From 421f0cb60f8009629b5b0180fa76d39bbf092fd4 Mon Sep 17 00:00:00 2001
From: Jamie Prevatt <jprevatt@redhat.com>
Date: Tue, 17 Feb 2026 16:41:53 -0500
Subject: [PATCH] ROX-32677-vuln-in-console: adding new content for
 vulnerability info in web console

---
 ...nerability-information-in-web-console.adoc | 22 ++++++++++++
 modules/common-attributes.adoc                |  1 +
 modules/enabling-the-plugin.adoc              | 36 +++++++++++++++++++
 ...nerability-information-in-web-console.adoc | 25 +++++++++++++
 4 files changed, 84 insertions(+)
 create mode 100644 configuration/accessing-vulnerability-information-in-web-console.adoc
 create mode 100644 modules/enabling-the-plugin.adoc
 create mode 100644 modules/viewing-vulnerability-information-in-web-console.adoc

diff --git a/configuration/accessing-vulnerability-information-in-web-console.adoc b/configuration/accessing-vulnerability-information-in-web-console.adoc
new file mode 100644
index 000000000000..a1a18b8a9723
--- /dev/null
+++ b/configuration/accessing-vulnerability-information-in-web-console.adoc
@@ -0,0 +1,22 @@
+:_mod-docs-content-type: ASSEMBLY
+[id="accessing-vulnerability-information-in-web-console"]
+= Accessing vulnerability information in the OpenShift Container Platform web console
+include::modules/common-attributes.adoc[]
+:context: accessing-vulnerability-information-in-web-console
+
+toc::[]
+
+// GUI LABELING ISSUES
+// SEE MEETING RHACS SPRINT DEMO RECORDING 01/29/2026 ~28 MINUTES
+// IN THE INTERFACE, THIS APPEARS AS "console plugin" IN THE OPERATOR INSTALLATION, BUT FROM THE INSTALLED OPERATORS PAGE FOR RHACS OPERATOR IT APPEARS IN THE SIDEBAR INFO AS A NAMED "advanced-cluster-security" PLUGIN UNDER A GENERIC "Console plugin" HEADER. UNSURE WHY THIS APPEARS WITH DIFFERNT NAMES IN DIFFERENT LOCATIONS IN THE GUI. IN THE FUTURE IF OTHER CONSOLE PLUGINS ARE ADDED, IT CANNOT BE GENERICALLY LABELED AS "Console plugin" IN THE RHACS OPERATOR INSTALLATION.
+// ALSO UNCLEAR IF THIS FUNCTION/CODE IS THE SAME AS THE "RHACS PLUGIN" THAT YOU INSTALL WITH RHDH OR DIFFERENT FUNCTION/CODE.
+
+By enabling the {rh-rhacs-console-plugin} dynamic plugin during the installation of the {product-title-short} operator, you can access vulnerability management information for your secured cluster workloads directly from the {ocp} web console. 
+// FOR YOUR...: workloads? clusters? cluster workloads?
+
+With this dynamic plugin, data gathered by the {rh-rhacs-first} vulnerability management tools is displayed in the {ocp} interface, providing information about CVEs, image and workload vulnerabilities, and verified image signature status. Authorized security administrators, platform engineers, and application developers gain a unified view of security status that is embedded in their day-to-day {ocp} workflows. 
+
+// ARTIFACT FROM RHACS PLUGIN + RHDH FILE -- WHAT DOES THIS FeatureName TAG DO?
+//:FeatureName: Integration of vulnerability findings into the {rh-rhdh}
+include::snippets/technology-preview.adoc[]
+
diff --git a/modules/common-attributes.adoc b/modules/common-attributes.adoc
index 6d7b32d94a57..63ac7adc37e2 100644
--- a/modules/common-attributes.adoc
+++ b/modules/common-attributes.adoc
@@ -38,6 +38,7 @@ endif::[]
 :rh-rhtas-first: Red{nbsp}Hat Trusted Artifact Signer (RHTAS)
 :rh-rhacs-first: Red{nbsp}Hat Advanced Cluster Security for Kubernetes (RHACS)
 :rh-rhacscs-first: Red{nbsp}Hat Advanced Cluster Security Cloud Service (RHACS Cloud Service)
+:rh-rhacs-console-plugin: console
 :rh-rhacm: RHACM
 :rh-rhdh-first: Red{nbsp}Hat Developer Hub (RHDH)
 :rh-rhdh: RHDH
diff --git a/modules/enabling-the-plugin.adoc b/modules/enabling-the-plugin.adoc
new file mode 100644
index 000000000000..b168a2f87949
--- /dev/null
+++ b/modules/enabling-the-plugin.adoc
@@ -0,0 +1,36 @@
+// Module included in the following assemblies:
+//
+// * accessing-vulnerability-information-in-web-console.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="enabling-the-plugin_{context}"]
+= Enabling the plugin
+
+The {rh-rhacs-console-plugin} dynamic plugin is enabled by default during the installation of the {product-title} Operator. 
+
+To review enablement status or to enable the {rh-rhacs-console-plugin} plugin after the installation of the {product-title-short} Operator, use the following steps.
+
+[NOTE]
+====
+You can also review and change the enablement status of the {rh-rhacs-console-plugin} dynamic plugin after installation of the {product-title} Operator. To do so, view the installed Operators in the web console and then view the details of the {product-title} Operator. 
+====
+
+.Prerequisites
+// ARE THESE IN THE CORRECT ORDER? NOT SURE IF THE NOTEBOOKLM AI ASSIST PUT THESE IN THE RIGHT/MOST LOGICAL ORDER. 
+* You are running {ocp} version 4.19 or later.
+* You have installed secured cluster services, including sensor, on the cluster.
+* You have installed the {product-title} Operator on the cluster.
+
+.Procedure 
+
+. In the {ocp} web console navigation, click *Ecosystem > Installed Operators*.
+
+. From the installed operators, click the {product-title} Operator.
+
+. In the Operator details, verify that the {rh-rhacs-console-plugin} plugin is enabled. 
+
+.Verification
+
+If the {rh-rhacs-console-plugin} plugin is enabled on a secured cluster, a new *Security* navigation option, with a *Vulnerabilities* secondary option, displays in the web console navigation menu for authorized users with access to all of the deployment-like resources within the selected namespace.
+
+In addition to the new navigation option, if the {rh-rhacs-console-plugin} plugin is enabled on a secured cluster, a new *Security* tab displays on certain pages in the web console, such as the details views for individual projects, namespaces, deployments, daemonsets, and so on.
\ No newline at end of file
diff --git a/modules/viewing-vulnerability-information-in-web-console.adoc b/modules/viewing-vulnerability-information-in-web-console.adoc
new file mode 100644
index 000000000000..4d85ba8896e9
--- /dev/null
+++ b/modules/viewing-vulnerability-information-in-web-console.adoc
@@ -0,0 +1,25 @@
+// Module included in the following assemblies:
+//
+// * accessing-vulnerability-information-in-web-console.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="viewing-vulnerability-information-in-web-console_{context}"]
+= Viewing vulnerability information in the web console
+
+Use the *Security* navigation option in the {ocp} web console to view vulnerability information that is scoped to the namespace of a secured cluster.  
+
+.Prerequisites
+* The {rh-rhacs-console-plugin} plugin is enabled on the secured cluster.
+
+.Procedure 
+
+. In the {ocp} web console navigation, click *Security > Vulnerabilities*.
+
+. From the Workload vulnerabilities page, click the *CVEs*, *Images*, or *Deployments* option to determine the context in which you want to view vulnerabilities.
+
+. In the displayed results, click a specific result to view detailed information about the vulnerability.
+
+[NOTE]
+====
+You can also view vulnerability information on details views for other pages in the {ocp} web console by clicking the *Security* tab, such as in the details views for individual projects, namespaces, deployments, daemonsets, and so on.
+====