feat: separate Red Hat and Community profiles for HTML report (#522)

* feat: separate Red Hat and Community profiles for HTML report

* feat: updat general solution for backend

* feat: add imageRecommendation refactor to programmatically get brandingConfig and update README

* fix: simplify the logic

fix: add imageRemediationLink

fix: adapt HtmlReportTest by adding imageRecommend and imageRemediationLink to test configuration

Author: soul2zimate

src/main/java/io/github/guacsec/trustifyda/integration/report/BrandingConfig.java

@@ -0,0 +1,35 @@
+/*
+ * Copyright 2023-2025 Trustify Dependency Analytics Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.github.guacsec.trustifyda.integration.report;
+
+import io.smallrye.config.ConfigMapping;
+
+@ConfigMapping(prefix = "branding")
+public interface BrandingConfig {
+  String displayName();
+
+  String exploreUrl();
+
+  String exploreTitle();
+
+  String exploreDescription();
+
+  String imageRecommendation();
+
+  String imageRemediationLink();
+}

src/main/java/io/github/guacsec/trustifyda/integration/report/ReportTemplate.java

@@ -26,6 +26,8 @@
 import org.apache.camel.Body;
 import org.apache.camel.Exchange;
 import org.apache.camel.ExchangeProperty;
+import org.eclipse.microprofile.config.Config;
+import org.eclipse.microprofile.config.ConfigProvider;
 import org.eclipse.microprofile.config.inject.ConfigProperty;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
@@ -74,6 +76,8 @@ public Map<String, Object> setVariables(
     params.put("cveIssueTemplate", cveIssuePathRegex);
     params.put("imageMapping", getImageMapping());
     params.put("rhdaSource", rhdaSource);
+    getBrandingConfig()
+        .ifPresent(config -> params.put("brandingConfig", getBrandingConfigMap(config)));
     if (!disabled && writeKey.isPresent()) {
       params.put("userId", userId);
       params.put("anonymousId", anonymousId);
@@ -108,6 +112,98 @@ private String getImageMapping() throws JsonProcessingException {
     return objectWriter.writeValueAsString(urlMapping);
   }
 
+  private Optional<BrandingConfig> getBrandingConfig() {
+    try {
+      Config config = ConfigProvider.getConfig();
+      return config
+          .getOptionalValue("branding.display-name", String.class)
+          .filter(displayName -> !displayName.isEmpty())
+          .map(
+              displayName ->
+                  new BrandingConfigImpl(
+                      displayName,
+                      config.getOptionalValue("branding.explore-url", String.class).orElse(""),
+                      config.getOptionalValue("branding.explore-title", String.class).orElse(""),
+                      config
+                          .getOptionalValue("branding.explore-description", String.class)
+                          .orElse(""),
+                      config
+                          .getOptionalValue("branding.image-recommendation", String.class)
+                          .orElse(""),
+                      config
+                          .getOptionalValue("branding.image-remediation-link", String.class)
+                          .orElse("")));
+    } catch (Exception e) {
+      return Optional.empty();
+    }
+  }
+
+  private Map<String, String> getBrandingConfigMap(BrandingConfig config) {
+    Map<String, String> branding = new HashMap<>();
+    branding.put("displayName", config.displayName());
+    branding.put("exploreUrl", config.exploreUrl());
+    branding.put("exploreTitle", config.exploreTitle());
+    branding.put("exploreDescription", config.exploreDescription());
+    branding.put("imageRecommendation", config.imageRecommendation());
+    branding.put("imageRemediationLink", config.imageRemediationLink());
+    return branding;
+  }
+
+  @RegisterForReflection
+  private static class BrandingConfigImpl implements BrandingConfig {
+    private final String displayName;
+    private final String exploreUrl;
+    private final String exploreTitle;
+    private final String exploreDescription;
+    private final String imageRecommendation;
+    private final String imageRemediationLink;
+
+    public BrandingConfigImpl(
+        String displayName,
+        String exploreUrl,
+        String exploreTitle,
+        String exploreDescription,
+        String imageRecommendation,
+        String imageRemediationLink) {
+      this.displayName = displayName;
+      this.exploreUrl = exploreUrl;
+      this.exploreTitle = exploreTitle;
+      this.exploreDescription = exploreDescription;
+      this.imageRecommendation = imageRecommendation;
+      this.imageRemediationLink = imageRemediationLink;
+    }
+
+    @Override
+    public String displayName() {
+      return displayName;
+    }
+
+    @Override
+    public String exploreUrl() {
+      return exploreUrl;
+    }
+
+    @Override
+    public String exploreTitle() {
+      return exploreTitle;
+    }
+
+    @Override
+    public String exploreDescription() {
+      return exploreDescription;
+    }
+
+    @Override
+    public String imageRecommendation() {
+      return imageRecommendation;
+    }
+
+    @Override
+    public String imageRemediationLink() {
+      return imageRemediationLink;
+    }
+  }
+
   @RegisterForReflection
   public static record IssueLinkFormatter(String issuePathRegex) {
 

src/main/resources/application.properties

@@ -62,3 +62,13 @@ quarkus.hibernate-orm.sql-load-script=no-file
 %prod.quarkus.datasource.jdbc.url=jdbc:postgresql://${db.postgres.host}:${db.postgres.port}/${db.postgres.database}?sslmode=${db.postgres.sslmode}
 %prod.quarkus.datasource.username=${db.postgres.user}
 %prod.quarkus.datasource.password=${db.postgres.password}
+
+# ====================================================================
+# Branding Configuration Profiles
+# ====================================================================
+
+# Default branding configuration (Community/Trustify) Example:
+#branding.display.name=Trustify
+#branding.explore.url=https://guac.sh/trustify/
+#branding.explore.title=Learn more about Trustify
+#branding.explore.description=The Trustify project is a collection of software components that enables you to store and retrieve Software Bill of Materials (SBOMs), and advisory documents.

src/main/resources/freemarker/templates/generated/main.js

@@ -263,10 +263,8 @@ public void testBatchHtmlWithToken() throws IOException {
     List<HtmlElement> sectionElements = rootElement.getByXPath("./section");
     assertEquals(1, sectionElements.size());
     List<HtmlAnchor> anchorElements =
-        page.getByXPath(
-            "//a[contains(@href, 'https://catalog.redhat.com/software/containers/ubi9/')]");
+        page.getByXPath("//a[contains(@href, 'https://test-catalog.example.com/containers/ubi9')]");
     assertTrue(!anchorElements.isEmpty(), "At least one href contains the desired substring");
-
     verifyTrustifyRequest(OK_TOKEN, 3);
   }
 

src/main/resources/freemarker/templates/generated/vendor.js

@@ -15,3 +15,11 @@ quarkus.hibernate-orm.sql-load-script=db/h2/V2__insert_data.sql
 provider.trustify.auth.server-url=${keycloak.url}/realms/trustify
 provider.trustify.auth.client-id=test-trustify-client
 provider.trustify.auth.client-secret=test-trustify-secret
+
+# Branding configuration for testing
+branding.display-name=Trustify Test
+branding.explore-url=https://guac.sh/trustify/
+branding.explore-title=Learn more about Trustify
+branding.explore-description=The Trustify project is a collection of software components that enables you to store and retrieve Software Bill of Materials (SBOMs), and advisory documents.
+branding.image-recommendation=Test container image recommendations for enhanced security.
+branding.image-remediation-link=https://test-catalog.example.com/containers/

src/test/java/io/github/guacsec/trustifyda/integration/HtmlReportTest.java

@@ -0,0 +1,108 @@
+# Branding Configuration
+
+This project supports flexible branding through backend environment variables. The system uses **default** branding and allows you to override specific elements as needed.
+
+## Profile Configuration
+
+The branding profiles are defined in `src/main/resources/application.properties`:
+
+```properties
+# Default branding configuration (Community/Trustify)
+branding.display.name=Trustify
+branding.explore.url=https://guac.sh/trustify/
+branding.explore.title=Learn more about Trustify
+branding.explore.description=The Trustify project is a collection of software components that enables you to store and retrieve Software Bill of Materials (SBOMs), and advisory documents.
+branding.image.recommendation=
+branding.image.remediation.link=
+
+# Example: Custom organization branding profile
+%myorg.branding.display.name=MyOrg
+%myorg.branding.explore.url=https://example.com/security-tools
+%myorg.branding.explore.title=Learn about MyOrg Security
+%myorg.branding.explore.description=Explore our comprehensive security analysis tools and vulnerability management platform.
+%myorg.branding.image.recommendation=Custom container image recommendations for enhanced security.
+%myorg.branding.image.remediation.link=https://example.com/container-catalog
+```
+
+## Examples
+
+### Method 1: Using Predefined Profile
+
+To create a new branding profile for your organization:
+
+1. **Add profile configuration** to `src/main/resources/application.properties`:
+   ```properties
+   # Replace 'myorg' with your organization identifier
+   %myorg.branding.display.name=Your Organization Name
+   %myorg.branding.explore.url=https://your-org.com/security
+   %myorg.branding.explore.title=Learn about Your Org Security
+   %myorg.branding.explore.description=Your custom description here.
+   %myorg.branding.image.recommendation=Your custom container image recommendation text.
+   %myorg.branding.image.remediation.link=https://your-org.com/container-catalog
+   ```
+
+2. **Use the profile** when running the application:
+   ```bash
+   ./mvnw quarkus:dev -Dquarkus.profile=myorg
+   ```
+
+3. **Override icons in private projects** using CSS to provide custom organization icons
+
+### Method 2: Using Environment Variables
+
+**Custom Organization Configuration:**
+```bash
+export BRANDING_DISPLAY_NAME="MyOrg"
+export BRANDING_EXPLORE_URL="https://example.com/security-tools"
+export BRANDING_EXPLORE_TITLE="Learn about MyOrg Security"
+export BRANDING_EXPLORE_DESCRIPTION="Explore our comprehensive security analysis tools and vulnerability management platform."
+export BRANDING_IMAGE_RECOMMENDATION="Custom container image recommendations for enhanced security."
+export BRANDING_IMAGE_REMEDIATION_LINK="https://example.com/container-catalog"
+
+./mvnw quarkus:dev
+```
+
+Environment variables will override profile settings if both are provided.
+
+## Custom Icon Implementation
+
+To implement a completely custom icon for your organization, follow this step-by-step guide:
+
+**Step 1: Add your custom icon**
+```bash
+# Copy your organization's icon to the UI assets directory
+cp /path/to/myorg.png /path/to/trustify-dependency-analytics/ui/src/images/myorg.png
+```
+
+**Step 2: Create CSS override**
+Add the following CSS to `/ui/src/index.css`:
+```css
+/* Custom icon override - Replace Trustify icon with MyOrg icon */
+img[alt="My Org Icon"] {
+  content: url('./images/myorg.png') !important;
+  width: 16px !important;
+  height: 16px !important;
+}
+```
+
+**Step 3: Configure organization branding**
+Add to `/src/main/resources/application.properties`:
+```properties
+# MyOrg custom branding profile
+%myorg.branding.display.name=MyOrg
+%myorg.branding.explore.url=https://myorg.com/security
+%myorg.branding.explore.title=Learn about MyOrg Security
+%myorg.branding.explore.description=Explore our comprehensive security analysis tools and vulnerability management platform.
+%myorg.branding.image.recommendation=Custom container image recommendations for enhanced security.
+%myorg.branding.image.remediation.link=https://myorg.com/container-catalog
+```
+
+**Step 4: Build with your changes**
+```bash
+cd ui && npm run build
+```
+
+**Step 5: Run with your branding**
+```bash
+./mvnw quarkus:dev -Dquarkus.profile=myorg
+```

src/test/resources/application.properties

@@ -10,6 +10,16 @@ export interface AppData {
   anonymousId?: string | null;
   writeKey?: string | null;
   rhdaSource?: string | null;
+  brandingConfig?: BrandingConfig;
+}
+
+export interface BrandingConfig {
+  displayName: string;
+  exploreUrl: string;
+  exploreTitle: string;
+  exploreDescription: string;
+  imageRecommendation: string;
+  imageRemediationLink: string;
 }
 
 export interface ReportMap {