Digital Sovereignty Readiness Assessment

A streamlined Digital Sovereignty assessment tool focused on providing organizations with a quick and actionable readiness evaluation.

Overview

This tool helps organizations evaluate their digital sovereignty posture across 7 critical domains in just 10-15 minutes.

Screenshots

Landing Page

The landing page features the Digital Sovereignty Readiness Assessment.

Assessment Page

The assessment questionnaire presents 21 questions across 7 domains with Yes/No/"Don't Know" response options. Progress is auto-saved to browser storage.

Results Pages

Comprehensive results display showing scoring, maturity level, domain analysis, and actionable recommendations.

PDF Report

Professional PDF report with scores, domain breakdown, maturity level assessment, and tailored improvement actions.

Features

Digital Sovereignty Readiness Assessment

• Quick Assessment: Complete evaluation in 10-15 minutes
• 7 Critical Domains: Comprehensive coverage across:
  • Data Sovereignty
  • Technical Sovereignty
  • Operational Sovereignty
  • Assurance Sovereignty
  • Open Source Strategy
  • Executive Oversight
  • Managed Services
• 21 Key Questions: 2-3 targeted questions per domain
• Multiple Response Options: Yes/No/"Don't Know" format
• Instant Scoring: Real-time maturity level calculation
• Maturity Levels: Foundation, Developing, Strategic, Advanced
• Actionable Recommendations: Tailored guidance based on assessment results
• Research Questions: Track "Don't Know" responses for follow-up investigation
• PDF Export: Professional downloadable reports
• Progress Auto-Save: Browser-based session persistence
• Keyboard Navigation: Arrow keys for quick navigation, Ctrl+S to save

Installation

Podman Installation (easiest option)

1. Clone the repository:

   $ git clone https://github.com/redhat-cop/viewfinder-upstream.git
   $ cd viewfinder-upstream

2. Build the container:

   podman build -t viewfinder-upstream:latest .

3. Run the container:

   podman run -p 8080:8080 --name viewfinder-upstream viewfinder-upstream:latest

4. Access the application:

   http://localhost:8080
   

Prerequisites

• PHP 8.1 or higher
• Apache or Nginx web server
• Composer (for dependency management)

Local Installation

1. Clone or extract the application:

   cd /var/www/html/viewfinder-upstream
   $ cd <your working directory>
   $ git clone https://github.com/redhat-cop/viewfinder-upstream.git
   $ # Copy files from your working directory to your apache directory
   $ cp -r viewfinder-upstream /var/www/html/
   $ cd /var/www/html/viewfinder-upstream

2. Install dependencies:

   composer install --no-dev --optimize-autoloader

   Note: If you encounter a "composer.lock does not contain valid JSON" error, the lock file may have been corrupted during file transfer. Fix it by running:

   rm composer.lock
   composer install --no-dev --optimize-autoloader

3. Set file permissions:

   # Set ownership (adjust user/group for your system)
   sudo chown -R apache:apache /var/www/html/viewfinder-upstream
   
   # Set directory permissions
   sudo chmod 755 /var/www/html/viewfinder-upstream
   sudo chmod 775 /var/www/html/viewfinder-upstream/logs
   
   # Set file permissions
   find /var/www/html/viewfinder-upstream -type f -exec chmod 644 {} \;

4. Configure web server:

   • See Web Server Configuration below

5. Access the application:

   http://your-server/viewfinder-upstream
   

6. Build the container:

   cd /var/www/html/viewfinder-upstream
   podman build -t viewfinder-upstream:latest .

7. Run the container:

   podman run -d -p 8080:8080 --name viewfinder-upstream viewfinder-upstream:latest

8. Access the application:

   http://localhost:8080
   

Web Server Configuration

Apache Configuration

VirtualHost Example (/etc/httpd/conf.d/viewfinder-upstream.conf):

<VirtualHost *:80>
    ServerName viewfinder-upstream.example.com
    DocumentRoot /var/www/html/viewfinder-upstream

    <Directory /var/www/html/viewfinder-upstream>
        Options -Indexes +FollowSymLinks
        AllowOverride All
        Require all granted

        # Security headers
        Header always set X-Content-Type-Options "nosniff"
        Header always set X-Frame-Options "SAMEORIGIN"
        Header always set X-XSS-Protection "1; mode=block"
    </Directory>

    # Logging
    ErrorLog /var/log/httpd/viewfinder-upstream-error.log
    CustomLog /var/log/httpd/viewfinder-upstream-access.log combined
</VirtualHost>

Nginx Configuration

Server Block Example (/etc/nginx/conf.d/viewfinder-upstream.conf):

server {
    listen 80;
    server_name viewfinder-upstream.example.com;
    root /var/www/html/viewfinder-upstream;
    index index.php;

    # Security headers
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-XSS-Protection "1; mode=block" always;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    # Deny access to sensitive files
    location ~ /\. {
        deny all;
    }

    # Logging
    access_log /var/log/nginx/viewfinder-upstream-access.log;
    error_log /var/log/nginx/viewfinder-upstream-error.log;
}

File Structure

viewfinder-upstream/
├── index.php                    # Landing page
├── composer.json                # PHP dependencies
├── composer.lock                # Dependency lock file
├── Dockerfile                   # Container build configuration
├── README.md                    # This file
├── CHANGES.md                   # Change log
├── IMPLEMENTATION_SUMMARY.txt   # Implementation details
│
├── ds-qualifier/                # Digital Sovereignty Readiness Assessment
│   ├── index.php               # Assessment questionnaire interface
│   ├── results.php             # Results and recommendations page
│   ├── config.php              # Questions configuration
│   ├── generate-pdf.php        # PDF report generator
│   ├── css/
│   │   └── ds-qualifier.css    # Assessment-specific styles
│   └── js/
│       └── ds-qualifier.js     # Interactive features & auto-save
│
├── includes/                    # Core backend classes
│   ├── Config.php              # Application configuration
│   ├── Security.php            # Security utilities
│   ├── Logger.php              # Logging functionality
│   └── Exceptions/             # Custom exception classes
│       ├── ViewfinderException.php
│       ├── FileSystemException.php
│       ├── DataValidationException.php
│       ├── ConfigurationException.php
│       └── ViewfinderJsonException.php
│
├── css/                         # Shared stylesheets
│   ├── bootstrap.min.css       # Bootstrap framework
│   ├── brands.css              # Font Awesome brands
│   ├── style.css               # Main application styles
│   ├── tab-dark.css            # Dark theme tab styling
│   ├── patternfly.css          # Red Hat PatternFly design system
│   └── patternfly-addons.css   # PatternFly extensions
│
├── js/                          # Shared JavaScript files
│
├── images/                      # Images and logos
│   └── screenshots/             # Documentation screenshots
│       ├── landing-page-balanced.png
│       ├── assessment-page.png
│       ├── results-page1.png
│       ├── results-page2.png
│       ├── results-page3.png
│       └── pdf-report-sample.png
│
├── error-pages/                 # Error handling pages
│   └── error-handler.php
│
├── logs/                        # Application logs (created at runtime)
│
└── vendor/                      # Composer dependencies (created by composer install)

Usage

Landing Page

Navigate to the root URL to access the landing page featuring the Digital Sovereignty Readiness Assessment card.

Taking an Assessment

1. Start Assessment: Click "Start Assessment" button to begin
2. Answer Questions: Progress through 7 domains
   • Use Next/Previous buttons to navigate
   • Answer Yes/No or select "Don't Know" for uncertain items
   • Questions are validated before proceeding
   • Progress auto-saves to browser storage
3. Submit: Click "Complete Assessment" on the final section
4. View Results: Review your maturity level and recommendations
5. Download Report: Generate PDF report for stakeholders
6. Take New Assessment: Start fresh assessment anytime

Understanding Results

Maturity Levels

Based on your score (0-21 points):

• Foundation (0-5 points): Early-stage maturity

  • Ad-hoc processes with minimal sovereignty controls
  • Significant dependencies on external providers
  • Focus: Establish executive awareness and basic policies

• Developing (6-10 points): Growing maturity

  • Basic controls are in place but not yet standardized
  • Projects are planned but processes may not be repeatable organization-wide
  • Focus: Build repeatable practices and implement foundational controls

• Strategic (11-16 points): Mature posture

  • Processes are well characterized, understood, documented, and standardized
  • Digital sovereignty practices are consistent and repeatable across the organization
  • Clear governance structures and policies are in place
  • Focus: Ensure organization-wide consistency and pursue certifications

• Advanced (17-21 points): Leading maturity

  • Continuous improvement through quantitative feedback and innovation
  • Proactive identification and deployment of innovative sovereignty practices
  • Industry-leading posture with thought leadership contributions
  • Focus: Drive innovation and lead industry best practices

Results Components

• Score Breakdown: Percentage-based maturity indicator
• Domain Analysis Table: Shows score and maturity level per domain
  • Progress bars show percentage completion per domain
• Improvement Actions: Recommended next steps based on maturity level
• Domain Insights: Detailed view of strengths and improvement areas
• Research Questions: "Don't Know" responses flagged for further investigation

Configuration

Application Settings

Edit includes/Config.php to modify:

• Application name and version
• Base paths
• Error handling settings
• Security configuration

Assessment Questions

Edit ds-qualifier/config.php to customize:

• Question text
• Domain definitions
• Tooltips and help text

Dependencies

PHP Requirements

• PHP: ^8.1
• Extensions: ext-json

Composer Packages

• monolog/monolog (^3.5): Logging framework
• dompdf/dompdf (^3.1): PDF report generation

Frontend Libraries (CDN)

• jQuery 3.6.0
• jQuery UI 1.13.2
• Font Awesome 8.x
• Bootstrap (included locally)
• PatternFly (included locally)

Security Features

• Input Validation: Comprehensive sanitization of all user inputs
• CSRF Protection: Session-based CSRF token validation
• Secure Headers: X-Content-Type-Options, X-Frame-Options, X-XSS-Protection
• Path Traversal Prevention: Secure file path handling
• Error Logging: Detailed logging without exposing sensitive data
• Session Timeout: Automatic session expiration (1 hour)
• Secure File Operations: Atomic file writes with rollback capability

Comparison with Full Viewfinder

Feature	Full Viewfinder	Viewfinder Lite
Profile Management	✓	✗
Full Maturity Assessments	✓	✗
Readiness Assessment	✓	✓
Digital Sovereignty Quiz	✓	✗
Operation Sovereign Shield	✓	✗
Compliance Framework Mapping	✓	✗
Line of Business Content	✓	✗
Approximate Size	~100+ MB	~60-65 MB

Troubleshooting

Common Issues

Issue: Permission denied errors

# Solution: Set correct ownership and permissions
sudo chown -R apache:apache /var/www/html/viewfinder-upstream
sudo chmod 755 /var/www/html/viewfinder-upstream
sudo chmod 775 /var/www/html/viewfinder-upstream/logs

Issue: Composer dependencies not found

# Solution: Run composer install
cd /var/www/html/viewfinder-upstream
composer install --no-dev --optimize-autoloader

Issue: PDF generation fails

# Solution: Check dompdf is installed
composer show dompdf/dompdf
# If not found, reinstall dependencies
composer install --no-dev --optimize-autoloader

Issue: Sessions not persisting

# Solution: Check session directory permissions
sudo chmod 1733 /var/lib/php/session  # For RHEL/CentOS
sudo chmod 1733 /var/lib/php/sessions # For Debian/Ubuntu

Logging

View application logs for troubleshooting:

# View recent logs
tail -f /var/www/html/viewfinder-upstream/logs/app.log

# Search for errors
grep ERROR /var/www/html/viewfinder-upstream/logs/app.log

# View web server logs
tail -f /var/log/httpd/error_log    # Apache (RHEL/CentOS)
tail -f /var/log/apache2/error.log  # Apache (Debian/Ubuntu)
tail -f /var/log/nginx/error.log    # Nginx

Development

Adding Custom Questions

1. Edit ds-qualifier/config.php
2. Add questions to the appropriate domain
3. Follow the existing format:

   'questions' => [
       [
           'id' => 'unique-id',
           'text' => 'Your question text?',
           'tooltip' => 'Helpful explanation'
       ]
   ]

Customizing Styling

• Main application: Edit css/style.css
• Assessment interface: Edit ds-qualifier/css/ds-qualifier.css
• Dark theme: Edit css/tab-dark.css

Modifying Maturity Levels

Edit ds-qualifier/results.php to adjust:

• Score thresholds
• Maturity level names
• Recommendations per level

License

Apache-2.0 License - Red Hat

Support

This is a community-supported open source project. For issues, questions, or feature requests:

• GitHub Issues: https://github.com/redhat-cop/viewfinder-upstream/issues
• GitHub Discussions: https://github.com/redhat-cop/viewfinder-upstream/discussions
• Red Hat Community of Practice: https://github.com/redhat-cop

For enterprise support and the enhanced CMMI version, contact your Red Hat representative. For issues, questions, or feature requests, please refer to the main Viewfinder project documentation or contact your Red Hat representative.

Disclaimer

This application is provided for informational purposes only. The information is provided "as is" with no guarantee or warranty of accuracy, completeness, or fitness for a particular purpose. Users should conduct their own validation and testing before relying on assessment results for decision-making.

---

Viewfinder Lite - Streamlined Digital Sovereignty Readiness Assessment

Version: 1.0.0