ROX-32677-vuln-in-console: adding new content for vulnerability info …#106918
ROX-32677-vuln-in-console: adding new content for vulnerability info …#106918jlprevatt wants to merge 1 commit intoopenshift:rhacs-docs-mainfrom
Conversation
openshift-ci
bot
added
the
size/M
|
/retest |
openshift-ci
bot
added
the
needs-ok-to-test
|
/ok-to-test |
|
Hi @jlprevatt. Thanks for your PR. I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
🤖 Wed Feb 18 17:48:57 - Prow CI generated the docs preview: |
openshift-ci
bot
added
ok-to-test
|
@jlprevatt: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
kcarmichael08
left a comment
kcarmichael08
left a comment
There was a problem hiding this comment.
This looks great! We just need to figure out where we want the assembly to show up in the content and add it into the topic map so it shows up in the doc.
There was a problem hiding this comment.
We need to add an entry to the topic_map.yml file so that this assembly file gets put in the TOC and gets published. Right now it's not showing up in the preview because it's not in the TOC/yaml file. Not sure of the best place to put it - if it's in the "configuring" folder, it would go somewhere in this left TOC, but it doesn't really fit there so I'm not sure.
| By enabling the {rh-rhacs-console-plugin} dynamic plugin during the installation of the {product-title-short} operator, you can access vulnerability management information for your secured cluster workloads directly from the {ocp} web console. | ||
| // FOR YOUR...: workloads? clusters? cluster workloads? | ||
|
|
||
| With this dynamic plugin, data gathered by the {rh-rhacs-first} vulnerability management tools is displayed in the {ocp} interface, providing information about CVEs, image and workload vulnerabilities, and verified image signature status. Authorized security administrators, platform engineers, and application developers gain a unified view of security status that is embedded in their day-to-day {ocp} workflows. |
There was a problem hiding this comment.
| With this dynamic plugin, data gathered by the {rh-rhacs-first} vulnerability management tools is displayed in the {ocp} interface, providing information about CVEs, image and workload vulnerabilities, and verified image signature status. Authorized security administrators, platform engineers, and application developers gain a unified view of security status that is embedded in their day-to-day {ocp} workflows. | |
| With this dynamic plugin, data gathered by {rh-rhacs-first} is displayed in the {ocp} interface, providing information about CVEs, image and workload vulnerabilities, and verified image signature status. Authorized security administrators, platform engineers, and application developers gain a unified view of security status that is embedded in their day-to-day {ocp} workflows. |
| With this dynamic plugin, data gathered by the {rh-rhacs-first} vulnerability management tools is displayed in the {ocp} interface, providing information about CVEs, image and workload vulnerabilities, and verified image signature status. Authorized security administrators, platform engineers, and application developers gain a unified view of security status that is embedded in their day-to-day {ocp} workflows. | ||
|
|
||
| // ARTIFACT FROM RHACS PLUGIN + RHDH FILE -- WHAT DOES THIS FeatureName TAG DO? | ||
| //:FeatureName: Integration of vulnerability findings into the {rh-rhdh} |
There was a problem hiding this comment.
Only needed if a feature is technology preview, so you can ignore the tag since this is GA (I think it's GA, right?
| // ARTIFACT FROM RHACS PLUGIN + RHDH FILE -- WHAT DOES THIS FeatureName TAG DO? | ||
| //:FeatureName: Integration of vulnerability findings into the {rh-rhdh} | ||
| include::snippets/technology-preview.adoc[] | ||
|
|
There was a problem hiding this comment.
I think we would need to add an include for the viewing-vulnerability-information.adoc module here so that it shows up in the "Accessing vulnerability information in the OCP web console" page under the introductory/summary text.
|
|
||
| [NOTE] | ||
| ==== | ||
| You can also view vulnerability information on details views for other pages in the {ocp} web console by clicking the *Security* tab, such as in the details views for individual projects, namespaces, deployments, daemonsets, and so on. |
There was a problem hiding this comment.
| You can also view vulnerability information on details views for other pages in the {ocp} web console by clicking the *Security* tab, such as in the details views for individual projects, namespaces, deployments, daemonsets, and so on. | |
| You can also view vulnerability information in other pages in the {ocp} web console by clicking the *Security* tab. For example, you can view vulnerability information in the details views for individual projects, namespaces, deployments, and daemonsets. |
|
|
||
| If the {rh-rhacs-console-plugin} plugin is enabled on a secured cluster, a new *Security* navigation option, with a *Vulnerabilities* secondary option, displays in the web console navigation menu for authorized users with access to all of the deployment-like resources within the selected namespace. | ||
|
|
||
| In addition to the new navigation option, if the {rh-rhacs-console-plugin} plugin is enabled on a secured cluster, a new *Security* tab displays on certain pages in the web console, such as the details views for individual projects, namespaces, deployments, daemonsets, and so on. No newline at end of file |
There was a problem hiding this comment.
| In addition to the new navigation option, if the {rh-rhacs-console-plugin} plugin is enabled on a secured cluster, a new *Security* tab displays on certain pages in the web console, such as the details views for individual projects, namespaces, deployments, daemonsets, and so on. | |
| In addition to the new navigation option, if the {rh-rhacs-console-plugin} plugin is enabled on a secured cluster, a new *Security* tab displays on certain pages in the web console, such as the details views for individual projects, namespaces, deployments, and daemonsets. |
| .Prerequisites | ||
| // ARE THESE IN THE CORRECT ORDER? NOT SURE IF THE NOTEBOOKLM AI ASSIST PUT THESE IN THE RIGHT/MOST LOGICAL ORDER. | ||
| * You are running {ocp} version 4.19 or later. | ||
| * You have installed secured cluster services, including sensor, on the cluster. |
There was a problem hiding this comment.
| * You have installed secured cluster services, including sensor, on the cluster. | |
| * You have installed secured cluster services, including Sensor, on the cluster. |
Weird ACS-specific thing, we always capitalize Central, Sensor, Collector, etc.
| ==== | ||
|
|
||
| .Prerequisites | ||
| // ARE THESE IN THE CORRECT ORDER? NOT SURE IF THE NOTEBOOKLM AI ASSIST PUT THESE IN THE RIGHT/MOST LOGICAL ORDER. |
There was a problem hiding this comment.
The Operator step would go before the secured cluster services step IMO.
| // ARE THESE IN THE CORRECT ORDER? NOT SURE IF THE NOTEBOOKLM AI ASSIST PUT THESE IN THE RIGHT/MOST LOGICAL ORDER. | ||
| * You are running {ocp} version 4.19 or later. | ||
| * You have installed secured cluster services, including sensor, on the cluster. | ||
| * You have installed the {product-title} Operator on the cluster. |
There was a problem hiding this comment.
| * You have installed the {product-title} Operator on the cluster. | |
| * You have installed the {product-title-short} Operator on the cluster. |
| // IN THE INTERFACE, THIS APPEARS AS "console plugin" IN THE OPERATOR INSTALLATION, BUT FROM THE INSTALLED OPERATORS PAGE FOR RHACS OPERATOR IT APPEARS IN THE SIDEBAR INFO AS A NAMED "advanced-cluster-security" PLUGIN UNDER A GENERIC "Console plugin" HEADER. UNSURE WHY THIS APPEARS WITH DIFFERNT NAMES IN DIFFERENT LOCATIONS IN THE GUI. IN THE FUTURE IF OTHER CONSOLE PLUGINS ARE ADDED, IT CANNOT BE GENERICALLY LABELED AS "Console plugin" IN THE RHACS OPERATOR INSTALLATION. | ||
| // ALSO UNCLEAR IF THIS FUNCTION/CODE IS THE SAME AS THE "RHACS PLUGIN" THAT YOU INSTALL WITH RHDH OR DIFFERENT FUNCTION/CODE. | ||
|
|
||
| By enabling the {rh-rhacs-console-plugin} dynamic plugin during the installation of the {product-title-short} operator, you can access vulnerability management information for your secured cluster workloads directly from the {ocp} web console. |
There was a problem hiding this comment.
Since it's enabled by default, I don't think we have to say "By enabling the {rh-rhacs-console-plugin} dynamic plugin during the installation of the {product-title-short} operator,"
Maybe just say something like:
{product-title} provides a dynamic plugin that is enabled by default to provide vulnerability management information for your secured cluster workloads directly in the {ocp} web console.
3 participants
…in web console
Version(s):
4.10
Issue:
https://issues.redhat.com/browse/ROX-32677
Link to docs preview:
QE review:
ACS has no formal QE team to review
Additional information: