Uploaded image for project: 'Red Hat Advanced Cluster Management'
  1. Red Hat Advanced Cluster Management
  2. ACM-13337

Add a basic "Discovered policies" table

XMLWordPrintable

    • 3
    • False
    • None
    • False
    • Hide

      Provide the required acceptance criteria using this template.
      * ...
      Show
      Provide the required acceptance criteria using this template. * ...
    • ACM-12528 - UI support for standalone Policy deployments
    • GRC Sprint 2024-16, GRC Sprint 2024-17
    • None

      Value Statement

      To allow users to leverage a different delivery mechanism for policy templates (e.g. ConfigurationPolicy, Gatekeeper constraint, etc.), the ACM console can leverage search to list all detected policy templates. This also gives a different view for existing users that is helpful.

      ACM-12528 has more detail on the market value and general requirements.

      See the following Figma mockup for design details, though the wording is expected to change after ACM-13285:
      https://www.figma.com/design/vUl9NQhvdwwH2gEyhTpdYz/Sub-Policies?node-id=93-9395&t=28FJUupzo4TyvDhf-0

      Note that the search results will not contain all the data needed until ACM-13279 is done. Gatekeeper will be excluded from this for now.

      Additional features such as label filtering and column management will come in a future Jira.

      Definition of Done for Engineering Story Owner (Checklist)

      • Add a "Discovered policies" tab in "Governance"
      • This page will have a table aggregated by name and kind for all supported policy template types (except Gatekeeper for now). It will have these columns
        • Name - clickable to a table to per cluster results
        • Engine
        • Kind
        • Response action (generic term for remediation action)
          • If multiple, it should be in the format of `inform / enforce` like the existing "Policies" table.
        • Source
          • This matches the same logic as the "Policies" table except that if it's deployed by a "Policy" kind, it should show a link to the parent policy.
        • Severity - pick the highest severity if this differs per cluster
        • Cluster violations
      • The per cluster page that is reachable from the "Name" link will have a "Policy violations" card with a "Policy violations" chart. Below that will have a table with the following columns:
        • Cluster - a link to the existing policy template details page for that specific policy
        • Response action (generic term for remediation action)
        • Violations
        • Source
        • Severity
      • Stretch Goal:
        • Verify the user has RBAC to access the root policy before making Source clickable toa  policy.

      Development Complete

      • The code is complete.
      • Functionality is working.
      • Any required downstream Docker file changes are made.

      Tests Automated

      • [ ] Unit/function tests have been automated and incorporated into the
        build.
      • [ ] 100% automated unit/function test coverage for new or changed APIs.

      Secure Design

      • [ ] Security has been assessed and incorporated into your threat model.

      Multidisciplinary Teams Readiness

      • [ ] Create an informative documentation issue using the Customer

      Portal Doc template that you can access from [The Playbook](

      https://docs.google.com/document/d/1YTqpZRH54Bnn4WJ2nZmjaCoiRtqmrc2w6DdQxe_yLZ8/edit#heading=h.9fvyr2rdriby),

      and ensure doc acceptance criteria is met.

      • Call out this sentence as it's own action:
      • [ ] Link the development issue to the doc issue.

      Support Readiness

      • [ ] The must-gather script has been updated.

              yikim@redhat.com Yi Rae Kim
              mprahl Matthew Prahl
              ManiKrishna Sai Ravi ManiKrishna Sai Ravi
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: