[ROX-27310]: New page: Understanding the differences in Node CVEs between the Stackrox Scanner and Scanner V4

[vikin91]

For users with clusters:

• switching from Stackrox Scanner to Scanner V4 and
• using RHCOS node scanning

there may be a surprise effect that there are roughly ~7 times more vulnerabilities reported for the Nodes in the UI.
The document contributed in this PR should be linked to the respective UI page and should serve as an explanation why the users see so many new CVEs.
The PR that adds a banner linking to the page added in this PR: stackrox/stackrox#14130

Version(s):

• 4.6 (for customer who decided to try tech-preview of Node scanning with Scanner V4)
• 4.7 (for all customers who use Scanner V4)

Issue:

• ROX-27310

Link to docs preview:

• The text: https://88222--ocpdocs-pr.netlify.app/openshift-acs/latest/operating/manage-vulnerabilities/scan-rhcos-node-host.html
• generated due to a rename of an adoc file (aesthetics): https://88222--ocpdocs-pr.netlify.app/openshift-acs/latest/operating/manage-vulnerabilities/common-vuln-management-tasks.html

QE review: ACS has no QE, approved by SME

• QE has approved this change.

Additional information:

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[vikin91]

/test validate-portal
/test validate-asciidoc

[ocpdocs-previewbot]

🤖 Mon Feb 10 23:00:49 - Prow CI generated the docs preview:

https://88222--ocpdocs-pr.netlify.app/openshift-acs/latest/operating/manage-vulnerabilities/common-vuln-management-tasks.html
https://88222--ocpdocs-pr.netlify.app/openshift-acs/latest/operating/manage-vulnerabilities/scan-rhcos-node-host.html

[vikin91]

/test validate-portal
/test validate-asciidoc

[vikin91]

/test validate-portal
/test validate-asciidoc

[kcarmichael08]

This looks great! Added some suggestions and a few things we have to follow for IBM and Red Hat Style. I think this will really help with the questions that Support tends to get after users switch to Scanner V4.

[vikin91]

Many thanks @kcarmichael08 for the swift review! I implemented all the suggestions.
In the next 10 hrs (its midnight here), I will double-check the preview and resolve the conversations in the PR.

[openshift-ci]

@vikin91: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[vikin91]

I went again over the text and it looks good, thus resolving all the conversations.
Would be great to merge it soon. Thank you!

[kcarmichael08]

I'm sorry, I missed this before - we aren't supposed to use headings like "Overview" or "Summary". I think we can actually just remove this because what follows is the introductory text - see the mod docs guidance (but to summarize - we don't need a heading here).

[kcarmichael08]

Hey, I noticed one thing when looking at the right TOC - the "summary" heading - can we remove this? Then I can merge - thank you!

[lvalerom]

@kcarmichael08 unfortunately @vikin91 is on PTO and I cannot change things in his branch. Would it be ok for me to open a new PR from my fork?

[vikin91]

@lvalerom I added you as a contributor to my fork

[kcarmichael08]

Replaced by #88477