DOCS-2925: remove container security from Calico Cloud v23.0 docs#2767
Open
ctauchen wants to merge 1 commit into
Open
DOCS-2925: remove container security from Calico Cloud v23.0 docs#2767ctauchen wants to merge 1 commit into
ctauchen wants to merge 1 commit into
Conversation
Per PMREQ-905, remove Image Assurance, Container Threat Detection / Runtime Security, and the Image Assurance admission controller and Jira integration from the Calico Cloud v23.0 docs (current/Next tree). Also strips lingering Kibana navigation references following the v22.5 Kibana link removal (TSLA-11201) — the Kibana standalone page is deleted and user-facing "navigate to Kibana" instructions in observability, threat, and tutorial pages are reworded. The v22-2 versioned snapshot is intentionally untouched. Release notes keep historical entries but strip links to deleted pages. Compliance Reports (TSLA-11335 pending) and Threatfeeds (held until replacement) remain in scope for follow-up work, as does the Jira webhook consumer in threat/configuring-webhooks.mdx, which is a separate feature. Redirects added for all deleted slugs. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
✅ Deploy Preview for calico-docs-preview-next ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview succeeded!Built without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify project configuration. |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the Calico Cloud “current/Next” documentation set to remove container security content (Image Assurance, Container Threat Detection/Runtime Security, and related admission controller/Jira integration) and to finish the sweep of remaining Kibana navigation/instructions by either removing the Kibana pages or rewording guidance to refer to the web console.
Changes:
- Removes Calico Cloud docs pages for Image Assurance, Container Threat Detection, Kibana, and related API/resource reference docs.
- Updates navigation (sidebar + landing pages) and numerous docs to strip Kibana/IA/CTD references and permissions/RBAC mentions.
- Adds Netlify redirects for removed slugs.
Reviewed changes
Copilot reviewed 48 out of 48 changed files in this pull request and generated 15 comments.
Show a summary per file
| File | Description |
|---|---|
| static/_redirects | Adds redirects for removed IA/CTD/Kibana pages. |
| sidebars-calico-cloud.js | Removes Kibana, CTD, IA items from Calico Cloud sidebar. |
| calico-cloud/users/user-management.mdx | Removes Kibana/IA/CTD permissions and deletes the “Image Assurance Admin” role section. |
| calico-cloud/tutorials/calico-cloud-features/tour.mdx | Removes Kibana-specific “Logs” tutorial content and screenshots. |
| calico-cloud/tutorials/calico-cloud-features/networksets.mdx | Removes Kibana references from network sets tutorial. |
| calico-cloud/threat/web-application-firewall.mdx | Removes Kibana section for WAF event viewing. |
| calico-cloud/threat/tor-vpn-feed-and-dashboard.mdx | Removes Kibana navigation instructions and rewords steps. |
| calico-cloud/threat/security-event-management.mdx | Rewords where to view security event logs (away from Kibana). |
| calico-cloud/threat/index.mdx | Removes CTD from threat landing page description/cards. |
| calico-cloud/threat/deploying-waf-ingress-gateway.mdx | Rewords “verify WAF logs” steps away from Kibana. |
| calico-cloud/threat/container-threat-detection.mdx | Deletes the Container Threat Detection page. |
| calico-cloud/release-notes/index.mdx | Removes/neutralizes links to IA/CTD docs while keeping historical prose. |
| calico-cloud/reference/resources/runtimesecurity.mdx | Deletes the RuntimeSecurity resource reference page. |
| calico-cloud/reference/resources/containeradmissionpolicy.mdx | Deletes the ContainerAdmissionPolicy resource reference page. |
| calico-cloud/reference/installation/ia-api.mdx | Deletes the Image Assurance installation API reference page. |
| calico-cloud/reference/installation/_ia-api.mdx | Deletes the generated Image Assurance installation API include. |
| calico-cloud/reference/index.mdx | Removes doc cards that pointed to deleted IA/RuntimeSecurity/ContainerAdmissionPolicy pages. |
| calico-cloud/operations/cluster-management.mdx | Removes Kibana mention from managed cluster view description. |
| calico-cloud/observability/kube-audit.mdx | Removes Kibana dashboard mention for Kubernetes audit logs. |
| calico-cloud/observability/kibana.mdx | Deletes the Kibana dashboards/logs page. |
| calico-cloud/observability/index.mdx | Removes Kibana doc card from observability landing page. |
| calico-cloud/observability/elastic/overview.mdx | Removes Kibana references from Elastic overview and value statements. |
| calico-cloud/observability/elastic/l7/configure.mdx | Removes Kibana instructions for viewing L7 logs. |
| calico-cloud/observability/elastic/index.mdx | Updates description to remove Kibana mention. |
| calico-cloud/observability/elastic/flow/tcpstats.mdx | Removes Kibana viewing instructions; fixes grammar/punctuation. |
| calico-cloud/observability/elastic/flow/processpath.mdx | Removes Kibana viewing instructions; fixes grammar/punctuation. |
| calico-cloud/observability/elastic/audit-overview.mdx | Removes Kibana audit dashboard references and screenshots. |
| calico-cloud/observability/alerts.mdx | Removes Kibana as an alert viewing location. |
| calico-cloud/network-policy/networksets.mdx | Removes Kibana references from network sets policy doc. |
| calico-cloud/network-policy/application-layer-policies/alp.mdx | Removes Kibana instruction reference from ALP limitations. |
| calico-cloud/image-assurance/understanding-scan-results.mdx | Deletes IA scan results interpretation page. |
| calico-cloud/image-assurance/set-up-alerts.mdx | Deletes IA vulnerability alerting page. |
| calico-cloud/image-assurance/scanners/registry-scanner.mdx | Deletes IA registry scanner page. |
| calico-cloud/image-assurance/scanners/pipeline-scanner.mdx | Deletes IA pipeline scanner page. |
| calico-cloud/image-assurance/scanners/overview.mdx | Deletes IA scanners overview page. |
| calico-cloud/image-assurance/scanners/index.mdx | Deletes IA scanners index page. |
| calico-cloud/image-assurance/scanners/cluster-scanner.mdx | Deletes IA cluster scanner page. |
| calico-cloud/image-assurance/install-the-admission-controller.mdx | Deletes IA admission controller page. |
| calico-cloud/image-assurance/index.mdx | Deletes IA landing page. |
| calico-cloud/image-assurance/exclude-vulnerabilities-from-scan-results.mdx | Deletes IA vulnerability exclusions page. |
| calico-cloud/image-assurance/creating-jira-issues-for-scan-results.mdx | Deletes IA Jira integration page. |
| calico-cloud/get-started/windows-limitations.mdx | Removes IA limitation row. |
| calico-cloud/get-started/upgrade-cluster.mdx | Removes legacy “deploy-with-container-security” manifest instructions. |
| calico-cloud/get-started/operator-checklist.mdx | Removes runtime-security component/CR checks and runtime-security section. |
| calico-cloud/get-started/install-private-registry.mdx | Removes legacy IA/CTD feature-key details block. |
| calico-cloud/get-started/install-cluster.mdx | Removes legacy IA/CTD manifest + Helm feature-key details blocks. |
| calico-cloud/get-started/install-automated.mdx | Removes legacy IA/CTD feature-key details block. |
| calico-cloud/get-started/cc-arch-diagram.mdx | Removes IA/CTD components from architecture table and updates “User access” description. |
| /calico-cloud/tutorials/calico-cloud-features/mylo-ai /calico-cloud/about 301 | ||
|
|
||
| # Container security removal (PMREQ-905 / DOCS-2925): Image Assurance, Container Threat Detection, Kibana | ||
| /calico-cloud/image-assurance/* /calico-cloud/about 301 |
Comment on lines
+139
to
+143
| /calico-cloud/image-assurance/* /calico-cloud/about 301 | ||
| /calico-cloud/threat/container-threat-detection /calico-cloud/threat 301 | ||
| /calico-cloud/reference/installation/ia-api /calico-cloud/reference/installation/api 301 | ||
| /calico-cloud/reference/resources/runtimesecurity /calico-cloud/reference/resources 301 | ||
| /calico-cloud/reference/resources/containeradmissionpolicy /calico-cloud/reference/resources 301 |
| /calico-cloud/reference/installation/ia-api /calico-cloud/reference/installation/api 301 | ||
| /calico-cloud/reference/resources/runtimesecurity /calico-cloud/reference/resources 301 | ||
| /calico-cloud/reference/resources/containeradmissionpolicy /calico-cloud/reference/resources 301 | ||
| /calico-cloud/observability/kibana /calico-cloud/observability 301 |
| Detectors can also be configured as part of a new RuntimeSecurity custom resource. | ||
|
|
||
| For more information, see [Update detector settings](../threat/container-threat-detection.mdx#update-detectors-settings). | ||
| For more information, see Update detector settings. |
| This can be a helpful way to eliminate noise and false positives in your alerts. | ||
|
|
||
| For more information, see [Exclude a process from Security Events alerts](../threat/container-threat-detection.mdx#exclude-process). | ||
| For more information, see Exclude a process from Security Events alerts. |
| * Export CSV or JSON files. | ||
|
|
||
| To get started, see [Image Assurance](../image-assurance). | ||
| To get started, see Image Assurance. |
| You can view your alerts on the _Alerts_ page on the web console. | ||
|
|
||
| To get started, see [Malware Detection](../threat/container-threat-detection.mdx)) | ||
| To get started, see Malware Detection. |
| $[prodname] introduces Image Assurance in tech preview, enabling DevOps and platform teams to scan images in public and private registries, and images that are automatically discovered in connected clusters. Image Assurance provides a runtime view into risk, based on discovered vulnerabilities. It also offers admission controller policies to enforce how vulnerable images are used to create resources within Kubernetes. | ||
|
|
||
| To get started, see [Image Assurance](../image-assurance). | ||
| To get started, see Image Assurance. |
| @@ -25,7 +25,6 @@ Application layer policies let you configure access controls based on L7 attribu | |||
| * Application layer policies apply to the entire cluster. | |||
| They can not be namespaced. | |||
| * Logs for application layer polices are not included with other L7 logs in Service Graph. | |||
| ``` | ||
| 2. Now, you can monitor the Dashboard for any malicious activity. The dashboard can be found at the $[prodname] web console, go to "kibana" and then go to "Dashboard". Select "Tor-VPN Dashboard". | ||
| 3. Additionally, feeds can be checked using following command: | ||
| 2. Feeds can be checked using following command: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Per PMREQ-905, remove Image Assurance (IA), Container Threat Detection / Runtime Security (RS), and the related Image Assurance admission controller and Jira integration from the Calico Cloud v23.0 (current/Next) docs. Engineering work is tracked under Nimbus epic TSLA-9161.
Also strips lingering Kibana navigation references following the v22.5 Kibana link removal (TSLA-11201) — the standalone Kibana page is deleted and user-facing "navigate to Kibana" instructions across observability, threat, network-policy, operations, and tutorials are reworded.
ia-api.mdx/_ia-api.mdx,runtimesecurity.mdx,containeradmissionpolicy.mdx,observability/kibana.mdxthreat/index.mdx,reference/index.mdx, plus Kibana sweep across ~14 pagessidebars-calico-cloud.jsand adds 6static/_redirectsentriesOut of scope
threat/configuring-webhooks.mdx+reference/resources/securityeventwebhook.mdx— separate feature (security-event webhooks, not Settings > Jira); not named in TSLA-11338calico-cloud_versioned_docs/version-22-2/snapshot — left untouched as a historical artifactTest plan
yarn build-nextsucceeds with no new broken links from this diff (pre-existing maglev / ebpf broken links onnext/are unrelated and should be fixed separately)🤖 Generated with Claude Code