guacsec
diff --git a/‎src/main/java/io/github/guacsec/trustifyda/integration/report/ReportTemplate.java‎
Lines changed: 37 additions & 0 deletions b/‎src/main/java/io/github/guacsec/trustifyda/integration/report/ReportTemplate.java‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎src/main/resources/application.properties‎
Lines changed: 28 additions & 0 deletions b/‎src/main/resources/application.properties‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎src/main/resources/freemarker/templates/generated/main.js‎
Lines changed: 1 addition & 1 deletion b/‎src/main/resources/freemarker/templates/generated/main.js‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/main/resources/freemarker/templates/generated/vendor.css‎
Lines changed: 1 addition & 1 deletion b/‎src/main/resources/freemarker/templates/generated/vendor.css‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/main/resources/freemarker/templates/generated/vendor.js‎
Lines changed: 1 addition & 1 deletion b/‎src/main/resources/freemarker/templates/generated/vendor.js‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎ui/.env‎
Lines changed: 1 addition & 5 deletions b/‎ui/.env‎
Lines changed: 1 addition & 5 deletions
diff --git a/‎ui/.env.community‎
Lines changed: 0 additions & 8 deletions b/‎ui/.env.community‎
Lines changed: 0 additions & 8 deletions
diff --git a/‎ui/.env.redhat‎
Lines changed: 0 additions & 8 deletions b/‎ui/.env.redhat‎
Lines changed: 0 additions & 8 deletions
diff --git a/‎ui/BRANDING.md‎
Lines changed: 152 additions & 40 deletions b/‎ui/BRANDING.md‎
Lines changed: 152 additions & 40 deletions
diff --git a/‎ui/package.json‎
Lines changed: 0 additions & 5 deletions b/‎ui/package.json‎
Lines changed: 0 additions & 5 deletions
@@ -58,6 +58,31 @@ public class ReportTemplate {
   @ConfigProperty(name = "telemetry.disabled", defaultValue = "false")
   Boolean disabled;
 
+  // Branding configuration
+  @ConfigProperty(name = "exhort.branding.display.name", defaultValue = "Trustify")
+  String brandingDisplayName;
+
+  @ConfigProperty(name = "exhort.branding.remediation.title", defaultValue = "Remediations")
+  String brandingRemediationTitle;
+
+  @ConfigProperty(name = "exhort.branding.icon", defaultValue = "trustify")
+  String brandingIcon;
+
+  @ConfigProperty(name = "exhort.branding.explore.url", defaultValue = "https://guac.sh/trustify/")
+  String brandingExploreUrl;
+
+  @ConfigProperty(
+      name = "exhort.branding.explore.title",
+      defaultValue = "Learn more about Trustify")
+  String brandingExploreTitle;
+
+  @ConfigProperty(
+      name = "exhort.branding.explore.description",
+      defaultValue =
+          "The Trustify project is a collection of software components that enables you to store"
+              + " and retrieve Software Bill of Materials (SBOMs), and advisory documents.")
+  String brandingExploreDescription;
+
   @Inject ObjectMapper mapper;
 
   public Map<String, Object> setVariables(
@@ -74,6 +99,7 @@ public Map<String, Object> setVariables(
     params.put("cveIssueTemplate", cveIssuePathRegex);
     params.put("imageMapping", getImageMapping());
     params.put("rhdaSource", rhdaSource);
+    params.put("brandingConfig", getBrandingConfig());
     if (!disabled && writeKey.isPresent()) {
       params.put("userId", userId);
       params.put("anonymousId", anonymousId);
@@ -108,6 +134,17 @@ private String getImageMapping() throws JsonProcessingException {
     return objectWriter.writeValueAsString(urlMapping);
   }
 
+  private Map<String, String> getBrandingConfig() {
+    Map<String, String> branding = new HashMap<>();
+    branding.put("displayName", brandingDisplayName);
+    branding.put("remediationTitle", brandingRemediationTitle);
+    branding.put("icon", brandingIcon);
+    branding.put("exploreUrl", brandingExploreUrl);
+    branding.put("exploreTitle", brandingExploreTitle);
+    branding.put("exploreDescription", brandingExploreDescription);
+    return branding;
+  }
+
   @RegisterForReflection
   public static record IssueLinkFormatter(String issuePathRegex) {
 
 
@@ -62,3 +62,31 @@ quarkus.hibernate-orm.sql-load-script=no-file
 %prod.quarkus.datasource.jdbc.url=jdbc:postgresql://${db.postgres.host}:${db.postgres.port}/${db.postgres.database}?sslmode=${db.postgres.sslmode}
 %prod.quarkus.datasource.username=${db.postgres.user}
 %prod.quarkus.datasource.password=${db.postgres.password}
+
+# ====================================================================
+# Branding Configuration Profiles
+# ====================================================================
+
+# Default branding configuration (Community/Trustify)
+exhort.branding.display.name=Trustify
+exhort.branding.remediation.title=Remediations
+exhort.branding.icon=trustify
+exhort.branding.explore.url=https://guac.sh/trustify/
+exhort.branding.explore.title=Learn more about Trustify
+exhort.branding.explore.description=The Trustify project is a collection of software components that enables you to store and retrieve Software Bill of Materials (SBOMs), and advisory documents.
+
+# Red Hat Enterprise branding profile
+%redhat.exhort.branding.display.name=Red Hat
+%redhat.exhort.branding.remediation.title=Red Hat Remediations
+%redhat.exhort.branding.icon=redhat
+%redhat.exhort.branding.explore.url=https://developers.redhat.com/products/trusted-profile-analyzer/overview
+%redhat.exhort.branding.explore.title=Join to explore Red Hat TPA
+%redhat.exhort.branding.explore.description=Check out our new Trustify to get visibility and insight into your software risk profile, for instance by exploring vulnerabilites or analyzing SBOMs.
+
+# Community/Trustify branding profile (explicit)
+%community.exhort.branding.display.name=Trustify
+%community.exhort.branding.remediation.title=Remediations
+%community.exhort.branding.icon=trustify
+%community.exhort.branding.explore.url=https://guac.sh/trustify/
+%community.exhort.branding.explore.title=Learn more about Trustify
+%community.exhort.branding.explore.description=The Trustify project is a collection of software components that enables you to store and retrieve Software Bill of Materials (SBOMs), and advisory documents.
@@ -1,5 +1 @@
-GENERATE_SOURCEMAP=false
-
-# Default branding mode when no specific profile is used
-# Options: community, redhat
-REACT_APP_BRANDING_MODE=community
+GENERATE_SOURCEMAP=false
@@ -1,65 +1,177 @@
 # Branding Configuration
 
-This project supports two branding modes: **Red Hat** (enterprise) and **Community** (Trustify).
+This project supports flexible branding through backend environment variables. The system defaults to **Trustify** branding and allows you to override specific elements as needed.
 
 ## Quick Start
 
-### Prerequisites
-Install the `env-cmd` package to enable environment-specific builds:
+### Using Predefined Profiles
+
+**Community/Trustify branding (default):**
 ```bash
-npm install --save-dev env-cmd
+# Default profile - no additional flags needed
+./mvnw quarkus:dev
+
+# Or explicitly use community profile
+./mvnw quarkus:dev -Dquarkus.profile=community
 ```
 
-### Development
+**Red Hat Enterprise branding:**
 ```bash
-# Start development server with Community branding (default)
-npm run start:community
+./mvnw quarkus:dev -Dquarkus.profile=redhat
+```
 
-# Start development server with Red Hat branding
-npm run start:redhat
+### Using Environment Variables (Alternative)
+```bash
+# Start development server (branding controlled by backend environment variables)
+npm start
 ```
 
 ### Production Build
 ```bash
-# Build Community version
-npm run build:community
+# Build for production (branding controlled by backend environment variables)
+npm run build
+```
+
+## How It Works
+
+1. **Backend Configuration**: Java backend reads `EXHORT_BRANDING_XXX` environment variables
+2. **Runtime Injection**: Branding configuration is passed to the React app through `appData`
+3. **Component Usage**: React components read branding configuration from the app context
+4. **Trustify-First**: All defaults are set to Trustify values, specific brands override as needed
+
+## Available Environment Variables
+
+Configure branding by setting these environment variables for the Java backend:
+
+```bash
+# Brand identity
+EXHORT_BRANDING_DISPLAY_NAME=Your Brand Name           # Used for conditional logic
+EXHORT_BRANDING_REMEDIATION_TITLE=Your Remediation Title     # Title for remediation section
+EXHORT_BRANDING_ICON=icon_name                          # Icon identifier ('redhat' or 'trustify')
 
-# Build Red Hat version
-npm run build:redhat
+# Explore section
+EXHORT_BRANDING_EXPLORE_URL=https://your-url.com       # URL for "Take me there" button
+EXHORT_BRANDING_EXPLORE_TITLE=Your Explore Title             # Title for explore section
+EXHORT_BRANDING_EXPLORE_DESCRIPTION=Your description text    # Description text
 ```
 
-## Configuration Files
+## Branding Logic
 
-### `.env.community` - Community/Trustify Version
-- Uses Trustify branding
-- Points to https://guac.sh/trustify/
-- Shows "Trustify Overview of security issues"
-- Uses Trustify icon for remediations
+The system uses `displayName` for all branding decisions:
 
-### `.env.redhat` - Red Hat Enterprise Version
-- Uses Red Hat branding
-- Points to Red Hat developer portal
-- Shows "Red Hat Overview of security Issues"
-- Uses Red Hat icon for remediations
-- Includes "from Red Hat" in remediation text
+- **Red Hat branding**: Triggered when `displayName === 'Red Hat'`
+- **Community branding**: Default for any other `displayName` value (including fallback to 'Trustify')
 
-## How It Works
+## Examples
+
+### Method 1: Using Predefined Profiles (Recommended)
+
+**Red Hat Enterprise branding:**
+```bash
+./mvnw quarkus:dev -Dquarkus.profile=redhat
+```
+
+**Community/Trustify branding:**
+```bash
+# Default behavior (no profile needed)
+./mvnw quarkus:dev
+
+# Or explicitly
+./mvnw quarkus:dev -Dquarkus.profile=community
+```
+
+**Production builds with profiles:**
+```bash
+# Red Hat production build
+./mvnw clean package -Dquarkus.profile=redhat
 
-1. **Environment Variables**: Different `.env` files define branding configuration
-2. **Branding Config**: `src/config/branding.ts` reads environment variables and provides typed configuration
-3. **Conditional Rendering**: Components use `getBrandingConfig()` to conditionally render content based on branding mode
+# Community production build
+./mvnw clean package -Dquarkus.profile=community
+```
+
+### Method 2: Using Environment Variables
+
+**Red Hat Enterprise Configuration:**
+```bash
+export EXHORT_BRANDING_DISPLAY_NAME="Red Hat"
+export EXHORT_BRANDING_REMEDIATION_TITLE="Red Hat Remediations"
+export EXHORT_BRANDING_ICON="redhat"
+export EXHORT_BRANDING_EXPLORE_URL="https://developers.redhat.com/products/trusted-profile-analyzer/overview"
+export EXHORT_BRANDING_EXPLORE_TITLE="Join to explore Red Hat TPA"
+export EXHORT_BRANDING_EXPLORE_DESCRIPTION="Check out our new Trustify to get visibility and insight into your software risk profile, for instance by exploring vulnerabilites or analyzing SBOMs."
+
+./mvnw quarkus:dev
+```
 
-## Customizing Branding
+**Community/Trustify Configuration:**
+```bash
+export EXHORT_BRANDING_DISPLAY_NAME="Trustify"
+export EXHORT_BRANDING_REMEDIATION_TITLE="Remediations"
+export EXHORT_BRANDING_ICON="trustify"
+export EXHORT_BRANDING_EXPLORE_URL="https://guac.sh/trustify/"
+export EXHORT_BRANDING_EXPLORE_TITLE="Learn more about Trustify"
+export EXHORT_BRANDING_EXPLORE_DESCRIPTION="The Trustify project is a collection of software components that enables you to store and retrieve Software Bill of Materials (SBOMs), and advisory documents."
 
-To modify branding, edit the respective `.env` file:
+./mvnw quarkus:dev
+```
 
+### Custom Branding
 ```bash
-REACT_APP_BRANDING_MODE=community|redhat
-REACT_APP_BRAND_NAME=Your Brand Name
-REACT_APP_BRAND_TITLE=Your Overview Title
-REACT_APP_REMEDIATION_TITLE=Your Remediation Title
-REACT_APP_BRAND_ICON=icon_name
-REACT_APP_BRAND_URL=https://your-url.com
-REACT_APP_EXPLORE_TITLE=Your Explore Title
-REACT_APP_EXPLORE_DESCRIPTION=Your description text
-```
+export EXHORT_BRANDING_DISPLAY_NAME="My Company"
+export EXHORT_BRANDING_REMEDIATION_TITLE="My Company Remediations"
+export EXHORT_BRANDING_ICON="trustify"  # Use trustify icon as fallback
+export EXHORT_BRANDING_EXPLORE_URL="https://mycompany.com"
+export EXHORT_BRANDING_EXPLORE_TITLE="Learn about My Company"
+export EXHORT_BRANDING_EXPLORE_DESCRIPTION="Custom description for our security platform."
+```
+
+## Backend Integration
+
+The branding configuration is handled in `ReportTemplate.java`:
+
+```java
+@ConfigProperty(name = "exhort.branding.display.name", defaultValue = "Trustify")
+String brandingDisplayName;
+
+@ConfigProperty(name = "exhort.branding.remediation.title", defaultValue = "Remediations")
+String brandingRemediationTitle;
+
+// ... additional configuration properties
+
+private Map<String, String> getBrandingConfig() {
+  Map<String, String> branding = new HashMap<>();
+  branding.put("displayName", brandingDisplayName);
+  branding.put("remediationTitle", brandingRemediationTitle);
+  branding.put("icon", brandingIcon);
+  branding.put("exploreUrl", brandingExploreUrl);
+  branding.put("exploreTitle", brandingExploreTitle);
+  branding.put("exploreDescription", brandingExploreDescription);
+  return branding;
+}
+```
+
+The configuration is then passed to the frontend via the `appData` object in the Freemarker template.
+
+## Profile Configuration
+
+The branding profiles are defined in `src/main/resources/application.properties`:
+
+```properties
+# Default branding configuration (Community/Trustify)
+exhort.branding.display.name=Trustify
+exhort.branding.remediation.title=Remediations
+exhort.branding.icon=trustify
+exhort.branding.explore.url=https://guac.sh/trustify/
+exhort.branding.explore.title=Learn more about Trustify
+exhort.branding.explore.description=The Trustify project is a collection of software components that enables you to store and retrieve Software Bill of Materials (SBOMs), and advisory documents.
+
+# Red Hat Enterprise branding profile
+%redhat.exhort.branding.display.name=Red Hat
+%redhat.exhort.branding.remediation.title=Red Hat Remediations
+%redhat.exhort.branding.icon=redhat
+%redhat.exhort.branding.explore.url=https://developers.redhat.com/products/trusted-profile-analyzer/overview
+%redhat.exhort.branding.explore.title=Join to explore Red Hat TPA
+%redhat.exhort.branding.explore.description=Check out our new Trustify to get visibility and insight into your software risk profile, for instance by exploring vulnerabilites or analyzing SBOMs.
+```
+
+Environment variables will override profile settings if both are provided.
@@ -26,11 +26,7 @@
   },
   "scripts": {
     "start": "craco start",
-    "start:community": "env-cmd -f .env.community craco start",
-    "start:redhat": "env-cmd -f .env.redhat craco start",
     "build": "craco build && yarn copy:js:main && yarn copy:js:vendor && yarn copy:css:main && yarn copy:css:vendor",
-    "build:community": "env-cmd -f .env.community craco build && yarn copy:js:main && yarn copy:js:vendor && yarn copy:css:main && yarn copy:css:vendor",
-    "build:redhat": "env-cmd -f .env.redhat craco build && yarn copy:js:main && yarn copy:js:vendor && yarn copy:css:main && yarn copy:css:vendor",
     "test": "react-scripts test",
     "eject": "react-scripts eject",
     "copy:js:main": "cp build/static/js/main.js ../src/main/resources/freemarker/templates/generated/main.js",
@@ -64,7 +60,6 @@
     "@babel/plugin-proposal-private-property-in-object": "^7.21.11",
     "@babel/plugin-transform-destructuring": "^7.25.9",
     "@craco/craco": "^7.1.0",
-    "env-cmd": "^10.1.0",
     "prettier": "^3.0.1"
   }
 }