RHDEVDOCS-2335: App and images vulnerabilities

Author: shipsing

applications/odc-monitoring-project-and-application-metrics-using-developer-perspective.adoc

@@ -18,6 +18,10 @@ include::modules/odc-monitoring-your-project-metrics.adoc[leveloffset=+1]
 
 include::modules/odc-monitoring-your-application-metrics.adoc[leveloffset=+1]
 
+include::modules/odc-image-vulnerabilities-breakdown.adoc[leveloffset=+1]
+
+include::modules/odc-monitoring-your-app-vulnerabilities.adoc[leveloffset=+1]
+
 [role="_additional-resources"]
 == Additional resources
 * xref:../monitoring/monitoring-overview.adoc#monitoring-overview[Monitoring overview]

images/odc_image_vulnerabilities.png

@@ -0,0 +1,22 @@
+// Module included in the following assemblies:
+//
+// * applications/odc-monitoring-project-and-application-metrics-using-developer-perspective.adoc
+
+:_content-type: CONCEPT
+[id="odc-image-vulnerabilities-breakdown_{context}"]
+= Image vulnerabilities breakdown
+
+In the developer perspective, the project dashboard shows the *Image Vulnerabilities* link in the *Status* section. Using this link, you can view the *Image Vulnerabilities breakdown* window, which includes details regarding vulnerable container images and fixable container images. The icon color indicates severity:
+
+* Red: High priority. Fix immediately.
+* Orange: Medium priority. Can be fixed after high-priority vulnerabilities.
+* Yellow: Low priority. Can be fixed after high and medium-priority vulnerabilities.
+
+Based on the severity level, you can prioritize vulnerabilities and fix them in an organized manner.
+
+.Viewing image vulnerabilities
+image::odc_image_vulnerabilities.png[]
+
+<1> Shows the vulnerable container images
+<2> Indicates the severity level of the vulnerability
+<3> Shows the fixable container images

modules/odc-image-vulnerabilities-breakdown.adoc

@@ -0,0 +1,42 @@
+// Module included in the following assemblies:
+//
+// * applications/odc-monitoring-project-and-application-metrics-using-developer-perspective.adoc
+
+:_content-type: PROCEDURE
+[id="odc-monitoring-your-application-image-vulnerabilities-metrics_{context}"]
+= Monitoring your application and image vulnerabilities metrics
+
+After you create applications in your project and deploy them, use the *Developer* perspective in the web console to see the metrics for your application dependency vulnerabilities across your cluster. The metrics help you to analyze the following image vulnerabilities in detail:
+
+* Total count of vulnerable images in a selected project
+* Severity-based counts of all vulnerable images in a selected project
+* Drilldown into severity to obtain the details, such as count of vulnerabilities, count of fixable vulnerabilities, and number of affected pods for each vulnerable image
+
+.Prerequisites
+* You have installed the Red Hat Quay Container Security operator from the Operator Hub.
++
+[NOTE]
+====
+The Red Hat Quay Container Security operator detects vulnerabilities by scanning the images that are in the quay registry.
+====
+
+.Procedure
+
+. For a general overview of the image vulnerabilities, on the navigation panel of the *Developer* perspective, click *Project* to see the project dashboard.
+
+. Click *Image Vulnerabilities* in the *Status* section. The window that opens displays details such as *Vulnerable Container Images* and *Fixable Container Images*.
+
+. For a detailed vulnerabilities overview, click the *Vulnerabilities* tab on the project dashboard.
+
+.. To get more detail about an image, click its name.
+
+.. View the default graph with all types of vulnerabilities in the *Details* tab.
+
+.. Optional: Click the toggle button to view a specific type of vulnerability. For example, click *App dependency* to see vulnerabilities specific to application dependency.
+
+.. Optional: You can filter the list of vulnerabilities based on their *Severity* and *Type* or sort them by *Severity*, *Package*, *Type*, *Source*, *Current Version*, and *Fixed in Version*.
+
+.. Click a *Vulnerability* to get its associated details:
++
+* *Base image* vulnerabilities display information from a Red Hat Security Advisory (RHSA).
+* *App dependency* vulnerabilities display information from the Snyk security application.