stacklok
diff --git a/‎.env.example‎
Lines changed: 54 additions & 0 deletions b/‎.env.example‎
Lines changed: 54 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎CODE_OF_CONDUCT.md‎
Lines changed: 46 additions & 0 deletions b/‎CODE_OF_CONDUCT.md‎
Lines changed: 46 additions & 0 deletions
diff --git a/‎CONTRIBUTING.md‎
Lines changed: 131 additions & 0 deletions b/‎CONTRIBUTING.md‎
Lines changed: 131 additions & 0 deletions
@@ -0,0 +1,54 @@
+# ToolHive Cloud UI - Environment Variables
+# Copy this file to .env.local and fill in the values
+
+# =============================================================================
+# REQUIRED FOR PRODUCTION
+# =============================================================================
+
+# OIDC Provider Configuration
+# Your OIDC provider's issuer URL (e.g., https://your-oidc-provider.com)
+OIDC_ISSUER_URL=
+
+# OAuth2 Client ID from your OIDC provider
+OIDC_CLIENT_ID=
+
+# OAuth2 Client Secret from your OIDC provider
+OIDC_CLIENT_SECRET=
+
+# OIDC Provider identifier (e.g., "okta", "auth0", "oidc")
+# Must use NEXT_PUBLIC_ prefix (required for both server and client)
+NEXT_PUBLIC_OIDC_PROVIDER_ID=
+
+# Better Auth Configuration
+# Secret key for token encryption (generate with: openssl rand -base64 32)
+BETTER_AUTH_SECRET=
+
+# Your application's base URL (e.g., https://your-app.example.com)
+BETTER_AUTH_URL=
+
+# Backend API Configuration
+# ToolHive Registry Server API URL
+API_BASE_URL=
+
+# =============================================================================
+# OPTIONAL
+# =============================================================================
+
+# Trusted Origins (comma-separated list)
+# Additional origins allowed for CORS and auth callbacks
+# TRUSTED_ORIGINS=http://localhost:3002,http://localhost:3003
+
+# =============================================================================
+# DEVELOPMENT ONLY (automatically set by dev server)
+# =============================================================================
+
+# These are set automatically when running 'pnpm dev'
+# No need to set them manually for local development
+
+# NODE_ENV=development
+# OIDC_ISSUER_URL=http://localhost:3001
+# OIDC_CLIENT_ID=web-client
+# OIDC_CLIENT_SECRET=web-secret
+# NEXT_PUBLIC_OIDC_PROVIDER_ID=oidc
+# BETTER_AUTH_URL=http://localhost:3000
+# API_BASE_URL=http://localhost:9090
@@ -36,6 +36,7 @@ yarn-error.log*
 
 # env files (can opt-in for committing if needed)
 .env*
+!.env.example
 
 # vercel
 .vercel
 
@@ -0,0 +1,46 @@
+# Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+- Using welcoming and inclusive language
+- Being respectful of differing viewpoints and experiences
+- Gracefully accepting constructive criticism
+- Focusing on what is best for the community
+- Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+- The use of sexualized language or imagery and unwelcome sexual attention or advances
+- Trolling, insulting/derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or electronic address, without explicit permission
+- Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at <code-of-conduct@stacklok.com>. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/
@@ -0,0 +1,131 @@
+# Contributing to ToolHive Cloud UI
+
+<!-- omit from toc -->
+
+First off, thank you for taking the time to contribute to ToolHive Cloud UI! :+1: :tada:
+
+ToolHive Cloud UI is released under the Apache 2.0 license. If you would like to contribute something or want to hack on the code, this document should help you get started. You can find development guidelines in the [README.md](./README.md).
+
+## Table of contents
+
+<!-- omit from toc -->
+
+- [Code of conduct](#code-of-conduct)
+- [Reporting security vulnerabilities](#reporting-security-vulnerabilities)
+- [How to contribute](#how-to-contribute)
+  - [Using GitHub Issues](#using-github-issues)
+  - [Not sure how to start contributing?](#not-sure-how-to-start-contributing)
+  - [Pull request process](#pull-request-process)
+- [Commit message guidelines](#commit-message-guidelines)
+
+## Code of conduct
+
+This project adheres to the [Contributor Covenant](./CODE_OF_CONDUCT.md) code of conduct. By participating, you are expected to uphold this code. Please report unacceptable behavior to [code-of-conduct@stacklok.com](mailto:code-of-conduct@stacklok.com).
+
+## Reporting security vulnerabilities
+
+If you think you have found a security vulnerability in ToolHive Cloud UI please DO NOT disclose it publicly until we've had a chance to fix it. Please don't report security vulnerabilities using GitHub issues; instead, please follow this [process](./SECURITY.md)
+
+## How to contribute
+
+### Using GitHub Issues
+
+We use GitHub issues to track bugs and enhancements. If you have a general usage question, please ask in [ToolHive's discussion forum](https://discord.gg/stacklok).
+
+If you are reporting a bug, please help to speed up problem diagnosis by providing as much information as possible. Ideally, that would include:
+
+- A clear description of the issue
+- Steps to reproduce
+- Expected vs actual behavior
+- Environment details (OS, Node version, browser, etc.)
+
+### Not sure how to start contributing?
+
+PRs to resolve existing issues are greatly appreciated, and issues labeled as ["good first issue"](https://github.com/stacklok/toolhive-cloud-ui/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22) are a great place to start!
+
+### Pull request process
+
+- All commits must include a Signed-off-by trailer at the end of each commit message to indicate that the contributor agrees to the Developer Certificate of Origin (DCO). Use `git commit -s` to add this automatically.
+
+- Create an issue outlining the fix or feature.
+
+- Fork the ToolHive Cloud UI repository to your own GitHub account and clone it locally:
+
+  ```bash
+  git clone https://github.com/YOUR_USERNAME/toolhive-cloud-ui.git
+  cd toolhive-cloud-ui
+  pnpm install
+  ```
+
+- Hack on your changes.
+
+- Ensure code quality before committing:
+
+  ```bash
+  pnpm lint          # Run linter
+  pnpm format        # Format code
+  pnpm test          # Run tests
+  pnpm type-check    # TypeScript validation
+  ```
+
+- Follow the project guidelines:
+
+  - Use Server Components by default, Client Components only when necessary
+  - Always use the generated hey-api client for API calls
+  - Use `async/await` (never `.then()` promise chains)
+  - **Never use `any` type** - use proper types or `unknown` with type guards
+  - Use shadcn/ui components (don't create custom UI components)
+  - Follow existing patterns in the codebase
+
+  See [AGENTS.md](./AGENTS.md) and [CLAUDE.md](./CLAUDE.md) for detailed guidelines.
+
+- Correctly format your commit messages, see [Commit message guidelines](#commit-message-guidelines) below.
+
+- Open a PR with a title that follows the conventional commit format (e.g., `feat: add new feature` or `fix: resolve issue`). The PR title will be validated to ensure it follows the conventional commit specification. Ensure the description reflects the content of the PR.
+
+- Ensure that CI passes, if it fails, fix the failures.
+
+- Every pull request requires a review from the core ToolHive team before merging.
+
+- Once approved, all of your commits will be squashed into a single commit with your PR title.
+
+## Commit message guidelines
+
+We follow the [Conventional Commits](https://www.conventionalcommits.org/) specification for commit messages:
+
+```text
+<type>[optional scope]: <description>
+
+[optional body]
+
+[optional footer(s)]
+```
+
+**Types:**
+
+- `feat`: A new feature
+- `fix`: A bug fix
+- `docs`: Documentation only changes
+- `style`: Changes that do not affect the meaning of the code (white-space, formatting, etc.)
+- `refactor`: A code change that neither fixes a bug nor adds a feature
+- `perf`: A code change that improves performance
+- `test`: Adding missing tests or correcting existing tests
+- `chore`: Changes to the build process or auxiliary tools and libraries
+
+**Examples:**
+
+- `feat: add server URL copy functionality`
+- `fix(ui): resolve button alignment issue in dark mode`
+- `docs: update installation instructions`
+- `test: add unit tests for authentication flow`
+- `chore: update dependencies`
+
+**Signed-off-by:**
+
+All commits must include a Signed-off-by line:
+
+```bash
+git commit -s -m "feat: add new feature"
+```
+
+This certifies that you agree to the [Developer Certificate of Origin (DCO)](https://developercertificate.org/).