CADC-14486 RAFTS frontend

rafts/.env.example

@@ -0,0 +1,142 @@
+# =============================================================================
+# RAFTS Environment Configuration
+# =============================================================================
+# Copy this file to .env and configure for your environment
+# Usage: cp .env.example .env
+#
+# Variables marked [SECRET] should be kept secure and not committed to git
+# Variables marked [REQUIRED] must be set for the application to work
+# Variables marked [BUILD-TIME] require image rebuild when changed
+# =============================================================================
+
+# =============================================================================
+# DEPLOYMENT CONFIGURATION
+# =============================================================================
+
+# Domain where RAFTS will be accessible [REQUIRED]
+# Examples: rafts.example.com, localhost
+RAFTS_DOMAIN=rafts.localhost
+
+# Base path for subpath deployment [BUILD-TIME]
+# Leave empty for root deployment (rafts.example.com)
+# Set to /rafts for subpath deployment (example.com/rafts)
+# IMPORTANT: Changing this requires rebuilding the Docker image!
+RAFTS_BASE_PATH=
+
+# =============================================================================
+# TRAEFIK CONFIGURATION (for docker-compose.traefik.yml)
+# =============================================================================
+
+# Traefik network name (must exist)
+# TRAEFIK_NETWORK=traefik_proxy
+
+# Traefik entrypoint (websecure for HTTPS, web for HTTP)
+# TRAEFIK_ENTRYPOINT=websecure
+
+# Traefik certificate resolver name
+# TRAEFIK_CERTRESOLVER=letsencrypt
+
+# =============================================================================
+# NEXTAUTH CONFIGURATION
+# =============================================================================
+
+# [REQUIRED] Public URL where the application is accessible
+# For production: https://rafts.example.com
+# For local dev: http://localhost:3000
+NEXTAUTH_URL=http://localhost:3000
+
+# [SECRET] [REQUIRED] Random secret for session encryption
+# Generate with: openssl rand -base64 32
+NEXTAUTH_SECRET=CHANGE_ME_generate_with_openssl_rand_base64_32
+
+# Enable debug logging (set to 'false' in production)
+NEXTAUTH_DEBUG=false
+
+# =============================================================================
+# APPLICATION SETTINGS
+# =============================================================================
+
+# Base path prefix (empty for root, or '/subpath' for subdomain deployment)
+NEXT_PUBLIC_BASE_PATH=
+
+# Public API URL (usually same as NEXTAUTH_URL + /api)
+NEXT_PUBLIC_API_URL=http://localhost:3000/api
+
+# Enable review workflow feature
+UI_REVIEW_ENABLED=true
+
+# =============================================================================
+# CADC ACCESS CONTROL (AC) SERVICE
+# =============================================================================
+# These URLs point to the CADC authentication and authorization services
+# Default values work with CANFAR production environment
+
+# Login endpoint for CADC authentication
+NEXT_CANFAR_AC_LOGIN_URL=https://ws-cadc.canfar.net/ac/login
+
+# User search endpoint
+NEXT_CANFAR_AC_SEARCH_URL=https://ws-cadc.canfar.net/ac/search
+
+# Who am I endpoint (user identity)
+NEXT_CANFAR_AC_WHOAMI_URL=https://ws-cadc.canfar.net/ac/whoami
+
+# Groups endpoint
+NEXT_CANFAR_AC_GROUPS_URL=https://ws-cadc.canfar.net/ac/groups
+
+# [REQUIRED] Group name for RAFT reviewers (must exist in AC service)
+NEXT_CANFAR_RAFT_GROUP_NAME=RAFTS-reviewers
+
+# =============================================================================
+# DOI SERVICE CONFIGURATION
+# =============================================================================
+
+# [REQUIRED] DOI service base URL
+# Production: https://ws-cadc.canfar.net/doi/instances
+# QA: https://rafts-api-qa.testapp.ca/rafts/instances
+# Local dev with Docker DOI: http://host.docker.internal:8080/rafts/instances
+NEXT_DOI_BASE_URL=https://ws-cadc.canfar.net/doi/instances
+
+# =============================================================================
+# STORAGE CONFIGURATION (CANFAR Vault/VOSpace)
+# =============================================================================
+
+# Base URL for file storage operations
+NEXT_CANFAR_STORAGE_BASE_URL=https://ws-cadc.canfar.net/vault/files
+
+# Vault endpoint for file operations
+NEXT_VAULT_BASE_ENDPOINT=https://ws-cadc.canfar.net/vault/files
+
+# Storage path prefix for RAFT data
+# Production: AstroDataCitationDOI/CISTI.CANFAR
+# Test: rafts-test
+NEXT_CITE_URL=AstroDataCitationDOI/CISTI.CANFAR
+
+# =============================================================================
+# SSO COOKIE CONFIGURATION
+# =============================================================================
+
+# Cookie key for CADC SSO token
+NEXT_COOKIE_SSO_KEY=CADC_SSO
+
+# Cookie domains for CANFAR and CADC
+NEXT_CANFAR_COOKIE_DOMAIN=canfar.net
+NEXT_CANFAR_COOKIE_URL=https://www.canfar.net/access/sso?cookieValue=
+NEXT_CADC_COOKIE_DOMAIN=cadc-ccda.hia-iha.nrc-cnrc.gc.ca
+NEXT_CADC_COOKIE_URL=https://www.cadc-ccda.hia-iha.nrc-cnrc.gc.ca/access/sso?cookieValue=
+
+# =============================================================================
+# VALIDATOR SERVICE (Internal - usually auto-configured)
+# =============================================================================
+# These are typically overridden by docker-compose for internal networking
+# Only set manually if running validator externally
+
+# NEXT_PUBLIC_VALIDATOR_URL_XML=http://localhost:8000/validate-xml
+# NEXT_PUBLIC_VALIDATOR_URL_PSV=http://localhost:8000/validate-psv
+# NEXT_PUBLIC_VALIDATOR_URL_MPC=http://localhost:8000/validate-mpc
+
+# =============================================================================
+# SSL/TLS CONFIGURATION (for production with HTTPS)
+# =============================================================================
+
+# Disable TLS verification (ONLY for local development with self-signed certs)
+# NODE_TLS_REJECT_UNAUTHORIZED=0

rafts/.gitignore

@@ -0,0 +1,173 @@
+# =============================================================================
+# RAFTS Repository - Root .gitignore
+# =============================================================================
+# This file covers root-level ignores. Subprojects have their own .gitignore
+# files for project-specific patterns.
+# =============================================================================
+
+# =============================================================================
+# ENVIRONMENT & SECRETS
+# =============================================================================
+# Environment files contain secrets - NEVER commit these
+.env
+.env.local
+.env.development
+.env.development.local
+.env.test
+.env.test.local
+.env.production
+.env.production.local
+*.env.backup
+
+# Keep the example template
+!.env.example
+
+# SSL certificates and keys
+*.pem
+*.key
+*.crt
+*.p12
+*.jks
+
+# =============================================================================
+# OPERATING SYSTEM
+# =============================================================================
+# macOS
+.DS_Store
+.AppleDouble
+.LSOverride
+._*
+.Spotlight-V100
+.Trashes
+
+# Windows
+Thumbs.db
+ehthumbs.db
+Desktop.ini
+$RECYCLE.BIN/
+
+# Linux
+*~
+.directory
+
+# =============================================================================
+# IDE & EDITORS
+# =============================================================================
+# JetBrains (IntelliJ, WebStorm, PyCharm)
+.idea/
+*.iml
+*.ipr
+*.iws
+out/
+
+# Visual Studio Code
+.vscode/
+*.code-workspace
+
+# Vim/Neovim
+*.swp
+*.swo
+*.swn
+*~
+Session.vim
+.netrwhist
+
+# Emacs
+*~
+\#*\#
+.#*
+auto-save-list
+
+# Sublime Text
+*.sublime-project
+*.sublime-workspace
+
+# =============================================================================
+# AI ASSISTANT CONFIGS & PROMPTING FILES
+# =============================================================================
+# Claude Code project-specific settings
+.claude/
+CLAUDE.md
+
+# GitHub Copilot
+.copilot/
+
+# Cursor
+.cursor/
+
+# Codex and other AI assistants
+.codex/
+.aider*
+.continue/
+
+# =============================================================================
+# DEVELOPMENT DOCUMENTATION (Internal/Planning)
+# =============================================================================
+# Development notes, planning docs, guides
+doc_n_dev/
+**/doc_n_dev/
+
+# =============================================================================
+# DOCKER
+# =============================================================================
+# Docker Compose override files (local customizations)
+docker-compose.override.yml
+docker-compose.local.yml
+
+# Docker data volumes (if mounted locally)
+docker-data/
+volumes/
+
+# =============================================================================
+# LOGS & TEMPORARY FILES
+# =============================================================================
+*.log
+logs/
+tmp/
+temp/
+.tmp/
+.temp/
+.cache/
+
+# =============================================================================
+# BUILD ARTIFACTS (Root Level)
+# =============================================================================
+dist/
+build/
+out/
+
+# =============================================================================
+# JAVA/GRADLE (For parent monorepo compatibility)
+# =============================================================================
+# Gradle
+.gradle/
+build/
+!gradle/wrapper/gradle-wrapper.jar
+
+# Maven
+target/
+pom.xml.tag
+pom.xml.releaseBackup
+pom.xml.versionsBackup
+pom.xml.next
+release.properties
+
+# =============================================================================
+# MISCELLANEOUS
+# =============================================================================
+# Backup files
+*.bak
+*.backup
+*.orig
+
+# Archives (shouldn't be in repo)
+*.zip
+*.tar.gz
+*.tgz
+*.rar
+*.7z
+
+# Local notes (personal)
+TODO.local.md
+NOTES.local.md
+scratch.*