure
```
viewfinder-upstream/
├── index.php # Landing page
├── composer.json # PHP dependencies
├── composer.lock # Dependency lock file
├── Dockerfile # Container build configuration
├── README.md # This file
├── CHANGES.md # Change log
├── IMPLEMENTATION_SUMMARY.txt # Implementation details
│
├── ds-qualifier/ # Digital Sovereignty Readiness Assessment
│ ├── index.php # Assessment questionnaire interface
│ ├── results.php # Results and recommendations page
│ ├── config.php # Questions configuration
│ ├── generate-pdf.php # PDF report generator
│ ├── css/
│ │ └── ds-qualifier.css # Assessment-specific styles
│ └── js/
│ └── ds-qualifier.js # Interactive features & auto-save
│
├── includes/ # Core backend classes
│ ├── Config.php # Application configuration
│ ├── Security.php # Security utilities
│ ├── Logger.php # Logging functionality
│ └── Exceptions/ # Custom exception classes
│ ├── ViewfinderException.php
│ ├── FileSystemException.php
│ ├── DataValidationException.php
│ ├── ConfigurationException.php
│ └── ViewfinderJsonException.php
│
├── css/ # Shared stylesheets
│ ├── bootstrap.min.css # Bootstrap framework
│ ├── brands.css # Font Awesome brands
│ ├── style.css # Main application styles
│ ├── tab-dark.css # Dark theme tab styling
│ ├── patternfly.css # Red Hat PatternFly design system
│ └── patternfly-addons.css # PatternFly extensions
│
├── js/ # Shared JavaScript files
│
├── images/ # Images and logos
│ └── screenshots/ # Documentation screenshots
│ ├── landing-page-balanced.png
│ ├── assessment-page.png
│ ├── results-page1.png
│ ├── results-page2.png
│ ├── results-page3.png
│ └── pdf-report-sample.png
│
├── error-pages/ # Error handling pages
│ └── error-handler.php
│
├── logs/ # Application logs (created at runtime)
│
└── vendor/ # Composer dependencies (created by composer install)
```
## Usage
### Landing Page
Navigate to the root URL to access the landing page featuring the Digital Sovereignty Readiness Assessment card.
### Taking an Assessment
1. **Start Assessment**: Click "Start Assessment" button to begin
2. **Answer Questions**: Progress through 7 domains
- Use Next/Previous buttons to navigate
- Answer Yes/No or select "Don't Know" for uncertain items
- Questions are validated before proceeding
- Progress auto-saves to browser storage
3. **Submit**: Click "Complete Assessment" on the final section
4. **View Results**: Review your maturity level and recommendations
5. **Download Report**: Generate PDF report for stakeholders
6. **Take New Assessment**: Start fresh assessment anytime
### Understanding Results
#### Maturity Levels
Based on your score (0-21 points):
- **Foundation (0-5 points)**: Early-stage maturity
- Ad-hoc processes with minimal sovereignty controls
- Significant dependencies on external providers
- Focus: Establish executive awareness and basic policies
- **Developing (6-10 points)**: Growing maturity
- Basic controls are in place but not yet standardized
- Projects are planned but processes may not be repeatable organization-wide
- Focus: Build repeatable practices and implement foundational controls
- **Strategic (11-16 points)**: Mature posture
- Processes are well characterized, understood, documented, and standardized
- Digital sovereignty practices are consistent and repeatable across the organization
- Clear governance structures and policies are in place
- Focus: Ensure organization-wide consistency and pursue certifications
- **Advanced (17-21 points)**: Leading maturity
- Continuous improvement through quantitative feedback and innovation
- Proactive identification and deployment of innovative sovereignty practices
- Industry-leading posture with thought leadership contributions
- Focus: Drive innovation and lead industry best practices
#### Results Components
- **Score Breakdown**: Percentage-based maturity indicator
- **Domain Analysis Table**: Shows score and maturity level per domain
- Progress bars show percentage completion per domain
- **Improvement Actions**: Recommended next steps based on maturity level
- **Domain Insights**: Detailed view of strengths and improvement areas
- **Research Questions**: "Don't Know" responses flagged for further investigation
## Configuration
### Application Settings
Edit `includes/Config.php` to modify:
- Application name and version
- Base paths
- Error handling settings
- Security configuration
### Assessment Questions
Edit `ds-qualifier/config.php` to customize:
- Question text
- Domain definitions
- Tooltips and help text
## Dependencies
### PHP Requirements
- **PHP**: ^8.1
- **Extensions**: ext-json
### Composer Packages
- **monolog/monolog** (^3.5): Logging framework
- **dompdf/dompdf** (^3.1): PDF report generation
### Frontend Libraries (CDN)
- jQuery 3.6.0
- jQuery UI 1.13.2
- Font Awesome 8.x
- Bootstrap (included locally)
- PatternFly (included locally)
## Security Features
- **Input Validation**: Comprehensive sanitization of all user inputs
- **CSRF Protection**: Session-based CSRF token validation
- **Secure Headers**: X-Content-Type-Options, X-Frame-Options, X-XSS-Protection
- **Path Traversal Prevention**: Secure file path handling
- **Error Logging**: Detailed logging without exposing sensitive data
- **Session Timeout**: Automatic session expiration (1 hour)
- **Secure File Operations**: Atomic file writes with rollback capability
## Comparison with Full Viewfinder
| Feature | Full Viewfinder | Viewfinder Lite |
|---------|----------------|-----------------|
| Profile Management | ✓ | ✗ |
| Full Maturity Assessments | ✓ | ✗ |
| Readiness Assessment | ✓ | ✓ |
| Digital Sovereignty Quiz | ✓ | ✗ |
| Operation Sovereign Shield | ✓ | ✗ |
| Compliance Framework Mapping | ✓ | ✗ |
| Line of Business Content | ✓ | ✗ |
| Approximate Size | ~100+ MB | ~60-65 MB |
## Troubleshooting
### Common Issues
**Issue**: Permission denied errors
```bash
# Solution: Set correct ownership and permissions
sudo chown -R apache:apache /var/www/html/viewfinder-upstream
sudo chmod 755 /var/www/html/viewfinder-upstream
sudo chmod 775 /var/www/html/viewfinder-upstream/logs
```
**Issue**: Composer dependencies not found
```bash
# Solution: Run composer install
cd /var/www/html/viewfinder-upstream
composer install --no-dev --optimize-autoloader
```
**Issue**: PDF generation fails
```bash
# Solution: Check dompdf is installed
composer show dompdf/dompdf
# If not found, reinstall dependencies
composer install --no-dev --optimize-autoloader
```
**Issue**: Sessions not persisting
```bash
# Solution: Check session directory permissions
sudo chmod 1733 /var/lib/php/session # For RHEL/CentOS
sudo chmod 1733 /var/lib/php/sessions # For Debian/Ubuntu
```
### Logging
View application logs for troubleshooting:
```bash
# View recent logs
tail -f /var/www/html/viewfinder-upstream/logs/app.log
# Search for errors
grep ERROR /var/www/html/viewfinder-upstream/logs/app.log
# View web server logs
tail -f /var/log/httpd/error_log # Apache (RHEL/CentOS)
tail -f /var/log/apache2/error.log # Apache (Debian/Ubuntu)
tail -f /var/log/nginx/error.log # Nginx
```
## Development
### Adding Custom Questions
1. Edit `ds-qualifier/config.php`
2. Add questions to the appropriate domain
3. Follow the existing format:
```php
'questions' => [
[
'id' => 'unique-id',
'text' => 'Your question text?',
'tooltip' => 'Helpful explanation'
]
]
```
### Customizing Styling
- **Main application**: Edit `css/style.css`
- **Assessment interface**: Edit `ds-qualifier/css/ds-qualifier.css`
- **Dark theme**: Edit `css/tab-dark.css`
### Modifying Maturity Levels
Edit `ds-qualifier/results.php` to adjust:
- Score thresholds
- Maturity level names
- Recommendations per level
## License
Apache-2.0 License - Red Hat
## Support
This is a community-supported open source project. For issues, questions, or feature requests:
- **GitHub Issues**: https://github.com/redhat-cop/viewfinder-upstream/issues
- **GitHub Discussions**: https://github.com/redhat-cop/viewfinder-upstream/discussions
- **Red Hat Community of Practice**: https://github.com/redhat-cop
For enterprise support and the enhanced CMMI version, contact your Red Hat representative.
For issues, questions, or feature requests, please refer to the main Viewfinder project documentation or contact your Red Hat representative.
## Disclaimer
This application is provided for informational purposes only. The information is provided "as is" with no guarantee or warranty of accuracy, completeness, or fitness for a particular purpose. Users should conduct their own validation and testing before relying on assessment results for decision-making.
---
**Viewfinder Lite** - Streamlined Digital Sovereignty Readiness Assessment
Version: 1.0.0