Add info alert for In-transit Encryption in external mode

The configurations for In-Transit Encryption in external mode are all required to be done on the RHCS cluster by the ceph admin. Ticking the checkbox on ODF side only sets the kernel mount option for cephFS. So it might be misleading the user to think, the checkbox is enough to enable Eit in external mode. So added an info alert under the checkbox to clarify that settings need to be applied on the RHCS cluster. Also reworded the description of the checkbox to make it more clear to the user. Signed-off-by: Malay Kumar Parida <[email protected]>
red-hat-storage · Nov 5, 2024 · 04d6ef7 · 04d6ef7
1 parent 1295245
commit 04d6ef7
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 3 deletions.
diff --git a/locales/en/plugin__odf-console.json b/locales/en/plugin__odf-console.json
@@ -959,7 +959,10 @@
   "MultiCloud Object Gateway supports encryption for objects by default.": "MultiCloud Object Gateway supports encryption for objects by default.",
   "Enable data encryption for block and file storage": "Enable data encryption for block and file storage",
   "Enable encryption": "Enable encryption",
-  "A secure mode that encrypts all data passing over the network": "A secure mode that encrypts all data passing over the network",
+  "Encrypts all Ceph traffic including data, using Ceph msgrv2": "Encrypts all Ceph traffic including data, using Ceph msgrv2",
+  "Verify your RHCS cluster has the necessary in-transit encryption settings configured to properly enable in-transit encryption on your external cluster.": "Verify your RHCS cluster has the necessary in-transit encryption settings configured to properly enable in-transit encryption on your external cluster.",
+  "Refer to the documentation for detailed configuration steps.": "Refer to the documentation for detailed configuration steps.",
+  "Documentation link": "Documentation link",
   "An error has occurred: {{error}}": "An error has occurred: {{error}}",
   "The uploaded file is not a valid JSON file": "The uploaded file is not a valid JSON file",
   "External storage system metadata": "External storage system metadata",

diff --git a/...reate-storage-system/create-storage-system-steps/security-and-network-step/encryption.tsx b/...reate-storage-system/create-storage-system-steps/security-and-network-step/encryption.tsx
@@ -3,7 +3,13 @@ import { ValidationType } from '@odf/core/types';
 import { AdvancedSubscription } from '@odf/shared/badges/advanced-subscription';
 import { FieldLevelHelp } from '@odf/shared/generic/FieldLevelHelp';
 import { useCustomTranslation } from '@odf/shared/useCustomTranslationHook';
-import { Checkbox, FormGroup, Form } from '@patternfly/react-core';
+import {
+  Alert,
+  AlertVariant,
+  Checkbox,
+  FormGroup,
+  Form,
+} from '@patternfly/react-core';
 import { KMSEmptyState } from '../../../../constants';
 import { KMSConfigure } from '../../../kms-config/kms-config';
 import { ValidationMessage } from '../../../utils/common-odf-install-el';
@@ -291,13 +297,31 @@ export const Encryption: React.FC<EncryptionProps> = ({
             data-checked-state={encryption.inTransit}
             label={t('In-transit encryption')}
             description={t(
-              'A secure mode that encrypts all data passing over the network'
+              'Encrypts all Ceph traffic including data, using Ceph msgrv2'
             )}
             onChange={(_event, checked: boolean) =>
               handleInTransitEncryptionOnChange(checked)
             }
           />
         )}
+        {isExternal && encryption.inTransit && (
+          <Alert
+            variant={AlertVariant.info}
+            isInline
+            title={t(
+              'Verify your RHCS cluster has the necessary in-transit encryption settings configured to properly enable in-transit encryption on your external cluster.'
+            )}
+          >
+            {t('Refer to the documentation for detailed configuration steps.')}{' '}
+            <a
+              href="YOUR_DOCUMENTATION_LINK_URL" // Replace with actual doc link when available
+              target="_blank"
+              rel="noopener noreferrer"
+            >
+              {t('Documentation link')}
+            </a>
+          </Alert>
+        )}
       </FormGroup>
       {!encryption.hasHandled && (
         <ValidationMessage validation={ValidationType.ENCRYPTION} />