Dominika's comments - some of them

pabel-rh · pabel-rh · commit 3bd9adb24962 · 2025-11-04T10:10:44.000+05:30
diff --git a/modules/observe/scorecards/proc-authenticating-and-managing-scorecard-plugins.adoc b/modules/observe/scorecards/proc-authenticating-and-managing-scorecard-plugins.adoc
@@ -23,28 +23,4 @@ See {authorization-book-link}#ref-rbac-permission-policies_title-authorization[P
 ... To enable read access for the Scorecard plugin, add a policy with the following details and click *Next*:
 **** *Permission*: `scorecard.metric.read`
 **** *Action*: `read`
-**** *Effect*: `allow`
-
-. Provide users access to specific metrics by their identifiers by using a conditional policy to restrict access, for example, only to the GitHub Open PRs metric (`github.open_prs`) using any of the following ways:
-** {audit-log-book-link}#managing-authorizations-by-using-the-web-ui[Using the Web UI]. 
-** defining the conditional policies in an `rbac-conditional-policies.yaml` file as shown in the following code:
-+
-[source,yaml]
-----
-result: CONDITIONAL
-roleEntityRef: "role:default/scorecard-viewer"
-pluginId: scorecard
-resourceType: scorecard-metric
-permissionMapping:
-  - read
-conditions:
-  rule: HAS_METRIC_ID
-  resourceType: scorecard-metric
-  params:
-    metricIds: [_<your_metric_id>_]
-----
-+
-where:
-`metricIds`:: Enter the metric ID you want to give access to a user. For example: `github.open_prs`.
-
-This policy would allow users to read only the GitHub Open PRs metric, while restricting access to other available metrics. 
+**** *Effect*: `allow`
diff --git a/modules/observe/scorecards/proc-configuring-github-scorecards-in-rhdh-instance.adoc b/modules/observe/scorecards/proc-configuring-github-scorecards-in-rhdh-instance.adoc
@@ -9,8 +9,8 @@ You can view GitHub metrics for software components registered in the {product-v
 
 * You have installed your {product-very-short} instance.
 * You have installed the Scorecard images.
-* You must have permissions in GitHub to create and manage a GitHub App.
-* You must have permissions to add and change the custom {product-very-short} application configuration.
+* You must have permissions in GitHub to create and manage a https://docs.github.com/en/apps/overview[GitHub App].
+* You must have {configuring-book-link}[added a custom {product-very-short} application configuration] and have enough permissions to change it.
 
 .Procedure
 
diff --git a/modules/observe/scorecards/proc-configuring-jira-scorecards-in-rhdh-instance.adoc b/modules/observe/scorecards/proc-configuring-jira-scorecards-in-rhdh-instance.adoc
@@ -14,10 +14,9 @@ The following Jira versions are supported:
 * You must have administrator privileges for Jira and {product-very-short}.
 * You have installed your {product-very-short} instance.
 * You have installed the Scorecard images.
-* You must have added a custom {product-very-short} application configuration.
+* You must have {configuring-book-link}[added a custom {product-very-short} application configuration] and have enough permissions to change it.
 
----
-== Procedure
+.Procedure
 
 . Create a Jira configuration token using one of the following methods, depending on your Jira product:
 ** Jira Cloud: https://id.atlassian.com/manage-profile/security/api-tokens[Create a personal token]. You must then create a `Base64-encoded` string using the following plain text format: `your-atlassian-email:your-jira-api-token`.
@@ -29,7 +28,7 @@ echo -n 'your-atlassian-email:your-jira-api-token' | base64
 ** Jira datacenter: Create and use a Personal Access Token (PAT) in your Jira datacenter account. For more information, see the https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html[Atlassian] documentation.
 
 . Configure the Jira Scorecard plugin in your `{product-very-short} dynamic-plugins-config.yaml` using either a direct setup or a proxy setup.
-.. Use a direct setup (Recommended for simpler environments): Add the following code to your `{product-very-short} dynamic-plugins-config.yaml`:
+.. Use a direct setup: Add the following code to your `{product-very-short} dynamic-plugins-config.yaml`:
 +
 [source,yaml]
 ----
@@ -43,11 +42,12 @@ plugins:
         product: datacenter # Change to 'cloud' if using Jira Cloud
 ----
 where:
+
 `baseUrl`:: Enter the Jira URL.
 `token`:: Enter the Jira token (Base64 string for Cloud, PAT for Data Center).
 `product`:: Enter the supported product: `cloud` or `datacenter`.
 
-.. Use a proxy setup (Recommended for complex network environments): In your `{product-very-short} dynamic-plugins-config.yaml`, add the following code:
+.. Use a proxy setup: In your `{product-very-short} dynamic-plugins-config.yaml`, add the following code:
 +
 [source,yaml]
 ----
@@ -60,7 +60,7 @@ plugins:
         product: datacenter # Change to 'cloud' if using Jira Cloud
 ----
 
-.. In your `{product-very-short} app-config.yaml` file, add the following proxy settings:
+... In your `{product-very-short} app-config.yaml` file, add the following proxy settings:
 +
 [source,yaml]
 ----
@@ -75,6 +75,7 @@ proxy:
         Authorization: ${JIRA_TOKEN} # Must be configured in your environment
 ----
 where:
+
 `Authorization`:: Set any of the following header value:
 * For *Cloud*: `Basic YourCreatedAboveToken`
 * For *Data Center*: `Bearer YourJiraToken`
@@ -102,6 +103,7 @@ spec:
   providesApis: [example-grpc-api]
 ----
 where:
+
 `jira/project-key`:: Required: Enter the Jira project key.
 `jira/component`:: Optional: Enter the Jira component name.
 `jira/label`:: Optional: Enter the Jira label.
@@ -140,6 +142,7 @@ scorecard:
           customFilter: priority in ("Critical", "Blocker")
 ----
 where:
+
 `mandatoryFilter`:: Optional: Replaces the default filter (`type = Bug and resolution = Unresolved`).
 `customFilter`:: Optional: Specifies a global custom filter. The entity annotation `jira/custom-filter` overrides this value.
 
diff --git a/modules/observe/scorecards/proc-installing-scorecard-plugin-in-rhdh-instance.adoc b/modules/observe/scorecards/proc-installing-scorecard-plugin-in-rhdh-instance.adoc
@@ -10,6 +10,7 @@ You must manually install and enable the plugin in your {product} instance.
 * You have provisioned your custom {installing-and-viewing-plugins-book-link}[dynamic plugins config map].
 
 .Procedure
+
 * Add the following configuration in your `{product} dynamic-plugin-config.yaml` file:
 +
 [source,yaml]
@@ -30,7 +31,7 @@ plugins:
                 importName: EntityScorecardContent
                 config:
                   layout:
-                        gridColumn: 1 / -1
+                    gridColumn: 1 / -1
                   if:
                     allOf:
                       - isKind: component
@@ -45,4 +46,8 @@ plugins:
         baseUrl: ${JIRA_BASE_URL}
         token: ${JIRA_TOKEN}
         product: datacenter
-----
+----
+where:
+
+`baseUrl`:: Enter the Jira URL.
+`token`:: Enter the Jira token.
