ROSA with HCP split integration

_attributes/common-attributes.adoc

@@ -40,11 +40,8 @@ endif::[]
 :oadp-full: OpenShift API for Data Protection
 :oadp-short: OADP
 :oadp-version: 1.4.1
-<<<<<<< HEAD
 :oadp-version-1-3: 1.3.3
 :oadp-version-1-4: 1.4.1
-=======
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 :oc-first: pass:quotes[OpenShift CLI (`oc`)]
 :product-registry: OpenShift image registry
 :product-mirror-registry: Mirror registry for Red Hat OpenShift

_topic_maps/_topic_map.yml

@@ -135,22 +135,22 @@ Topics:
 - Name: Updating a cluster in a disconnected environment
   Dir: updating
   Topics:
-  - Name: About cluster updates in a disconnected environment
-    File: index
-  - Name: Mirroring OpenShift Container Platform images
-    File: mirroring-image-repository
-  - Name: Updating a cluster in a disconnected environment using OSUS
-    File: disconnected-update-osus
-    Distros: openshift-enterprise
-  - Name: Updating a cluster in a disconnected environment without OSUS
-    File: disconnected-update
-    Distros: openshift-enterprise
-  - Name: Updating a cluster in a disconnected environment by using the CLI
-    File: disconnected-update
-    Distros: openshift-origin
-  - Name: Uninstalling OSUS from a cluster
-    File: uninstalling-osus
-    Distros: openshift-enterprise
+    - Name: About cluster updates in a disconnected environment
+      File: index
+    - Name: Mirroring OpenShift Container Platform images
+      File: mirroring-image-repository
+    - Name: Updating a cluster in a disconnected environment using OSUS
+      File: disconnected-update-osus
+      Distros: openshift-enterprise
+    - Name: Updating a cluster in a disconnected environment without OSUS
+      File: disconnected-update
+      Distros: openshift-enterprise
+    - Name: Updating a cluster in a disconnected environment by using the CLI
+      File: disconnected-update
+      Distros: openshift-origin
+    - Name: Uninstalling OSUS from a cluster
+      File: uninstalling-osus
+      Distros: openshift-enterprise
 ---
 Name: Installing
 Dir: installing
@@ -2521,17 +2521,11 @@ Topics:
     File: hcp-destroy-virt
   - Name: Destroying a hosted cluster on IBM Z
     File: hcp-destroy-ibmz
-<<<<<<< HEAD
   - Name: Destroying a hosted cluster on IBM Power
     File: hcp-destroy-ibmpower
   - Name: Destroying a hosted cluster on non-bare metal agent machines
     File: hcp-destroy-non-bm
 - Name: Manually importing a hosted cluster
-=======
-  - Name: Destroying a hosted cluster on non-bare metal agent machines
-    File: hcp-destroy-non-bm
-- Name: Manually importing a hosted control plane cluster
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
   File: hcp-import
 ---
 Name: Nodes

_topic_maps/_topic_map_ms.yml

@@ -33,13 +33,8 @@ Name: Red Hat build of MicroShift release notes
 Dir: microshift_release_notes
 Distros: microshift
 Topics:
-<<<<<<< HEAD
 - Name: Red Hat build of MicroShift 4.18 release notes
   File: microshift-4-18-release-notes
-=======
-- Name: Red Hat build of MicroShift 4.17 release notes
-  File: microshift-4-17-release-notes
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 ---
 Name: Getting ready to install MicroShift
 Dir: microshift_install_get_ready
@@ -115,11 +110,7 @@ Dir: microshift_configuring
 Distros: microshift
 Topics:
 - Name: Using the MicroShift configuration file
-<<<<<<< HEAD
   File: microshift-using-config-yaml
-=======
-  File: microshift-using-config-tools
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 - Name: Configuring IPv6 networking
   File: microshift-nw-ipv6-config
 - Name: Cluster access with kubeconfig
@@ -130,11 +121,8 @@ Topics:
   File: microshift-greenboot-checking-status
 - Name: Configuring audit logging policies
   File: microshift-audit-logs-config
-<<<<<<< HEAD
 - Name: Disabling LVMS CSI provider and CSI snapshot
   File: microshift-disable-lvms-csi-provider-csi-snapshot
-=======
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 - Name: Configuring low latency
   Dir: microshift_low_latency
   Topics:

_topic_maps/_topic_map_rosa.yml

@@ -903,6 +903,8 @@ Topics:
   File: configuring-registry-operator
 - Name: Accessing the registry
   File: accessing-the-registry
+# - Name: Exposing the registry
+#   File: securing-exposing-registry
 ---
 Name: Operators
 Dir: operators

backup_and_restore/application_backup_and_restore/release-notes/oadp-1-4-release-notes.adoc

@@ -14,10 +14,7 @@ The release notes for {oadp-first} describe new features and enhancements, depre
 For additional information about {oadp-short}, see link:https://access.redhat.com/articles/5456281[{oadp-first} FAQs]
 ====
 
-<<<<<<< HEAD
 include::modules/oadp-1-4-1-release-notes.adoc[leveloffset=+1]
-=======
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 include::modules/oadp-1-4-0-release-notes.adoc[leveloffset=+1]
 include::modules/oadp-backing-up-dpa-configuration-1-4-0.adoc[leveloffset=+3]
 include::modules/oadp-upgrading-oadp-operator-1-4-0.adoc[leveloffset=+3]
@@ -31,8 +28,4 @@ include::modules/oadp-upgrading-oadp-operator-1-4-0.adoc[leveloffset=+3]
 
 To upgrade from OADP 1.3 to 1.4, no Data Protection Application (DPA) changes are required.
 
-<<<<<<< HEAD
-include::modules/oadp-verifying-upgrade-1-4-0.adoc[leveloffset=+2]
-=======
-include::modules/oadp-verifying-upgrade-1-4-0.adoc[leveloffset=+2]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
+include::modules/oadp-verifying-upgrade-1-4-0.adoc[leveloffset=+2]

edge_computing/image_based_upgrade/cnf-understanding-image-based-upgrade.adoc

@@ -76,11 +76,8 @@ include::modules/cnf-image-based-upgrade.adoc[leveloffset=+1]
 
 * xref:../../edge_computing/image_based_upgrade/cnf-image-based-upgrade-base.adoc#cnf-image-based-upgrade[Performing an image-based upgrade for {sno} clusters with {lcao}]
 
-<<<<<<< HEAD
 * xref:../../edge_computing/image_based_upgrade/ztp-image-based-upgrade.adoc#ztp-image-based-upgrade[Performing an image-based upgrade for {sno} clusters using {ztp}]
 
-=======
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 include::modules/cnf-image-based-upgrade-guidelines.adoc[leveloffset=+1]
 
 [role="_additional-resources"]

edge_computing/image_based_upgrade/ztp-image-based-upgrade.adoc

@@ -6,33 +6,17 @@ include::_attributes/common-attributes.adoc[]
 
 toc::[]
 
-<<<<<<< HEAD
 // Lifecycle Agent (LCA)
 
 You can use a single resource on the hub cluster, the `ImageBasedGroupUpgrade` custom resource (CR), to manage an imaged-based upgrade on a selected group of managed clusters through all stages.
 {cgu-operator-first} reconciles the `ImageBasedGroupUpgrade` CR and creates the underlying resources to complete the defined stage transitions, either in a manually controlled or a fully automated upgrade flow.
 
 For more information about the image-based upgrade, see "Understanding the image-based upgrade for single-node OpenShift clusters".
-=======
-You can use a single resource on the hub cluster, the `ImageBasedGroupUpgrade` custom resource (CR), to manage an imaged-based upgrade on a selected group of managed clusters through all stages.
-{cgu-operator-first} reconciles the `ImageBasedGroupUpgrade` CR and creates the underlying resources to complete the defined stage transitions, either in a manually controlled or a fully automated upgrade flow.
-
-// Lifecycle Agent (LCA)
-
-include::modules/ztp-image-based-upgrade-concept.adoc[leveloffset=+1]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 [role="_additional-resources"]
 .Additional resources
 
-<<<<<<< HEAD
 * xref:../../edge_computing/image_based_upgrade/cnf-understanding-image-based-upgrade.adoc#cnf-understanding-image-based-upgrade[Understanding the image-based upgrade for single-node OpenShift clusters]
-=======
-* xref:../../backup_and_restore/control_plane_backup_and_restore/disaster_recovery/scenario-3-expired-certs.adoc#dr-scenario-3-recovering-expired-certs_dr-recovering-expired-certs[Recovering from expired control plane certificates]
-
-////
-* xref:../../edge_computing/ztp-preparing-the-hub-cluster.adoc#ztp-preparing-the-ztp-git-repository-ver-ind_ztp-preparing-the-hub-cluster[Preparing the {ztp} site configuration repository for version independence]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 include::modules/ztp-image-based-upgrade-concept.adoc[leveloffset=+1]
 
@@ -50,7 +34,6 @@ include::modules/ztp-image-based-upgrade-procedure-steps.adoc[leveloffset=+1]
 * xref:../../backup_and_restore/application_backup_and_restore/backing_up_and_restoring/oadp-creating-backup-cr.adoc#oadp-creating-backup-cr-doc[Creating a Backup CR]
 
 * xref:../../backup_and_restore/application_backup_and_restore/backing_up_and_restoring/restoring-applications.adoc#oadp-creating-restore-cr_restoring-applications[Creating a Restore CR]
-<<<<<<< HEAD
 
 * xref:../../edge_computing/image_based_upgrade/ztp-image-based-upgrade.adoc#ztp-image-based-upgrade-supported-combinations_ztp-gitops[Supported action combinations]
 
@@ -64,9 +47,6 @@ include::modules/ztp-image-based-upgrade-procedure-cancel.adoc[leveloffset=+1]
 * xref:../../edge_computing/image_based_upgrade/ztp-image-based-upgrade.adoc#ztp-image-based-upgrade-supported-combinations_ztp-gitops[Supported action combinations]
 
 include::modules/ztp-image-based-upgrade-procedure-rollback.adoc[leveloffset=+1]
-=======
-////
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 [role="_additional-resources"]
 .Additional resources

hosted_control_planes/hcp-deploy/hcp-deploy-non-bm.adoc

@@ -58,11 +58,7 @@ include::modules/hcp-non-bm-hc.adoc[leveloffset=+1]
 [role="_additional-resources"]
 .Additional resources
 
-<<<<<<< HEAD
 * xref:../../hosted_control_planes/hcp-import.adoc#hcp-import-manual_hcp-import[Manually importing a hosted cluster]
-=======
-* xref:../../hosted_control_planes/hcp-import.adoc#hcp-import-manual_hcp-import[Manually importing a hosted control plane cluster]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 include::modules/hcp-non-bm-hc-console.adoc[leveloffset=+2]
 

installing/installing_openstack/installing-openstack-three-node.adoc

@@ -8,18 +8,9 @@ toc::[]
 
 In {product-title} version {product-version}, you can install a three-node cluster on {rh-openstack-first}. A three-node cluster consists of three control plane machines, which also act as compute machines. This type of cluster provides a smaller, more resource efficient cluster, for cluster administrators and developers to use for testing, development, and production.
 
-<<<<<<< HEAD
 You can install a three-node cluster on installer-provisioned infrastructure only.
-=======
-You can install a three-node cluster by using either installer-provisioned or user-provisioned infrastructure.
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 include::modules/installation-three-node-cluster-cloud-provider.adoc[leveloffset=+1]
 
 == Next steps
-<<<<<<< HEAD
-* xref:../../installing/installing_openstack/installing-openstack-installer-custom.adoc#installing-openstack-installer-custom[Installing a cluster on OpenStack with customizations]
-=======
-* xref:../../installing/installing_openstack/installing-openstack-installer-custom.adoc#installing-openstack-installer-custom[Installing a cluster on OpenStack with customizations]
-* xref:../../installing/installing_openstack/installing-openstack-user.adoc#installing-openstack-user[Installing a cluster on OpenStack on your own infrastructure]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
+* xref:../../installing/installing_openstack/installing-openstack-installer-custom.adoc#installing-openstack-installer-custom[Installing a cluster on OpenStack with customizations]

microshift_welcome/index.adoc

@@ -21,11 +21,7 @@ To browse the {microshift-short} {product-version} documentation, use one of the
 To get started with {microshift-short}, use the following links:
 
 //text is in main assembly for the sake of cross references
-<<<<<<< HEAD
 * xref:../microshift_release_notes/microshift-4-18-release-notes.adoc#microshift-4-18-release-notes[{product-title} release notes]
-=======
-* xref:../microshift_release_notes/microshift-4-17-release-notes.adoc#microshift-4-17-release-notes[{product-title} release notes]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 * xref:../microshift_install_rpm/microshift-install-rpm.adoc#microshift-install-rpm[Installing {product-title}]
 
 For related information, use the following links:

modules/about-developer-perspective.adoc

@@ -31,8 +31,4 @@ The *Developer* perspective provides workflows specific to developer use cases,
 You can use the *Topology* view to display applications, components, and workloads of your project. If you have no workloads in the project, the *Topology* view will show some links to create or import them. You can also use the *Quick Search* to import components directly.
 
 .Additional resources
-<<<<<<< HEAD
 See link:https://docs.openshift.com/container-platform/4.17/applications/odc-viewing-application-composition-using-topology-view.html[Viewing application composition using the Topology] view for more information on using the *Topology* view in *Developer* perspective.
-=======
-See link:https://docs.openshift.com/container-platform/4.16/applications/odc-viewing-application-composition-using-topology-view.html[Viewing application composition using the Topology] view for more information on using the *Topology* view in *Developer* perspective.
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)

modules/cnf-image-based-upgrade-configure-container-storage-image-cleanup.adoc

@@ -9,11 +9,7 @@ Configure the minimum threshold for available storage space through annotations.
 
 .Prerequisites
 
-<<<<<<< HEAD
 * You have created an `ImageBasedUpgrade` CR.
-=======
-* Create an `ImageBasedUpgrade` CR.
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 .Procedure
 

modules/dedicated-aws-vpc-verifying-troubleshooting.adoc

@@ -32,7 +32,6 @@ quick and clear output if a connection can be established:
 
 .. Create a temporary pod using the `busybox` image, which cleans up after itself:
 +
-[source,terminal]
 ----
 $ oc run netcat-test \
     --image=busybox -i -t \
@@ -45,7 +44,6 @@ $ oc run netcat-test \
 --
 * Example successful connection results:
 +
-[source,terminal]
 ----
 / nc -zvv 192.168.1.1 8080
 10.181.3.180 (10.181.3.180:8080) open
@@ -54,7 +52,6 @@ sent 0, rcvd 0
 
 * Example failed connection results:
 +
-[source,terminal]
 ----
 / nc -zvv 192.168.1.2 8080
 nc: 10.181.3.180 (10.181.3.180:8081): Connection refused
@@ -64,7 +61,6 @@ sent 0, rcvd 0
 
 .. Exit the container, which automatically deletes the Pod:
 +
-[source,terminal]
 ----
 / exit
 ----

modules/dedicated-aws-vpn-verifying.adoc

@@ -30,7 +30,6 @@ quick and clear output if a connection can be established:
 
 .. Create a temporary pod using the `busybox` image, which cleans up after itself:
 +
-[source,terminal]
 ----
 $ oc run netcat-test \
     --image=busybox -i -t \
@@ -43,7 +42,6 @@ $ oc run netcat-test \
 --
 * Example successful connection results:
 +
-[source,terminal]
 ----
 / nc -zvv 192.168.1.1 8080
 10.181.3.180 (10.181.3.180:8080) open
@@ -52,7 +50,6 @@ sent 0, rcvd 0
 
 * Example failed connection results:
 +
-[source,terminal]
 ----
 / nc -zvv 192.168.1.2 8080
 nc: 10.181.3.180 (10.181.3.180:8081): Connection refused
@@ -62,7 +59,6 @@ sent 0, rcvd 0
 
 .. Exit the container, which automatically deletes the Pod:
 +
-[source,terminal]
 ----
 / exit
 ----

modules/destroy-hc-ibmz-cli.adoc

@@ -6,11 +6,7 @@
 [id="destroy-hc-ibmz-cli_{context}"]
 = Destroying a hosted cluster on x86 bare metal with {ibm-z-title} compute nodes
 
-<<<<<<< HEAD
 To destroy a hosted cluster and its managed cluster on `x86` bare metal with {ibm-z-title} compute nodes, you can use the command-line interface (CLI).
-=======
-You can use the command-line interface (CLI) to destroy a hosted cluster on `x86` bare metal with {ibm-z-title} compute nodes and its managed cluster.
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 .Procedure
 

modules/installing-ocp-agent-ibm-z-zvm.adoc

@@ -8,13 +8,10 @@
 
 Use the following procedure to manually add {ibm-z-name} agents with z/VM.
 Only use this procedure for {ibm-z-name} clusters with z/VM.
-<<<<<<< HEAD
 
 .Prerequisites
 
 * A running file server with access to the guest Virtual Machines.
-=======
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 .Procedure
 

modules/microshift-updates-troubleshooting.adoc

@@ -28,16 +28,10 @@ Check the following update paths:
 
 *{product-title} update paths*
 
-<<<<<<< HEAD
 * Generally Available Version 4.18.0 to 4.18.z on {op-system-base} 9.4
 * Generally Available Version 4.17.1 to 4.17.z on {op-system-base} 9.4
 * Generally Available Version 4.15.0 from {op-system-base} 9.2 to 4.16.0 on {op-system-base} 9.4
 * Generally Available Version 4.14.0 from {op-system-base} 9.2 to 4.15.0 on {op-system-base} 9.4
-=======
-* Generally Available Version 4.16.0 to 4.16.z on {op-system-ostree} 9.4
-* Generally Available Version 4.15.0 from {op-system-base} 9.2 to 4.16.0 on {op-system-base} 9.4
-* Generally Available Version 4.14.0 from {op-system-base} 9.2 to 4.16.0 on {op-system-base} 9.4
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 [id="microshift-ostree-update-failed_{context}"]
 == OSTree update failed

modules/nw-ingress-controller-nodeportservice-projects.adoc

@@ -19,11 +19,7 @@ Before you set a `NodePort`-type `Service` for each project, read the following
 * You installed the {oc-first}.
 * Logged in as a user with `cluster-admin` privileges.
 * You created a wildcard DNS record.
-<<<<<<< HEAD
 // https://docs.openshift.com/container-platform/4.17/networking/ingress-controller-dnsmgt.html (does not detail how to create the DNS)
-=======
-// https://docs.openshift.com/container-platform/4.16/networking/ingress-controller-dnsmgt.html (does not detail how to create the DNS)
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 .Procedure
 

modules/odc-accessing-perspectives.adoc

@@ -13,11 +13,7 @@ You can access the *Administrator* and *Developer* perspective from the web cons
 To access a perspective, ensure that you have logged in to the web console. Your default perspective is automatically determined by the permission of the users. The *Administrator* perspective is selected for users with access to all projects, while the *Developer* perspective is selected for users with limited access to their own projects
 
 .Additional resources
-<<<<<<< HEAD
 See link:https://docs.openshift.com/container-platform/4.17/web_console/adding-user-preferences.html[Adding User Preferences] for more information on changing perspectives.
-=======
-See link:https://docs.openshift.com/container-platform/4.16/web_console/adding-user-preferences.html[Adding User Preferences] for more information on changing perspectives.
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 
 .Procedure

modules/olmv1-installing-an-operator.adoc

@@ -10,14 +10,11 @@
 You can install an extension from a catalog by creating a custom resource (CR) and applying it to the cluster. {olmv1-first} supports installing cluster extensions, including {olmv0} Operators via the `registry+v1` bundle format, that are scoped to the cluster. For more information, see _Supported extensions_.
 
 
-<<<<<<< HEAD
 [IMPORTANT]
 ====
 include::snippets/olmv1-known-issue-private-registries.adoc[]
 ====
 
-=======
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 .Prerequisites
 
 * You have added a catalog to your cluster.

modules/ossm-release-2-5-2.adoc

@@ -25,11 +25,7 @@ This release addresses Common Vulnerabilities and Exposures (CVEs), contains bug
 |Component |Version
 
 |Istio
-<<<<<<< HEAD
 |1.18.7
-=======
-|1.18.5
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 |Envoy Proxy
 |1.26.8

modules/ossm-release-2-5-3.adoc

@@ -16,11 +16,7 @@ This release of {SMProductName} is included with the {SMProductName} Operator 2.
 |Component |Version
 
 |Istio
-<<<<<<< HEAD
 |1.18.7
-=======
-|1.18.5
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 |Envoy Proxy
 |1.26.8

modules/ossm-release-2-6-0.adoc

@@ -18,10 +18,6 @@ This release adds new features, addresses Common Vulnerabilities and Exposures (
 
 This release ends maintenance support for {SMProductName} version 2.3. If you are using {SMProductShortName} version 2.3, you should update to a supported version.
 
-<<<<<<< HEAD
-=======
-include::snippets/ossm-current-version-support-snippet.adoc[]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 //FIPS messaging verified with Matt Werner, CS, OCP on 06/27/2024 via Slack. It is also the same FIPS messaging currently used by Serverless.
 //Per Scott Dodson on 07/15/204 via Slack, confirmed that RHEL 2.9 has been submitted for FIPS validation. Admonition updated accordingly.
 //Per Kirsten Newcomer on 07/16/2024 via Slack, FIPS messaging for Service Mesh has been changed. Jamie (PM) has agreed with change.
@@ -119,20 +115,11 @@ When updating existing instances of the `ServiceMeshControlPlane` resource to {S
 
 {SMProductName} 2.6 is the last release that includes support for {JaegerName} and {es-op}. Both {JaegerShortName} and {es-op} will be removed in the next release. If you are currently using {JaegerShortName} and {es-op}, you need to switch to {TempoName} and {OTELName}.
 
-<<<<<<< HEAD
 //Gateway API Update for 2.6 OSSM-5854 subsequently revised by OSSM-8241
 //Kubernetes Gateway API and {product-title} Gateway API are the same. It is referenced as {product-title} Gateway API in 2.5 and as {product-title} Gateway API here https://docs.openshift.com/container-platform/4.15/nodes/clusters/nodes-cluster-enabling-features.html so to be consistent, it is also referenced as {product-title} Gateway API for 2.6.
 [id="gateway-api-ga-cluster-wide-deployments-ossm-2-6-0_{context}"]
 == Gateway API use is generally available for {SMProductName} cluster-wide deployments
 This release introduces the General Availability for using the Kubernetes Gateway API version 1.0.0 with {SMProductName} 2.6. This API use is limited to {SMProductName}. The Gateway API custom resource definitions (CRDs) are not supported.
-=======
-//Gateway API Update for 2.6 OSSM-5854
-//Kubernetes Gateway API and {product-title} Gateway API are the same. It is referenced as {product-title} Gateway API in 2.5 and as {product-title} Gateway API here https://docs.openshift.com/container-platform/4.15/nodes/clusters/nodes-cluster-enabling-features.html so to be consistent, it is also referenced as {product-title} Gateway API for 2.6.
-[id="gateway-api-ga-cluster-wide-deployments-ossm-2-6-0_{context}"]
-== {product-title} Gateway API generally available for cluster-wide deployments
-//Jacek. Approved 07/11/2024
-This release introduces the General Availability of {product-title} Gateway API, also known as the Kubernetes Gateway API, which is enabled by default only for cluster-wide deployments.
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 Gateway API is now enabled by default if cluster-wide mode is enabled (`spec.mode: ClusterWide`). It can be enabled even if the custom resource definitions (CRDs) are not installed in the cluster.
 

modules/rosa-policy-security-and-compliance.adoc

@@ -118,8 +118,4 @@ to ensure application and data security controls are properly
 enforced.
 - Use IAM tools to apply the appropriate permissions to AWS
 resources in the customer account.
-|===
-
-.Additional resources
-
-* For more information about customer or shared responsibilities, see the xref:../../rosa_architecture/rosa_policy_service_definition/rosa-policy-process-security.adoc#rosa-policy-process-security[ROSA Security] document.
+|===

modules/rosa-sdpolicy-instance-types.adoc

@@ -13,11 +13,7 @@ endif::[]
 = Instance types
 
 ifdef::rosa-with-hcp[]
-<<<<<<< HEAD
 All {hcp-title} clusters require a minimum of 2 worker nodes. Shutting down the underlying infrastructure through the cloud provider console is unsupported and can lead to data loss.
-=======
-All {hcp-title} clusters require a minimum of 2 worker nodes. All {hcp-title} clusters support a maximum of 250 worker nodes. Shutting down the underlying infrastructure through the cloud provider console is unsupported and can lead to data loss.
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 endif::rosa-with-hcp[]
 ifndef::rosa-with-hcp[]
 Single availability zone clusters require a minimum of 3 control plane nodes, 2 infrastructure nodes, and 2 worker nodes deployed to a single availability zone.

modules/sd-hcp-planning-cluster-maximums.adoc

@@ -8,19 +8,11 @@
 
 Consider the following tested object maximums when you plan a {hcp-title-first} cluster installation. The table specifies the maximum limits for each tested type in a {hcp-title} cluster.
 
-<<<<<<< HEAD
 These guidelines are based on a cluster of 500 compute (also known as worker) nodes. For smaller clusters, the maximums are lower.
 
 [NOTE]
 ====
 Customers running {hcp-title} 4.14.x and 4.15.x clusters require a minimum z-stream version of 4.14.28 or 4.15.15 and greater to scale to 500 worker nodes. For earlier versions, the maximum is 90 worker nodes. 
-=======
-These guidelines are based on a cluster of 250 compute (also known as worker) nodes. For smaller clusters, the maximums are lower.
-
-[NOTE]
-====
-Customers running {hcp-title} 4.14.x and 4.15.x clusters require a minimum z-stream version of 4.14.28 or 4.15.15 and greater to scale to 250 worker nodes. For earlier versions, the maximum is 90 worker nodes. 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 ====
 
 .Tested cluster maximums

modules/telco-ran-crs-cluster-tuning.adoc

@@ -18,13 +18,5 @@ Disconnected registry,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs
 Disconnected registry,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-disconnectedicsp-yaml[DisconnectedICSP.yaml],No,No
 Disconnected registry,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-operatorhub-yaml[OperatorHub.yaml],"OperatorHub is required for {sno} and optional for multi-node clusters",No
 Monitoring configuration,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-reducemonitoringfootprint-yaml[ReduceMonitoringFootprint.yaml],No,No
-<<<<<<< HEAD
 Network diagnostics disable,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-disablesnonetworkdiag-yaml[DisableSnoNetworkDiag.yaml],No,No
-=======
-OperatorHub,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-09-openshift-marketplace-ns-yaml[09-openshift-marketplace-ns.yaml],No,No
-OperatorHub,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-defaultcatsrc-yaml[DefaultCatsrc.yaml],No,No
-OperatorHub,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-disableolmpprof-yaml[DisableOLMPprof.yaml],No,No
-OperatorHub,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-disconnectedicsp-yaml[DisconnectedICSP.yaml],No,No
-OperatorHub,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-operatorhub-yaml[OperatorHub.yaml],Yes,No
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 |====

modules/telco-ran-crs-day-2-operators.adoc

@@ -17,23 +17,15 @@ Cluster logging,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#
 Cluster logging,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-clusterlogserviceaccountauditbinding-yaml[ClusterLogServiceAccountAuditBinding.yaml],No,Yes
 Cluster logging,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-clusterlogserviceaccountinfrastructurebinding-yaml[ClusterLogServiceAccountInfrastructureBinding.yaml],No,Yes
 Cluster logging,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-clusterlogsubscription-yaml[ClusterLogSubscription.yaml],No,No
-<<<<<<< HEAD
 LifeCycle Agent Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-imagebasedupgrade-yaml[ImageBasedUpgrade.yaml],Yes,No
 LifeCycle Agent Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-lcasubscription-yaml[LcaSubscription.yaml],Yes,No
 LifeCycle Agent Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-lcasubscriptionns-yaml[LcaSubscriptionNS.yaml],Yes,No
 LifeCycle Agent Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-lcasubscriptionopergroup-yaml[LcaSubscriptionOperGroup.yaml],Yes,No
-=======
-Lifecycle Agent ,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-imagebasedupgrade-yaml[ImageBasedUpgrade.yaml],Yes,Yes
-Lifecycle Agent ,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-lcasubscription-yaml[LcaSubscription.yaml],Yes,Yes
-Lifecycle Agent ,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-lcasubscriptionns-yaml[LcaSubscriptionNS.yaml],Yes,Yes
-Lifecycle Agent ,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-lcasubscriptionopergroup-yaml[LcaSubscriptionOperGroup.yaml],Yes,Yes
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 Local Storage Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-storageclass-yaml[StorageClass.yaml],Yes,No
 Local Storage Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-storagelv-yaml[StorageLV.yaml],Yes,No
 Local Storage Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-storagens-yaml[StorageNS.yaml],Yes,No
 Local Storage Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-storageopergroup-yaml[StorageOperGroup.yaml],Yes,No
 Local Storage Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-storagesubscription-yaml[StorageSubscription.yaml],Yes,No
-<<<<<<< HEAD
 LVM Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-lvmoperatorstatus-yaml[LVMOperatorStatus.yaml],Yes,No
 LVM Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-storagelvmcluster-yaml[StorageLVMCluster.yaml],Yes,No
 LVM Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-storagelvmsubscription-yaml[StorageLVMSubscription.yaml],Yes,No
@@ -48,23 +40,6 @@ PTP fast event notifications,xref:../../telco_ref_design_specs/ran/telco-ran-ref
 PTP Operator - high availability,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpconfigboundary-yaml[PtpConfigBoundary.yaml],No,No
 PTP Operator - high availability,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpconfigforha-yaml[PtpConfigForHA.yaml],No,No
 PTP Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpconfigdualcardgmwpc-yaml[PtpConfigDualCardGmWpc.yaml],No,No
-=======
-LVM Storage,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-lvmoperatorstatus-yaml[LVMOperatorStatus.yaml],No,Yes
-LVM Storage,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-storagelvmcluster-yaml[StorageLVMCluster.yaml],No,Yes
-LVM Storage,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-storagelvmsubscription-yaml[StorageLVMSubscription.yaml],No,Yes
-LVM Storage,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-storagelvmsubscriptionns-yaml[StorageLVMSubscriptionNS.yaml],No,Yes
-LVM Storage,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-storagelvmsubscriptionopergroup-yaml[StorageLVMSubscriptionOperGroup.yaml],No,Yes
-Node Tuning Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-performanceprofile-yaml[PerformanceProfile.yaml],No,No
-Node Tuning Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-tunedperformancepatch-yaml[TunedPerformancePatch.yaml],No,No
-PTP fast event notifications,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpconfigboundaryforevent-yaml[PtpConfigBoundaryForEvent.yaml],Yes,Yes
-PTP fast event notifications,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpconfigforhaforevent-yaml[PtpConfigForHAForEvent.yaml],Yes,Yes
-PTP fast event notifications,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpconfigmasterforevent-yaml[PtpConfigMasterForEvent.yaml],Yes,Yes
-PTP fast event notifications,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpconfigslaveforevent-yaml[PtpConfigSlaveForEvent.yaml],Yes,Yes
-PTP fast event notifications,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpoperatorconfigforevent-yaml[PtpOperatorConfigForEvent.yaml],Yes,No
-PTP Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpconfigboundary-yaml[PtpConfigBoundary.yaml],No,No
-PTP Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpconfigdualcardgmwpc-yaml[PtpConfigDualCardGmWpc.yaml],No,No
-PTP Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpconfigforha-yaml[PtpConfigForHA.yaml],No,Yes
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 PTP Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpconfiggmwpc-yaml[PtpConfigGmWpc.yaml],No,No
 PTP Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpconfigslave-yaml[PtpConfigSlave.yaml],No,No
 PTP Operator,xref:../../telco_ref_design_specs/ran/telco-ran-ref-du-crs.adoc#ztp-ptpoperatorconfig-yaml[PtpOperatorConfig.yaml],No,No

modules/telco-ran-yaml-ref-cluster-tuning.adoc

@@ -27,13 +27,6 @@ include::snippets/ztp_ConsoleOperatorDisable.yaml[]
 include::snippets/ztp_09-openshift-marketplace-ns.yaml[]
 ----
 
-[id="ztp-09-openshift-marketplace-ns-yaml"]
-.09-openshift-marketplace-ns.yaml
-[source,yaml]
-----
-include::snippets/ztp_09-openshift-marketplace-ns.yaml[]
-----
-
 [id="ztp-defaultcatsrc-yaml"]
 .DefaultCatsrc.yaml
 [source,yaml]
@@ -62,7 +55,6 @@ include::snippets/ztp_DisconnectedICSP.yaml[]
 include::snippets/ztp_OperatorHub.yaml[]
 ----
 
-<<<<<<< HEAD
 [id="ztp-reducemonitoringfootprint-yaml"]
 .ReduceMonitoringFootprint.yaml
 [source,yaml]
@@ -76,5 +68,3 @@ include::snippets/ztp_ReduceMonitoringFootprint.yaml[]
 ----
 include::snippets/ztp_DisableSnoNetworkDiag.yaml[]
 ----
-=======
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)

modules/telco-ran-yaml-ref-day-2-operators.adoc

@@ -202,16 +202,6 @@ include::snippets/ztp_PtpConfigSlaveForEvent.yaml[]
 include::snippets/ztp_PtpConfigBoundary.yaml[]
 ----
 
-<<<<<<< HEAD
-=======
-[id="ztp-ptpconfigdualcardgmwpc-yaml"]
-.PtpConfigDualCardGmWpc.yaml
-[source,yaml]
-----
-include::snippets/ztp_PtpConfigDualCardGmWpc.yaml[]
-----
-
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 [id="ztp-ptpconfigforha-yaml"]
 .PtpConfigForHA.yaml
 [source,yaml]
@@ -219,7 +209,6 @@ include::snippets/ztp_PtpConfigDualCardGmWpc.yaml[]
 include::snippets/ztp_PtpConfigForHA.yaml[]
 ----
 
-<<<<<<< HEAD
 [id="ztp-ptpconfigdualcardgmwpc-yaml"]
 .PtpConfigDualCardGmWpc.yaml
 [source,yaml]
@@ -227,8 +216,6 @@ include::snippets/ztp_PtpConfigForHA.yaml[]
 include::snippets/ztp_PtpConfigDualCardGmWpc.yaml[]
 ----
 
-=======
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 [id="ztp-ptpconfiggmwpc-yaml"]
 .PtpConfigGmWpc.yaml
 [source,yaml]

nodes/index.adoc

@@ -34,11 +34,18 @@ image::295_OpenShift_Nodes_Overview_1222.png[Overview of control plane and worke
 
 The read operations allow an administrator or a developer to get information about nodes in an {product-title} cluster.
 
+ifdef::openshift-rosa-hcp[]
+* List all the nodes in a cluster.
+* Get information about a node, such as memory and CPU usage, health, status, and age.
+* List pods running on a node.
+ifndef::openshift-rosa-hcp[]
+ifndef::openshift-rosa-hcp[]
 * xref:../nodes/nodes/nodes-nodes-viewing.adoc#nodes-nodes-viewing-listing_nodes-nodes-viewing[List all the nodes in a cluster].
 * Get information about a node, such as memory and CPU usage, health, status, and age.
 * xref:../nodes/nodes/nodes-nodes-viewing.adoc#nodes-nodes-viewing-listing-pods_nodes-nodes-viewing[List pods running on a node].
+ifndef::openshift-rosa-hcp[]
 
-ifndef::openshift-rosa,openshift-dedicated[]
+ifndef::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[]
 [discrete]
 === Management operations
 
@@ -52,28 +59,36 @@ through several tasks:
 * xref:../nodes/nodes/nodes-nodes-managing-max-pods.adoc#nodes-nodes-managing-max-pods-proc_nodes-nodes-managing-max-pods[Configure the number of pods that can run on a node] based on the number of processor cores on the node, a hard limit, or both.
 * Reboot a node gracefully using xref:../nodes/nodes/nodes-nodes-rebooting.adoc#nodes-nodes-rebooting-affinity_nodes-nodes-rebooting[pod anti-affinity].
 * xref:../nodes/nodes/nodes-nodes-working.adoc#deleting-nodes[Delete a node from a cluster] by scaling down the cluster using a compute machine set. To delete a node from a bare-metal cluster, you must first drain all pods on the node and then manually delete the node.
-endif::openshift-rosa,openshift-dedicated[]
+endif::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[]
 
 [discrete]
 === Enhancement operations
 
 {product-title} allows you to do more than just access and manage nodes; as an administrator, you can perform the following tasks on nodes to make the cluster more efficient, application-friendly, and to provide a better environment for your developers.
 
+ifndef::openshift-rosa-hcp[]
+* Manage node-level tuning for high-performance applications that require some level of kernel tuning by using the Node Tuning Operator.
+* Run background tasks on nodes automatically with daemon sets. You can create and use daemon sets to create shared storage, run a logging pod on every node, or deploy a monitoring agent on all nodes.
+endif::openshift-rosa-hcp[]
+ifndef::openshift-rosa-hcp[]
 * Manage node-level tuning for high-performance applications that require some level of kernel tuning by xref:../nodes/nodes/nodes-node-tuning-operator.adoc#nodes-node-tuning-operator[using the Node Tuning Operator].
 ifndef::openshift-rosa,openshift-dedicated[]
-=======
-ifndef::openshift-enterprise,openshift-rosa-hcp,openshift-rosa[]
-xref:../nodes/nodes/nodes-node-tuning-operator.adoc#nodes-node-tuning-operator[using the Node Tuning Operator].
+* Enable TLS security profiles on the node to protect communication between the kubelet and the Kubernetes API server.
+endif::openshift-rosa,openshift-dedicated[]
+* xref:../nodes/jobs/nodes-pods-daemonsets.adoc#nodes-pods-daemonsets[Run background tasks on nodes automatically with daemon sets]. You can create and use daemon sets to create shared storage, run a logging pod on every node, or deploy a monitoring agent on all nodes.
+ifndef::openshift-rosa,openshift-dedicated[]
 * xref:../nodes/nodes/nodes-nodes-garbage-collection.adoc#nodes-nodes-garbage-collection[Free node resources using garbage collection]. You can ensure that your nodes are running efficiently by removing terminated containers and the images not referenced by any running pods.
 * xref:../nodes/nodes/nodes-nodes-managing.adoc#nodes-nodes-kernel-arguments_nodes-nodes-managing[Add kernel arguments to a set of nodes].
 * Configure an {product-title} cluster to have worker nodes at the network edge (remote worker nodes). For information on the challenges of having remote worker nodes in an {product-title} cluster and some recommended approaches for managing pods on a remote worker node, see xref:../nodes/edge/nodes-edge-remote-workers.adoc#nodes-edge-remote-workers[Using remote worker nodes at the network edge].
 endif::openshift-rosa,openshift-dedicated[]
+endif::openshift-rosa-hcp[]
 
 [id="pods-overview"]
 == About pods
 
 A pod is one or more containers deployed together on a node. As a cluster administrator, you can define a pod, assign it to run on a healthy node that is ready for scheduling, and manage. A pod runs as long as the containers are running. You cannot change a pod once it is defined and is running. Some operations you can perform when working with pods are:
 
+ifndef::openshift-rosa-hcp[]
 [discrete]
 === Read operations
 
@@ -81,12 +96,23 @@ As an administrator, you can get information about pods in a project through the
 
 * xref:../nodes/pods/nodes-pods-viewing.adoc#nodes-pods-viewing-project_nodes-pods-viewing[List pods associated with a project], including information such as the number of replicas and restarts, current status, and age.
 * xref:../nodes/pods/nodes-pods-viewing.adoc#nodes-pods-viewing-usage_nodes-pods-viewing[View pod usage statistics] such as CPU, memory, and storage consumption.
+endif::openshift-rosa-hcp[]
 
 [discrete]
 === Management operations
 
 The following list of tasks provides an overview of how an administrator can manage pods in an {product-title} cluster.
 
+ifdef::openshift-rosa-hcp[]
+* Control scheduling of pods using the advanced scheduling features available in {product-title}:
+** Node-to-pod binding rules such as pod affinity, node affinity, and anti-affinity.
+** Node labels and selectors.
+** Pod topology spread constraints.
+* Configure how pods behave after a restart using pod controllers and restart policies.
+* Limit both egress and ingress traffic on a pod.
+* Add and remove volumes to and from any object that has a pod template. A volume is a mounted file system available to all the containers in a pod. Container storage is ephemeral; you can use volumes to persist container data.
+endif::openshift-rosa-hcp[]
+ifndef::openshift-rosa-hcp[]
 * Control scheduling of pods using the advanced scheduling features available in {product-title}:
 ** Node-to-pod binding rules such as xref:../nodes/scheduling/nodes-scheduler-pod-affinity.adoc#nodes-scheduler-pod-affinity-example-affinity_nodes-scheduler-pod-affinity[pod affinity], xref:../nodes/scheduling/nodes-scheduler-node-affinity.adoc#nodes-scheduler-node-affinity[node affinity], and xref:../nodes/scheduling/nodes-scheduler-pod-affinity.adoc#nodes-scheduler-pod-anti-affinity-configuring_nodes-scheduler-pod-affinity[anti-affinity].
 ** xref:../nodes/scheduling/nodes-scheduler-node-selectors.adoc#nodes-scheduler-node-selectors[Node labels and selectors].
@@ -102,13 +128,14 @@ endif::openshift-rosa,openshift-dedicated[]
 * xref:../nodes/pods/nodes-pods-configuring.adoc#nodes-pods-configuring-restart_nodes-pods-configuring[Configure how pods behave after a restart using pod controllers and restart policies].
 * xref:../nodes/pods/nodes-pods-configuring.adoc#nodes-pods-configuring-bandwidth_nodes-pods-configuring[Limit both egress and ingress traffic on a pod].
 * xref:../nodes/containers/nodes-containers-volumes.adoc#nodes-containers-volumes[Add and remove volumes to and from any object that has a pod template]. A volume is a mounted file system available to all the containers in a pod. Container storage is ephemeral; you can use volumes to persist container data.
+endif::openshift-rosa-hcp[]
 
 [discrete]
 === Enhancement operations
 
 You can work with pods more easily and efficiently with the help of various tools and features available in {product-title}. The following operations involve using those tools and features to better manage pods.
 
-ifndef::openshift-rosa,openshift-dedicated[]
+ifndef::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[]
 [cols="2,1,2"]
 |===
 |Operation |User |More information
@@ -133,7 +160,7 @@ As a developer, use a vertical pod autoscaler to ensure your pods stay up during
 
 
 |===
-endif::openshift-rosa,openshift-dedicated[]
+endif::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[]
 ifdef::openshift-rosa,openshift-dedicated[]
 * Secrets: Some applications need sensitive information, such as passwords and usernames. An administrator can use the `Secret` object to provide sensitive data to pods xref:../nodes/pods/nodes-pods-secrets.adoc#nodes-pods-secrets[using the `Secret` object].
 endif::openshift-rosa,openshift-dedicated[]
@@ -143,6 +170,18 @@ endif::openshift-rosa,openshift-dedicated[]
 
 A container is the basic unit of an {product-title} application, which comprises the application code packaged along with its dependencies, libraries, and binaries. Containers provide consistency across environments and multiple deployment targets: physical servers, virtual machines (VMs), and private or public cloud.
 
+ifdef::openshift-rosa-hcp[]
+Linux container technologies are lightweight mechanisms for isolating running processes and limiting access to only designated resources.
+As an administrator, You can perform various tasks on a Linux container, such as:
+
+* Copy files to and from a container.
+* Allow containers to consume API objects.
+* Execute remote commands in a container.
+* Use port forwarding to access applications in a container.
+
+{product-title} provides specialized containers called Init containers. Init containers run before application containers and can contain utilities or setup scripts not present in an application image. You can use an Init container to perform tasks before the rest of a pod is deployed.
+endif::openshift-rosa-hcp[]
+ifndef::openshift-rosa-hcp[]
 Linux container technologies are lightweight mechanisms for isolating running processes and limiting access to only designated resources.
 As an administrator, You can perform various tasks on a Linux container, such as:
 
@@ -152,12 +191,13 @@ As an administrator, You can perform various tasks on a Linux container, such as
 * xref:../nodes/containers/nodes-containers-port-forwarding.adoc#nodes-containers-port-forwarding[Use port forwarding to access applications in a container].
 
 {product-title} provides specialized containers called xref:../nodes/containers/nodes-containers-init.adoc#nodes-containers-init[Init containers]. Init containers run before application containers and can contain utilities or setup scripts not present in an application image. You can use an Init container to perform tasks before the rest of a pod is deployed.
+endif::openshift-rosa-hcp[]
 
 Apart from performing specific tasks on nodes, pods, and containers, you can work with the overall {product-title} cluster to keep the cluster efficient and the application pods highly available.
 
 
 //cannot create the required namespace for these operators
-ifndef::openshift-rosa,openshift-dedicated[]
+ifndef::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[]
 [id="nodes-about-autoscaling-pod_{context}"]
 == About autoscaling pods on a node
 
@@ -177,7 +217,7 @@ Vertical Pod Autoscaler::
 The Vertical Pod Autoscaler (VPA) can automatically review the historic and current CPU and memory resources for containers in pods and can update the resource limits and requests based on the usage values it learns.
 +
 For more information, see xref:../nodes/pods/nodes-pods-vertical-autoscaler.adoc#nodes-pods-vpa[Automatically adjust pod resource levels with the vertical pod autoscaler].
-endif::openshift-rosa,openshift-dedicated[]
+endif::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[]
 
 [id="commonterms-node"]
 == Glossary of common terms for {product-title} nodes

operators/admin/olm-restricted-networks.adoc

@@ -20,4 +20,4 @@ This guide describes the following process that is required to enable OLM in dis
 
 After enabling OLM in a disconnected environment, you can continue to use your unrestricted workstation to keep your local OperatorHub sources updated as newer versions of Operators are released.
 
-For more information, see xref:../../disconnected/using-olm.adoc#olm-restricted-networks[Using Operator Lifecycle Manager in disconnected environments] in the Disconnected environments section.
+For more information, see xref:../../disconnected/using-olm.adoc#olm-restricted-networks[Using Operator Lifecycle Manager in disconnected environments] in the Disconnected environments section.

rest_api/objects/index.adoc

@@ -1818,21 +1818,12 @@ Type::
 | Property | Type | Description
 
 | `owned`
-<<<<<<< HEAD
 | `array (APIServiceDescription)`
 |
 
 | `required`
 | `array (APIServiceDescription)`
 |
-=======
-| xref:../objects/index.adoc#com-github-operator-framework-api-pkg-operators-v1alpha1-APIServiceDescription[`array (APIServiceDescription)`]
-| 
-
-| `required`
-| xref:../objects/index.adoc#com-github-operator-framework-api-pkg-operators-v1alpha1-APIServiceDescription[`array (APIServiceDescription)`]
-| 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 |===
 
@@ -1860,21 +1851,12 @@ Type::
 | Property | Type | Description
 
 | `owned`
-<<<<<<< HEAD
 | `array (CRDDescription)`
 |
 
 | `required`
 | `array (CRDDescription)`
 |
-=======
-| xref:../objects/index.adoc#com-github-operator-framework-api-pkg-operators-v1alpha1-CRDDescription[`array (CRDDescription)`]
-| 
-
-| `required`
-| xref:../objects/index.adoc#com-github-operator-framework-api-pkg-operators-v1alpha1-CRDDescription[`array (CRDDescription)`]
-| 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 |===
 
@@ -1949,11 +1931,7 @@ Required::
 
 | `metadata`
 | xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-ListMeta[`ListMeta`]
-<<<<<<< HEAD
 |
-=======
-| 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 |===
 
@@ -2609,11 +2587,7 @@ Required::
 
 | `metadata`
 | xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-ListMeta[`ListMeta`]
-<<<<<<< HEAD
 |
-=======
-| 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 |===
 
@@ -2768,11 +2742,7 @@ Type::
 | defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
 
 | `items`
-<<<<<<< HEAD
 | `array (KeyToPath)`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-KeyToPath[`array (KeyToPath)`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
 
 | `name`
@@ -2817,11 +2787,7 @@ Required::
 | fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.
 
 | `nodePublishSecretRef`
-<<<<<<< HEAD
 | xref:../objects/index.adoc#io-k8s-api-core-v1-LocalObjectReference_v2[`LocalObjectReference`]
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-LocalObjectReference[`LocalObjectReference`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and  may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.
 
 | `readOnly`
@@ -2907,11 +2873,7 @@ Required::
 | Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
 
 | `valueFrom`
-<<<<<<< HEAD
 | `EnvVarSource`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-EnvVarSource[`EnvVarSource`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Source for the environment variable's value. Cannot be used if value is not empty.
 
 |===
@@ -3082,11 +3044,7 @@ Required::
 
 | `lastTransitionTime`
 | xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-Time[`Time`]
-<<<<<<< HEAD
 |
-=======
-| 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 | `message`
 | `string`
@@ -3747,7 +3705,6 @@ Type::
 | accessModes contains all ways the volume can be mounted. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
 
 | `awsElasticBlockStore`
-<<<<<<< HEAD
 | `AWSElasticBlockStoreVolumeSource`
 | awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
 
@@ -3757,17 +3714,6 @@ Type::
 
 | `azureFile`
 | `AzureFilePersistentVolumeSource`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-AWSElasticBlockStoreVolumeSource[`AWSElasticBlockStoreVolumeSource`]
-| awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
-
-| `azureDisk`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-AzureDiskVolumeSource[`AzureDiskVolumeSource`]
-| azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
-
-| `azureFile`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-AzureFilePersistentVolumeSource[`AzureFilePersistentVolumeSource`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | azureFile represents an Azure File Service mount on the host and bind mount to the pod.
 
 | `capacity`
@@ -3775,19 +3721,11 @@ Type::
 | capacity is the description of the persistent volume's resources and capacity. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity
 
 | `cephfs`
-<<<<<<< HEAD
 | `CephFSPersistentVolumeSource`
 | cephFS represents a Ceph FS mount on the host that shares a pod's lifetime
 
 | `cinder`
 | `CinderPersistentVolumeSource`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-CephFSPersistentVolumeSource[`CephFSPersistentVolumeSource`]
-| cephFS represents a Ceph FS mount on the host that shares a pod's lifetime
-
-| `cinder`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-CinderPersistentVolumeSource[`CinderPersistentVolumeSource`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md
 
 | `claimRef`
@@ -3795,7 +3733,6 @@ Type::
 | claimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
 
 | `csi`
-<<<<<<< HEAD
 | `CSIPersistentVolumeSource`
 | csi represents storage that is handled by an external CSI driver (Beta feature).
 
@@ -3829,41 +3766,6 @@ Type::
 
 | `local`
 | `LocalVolumeSource`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-CSIPersistentVolumeSource[`CSIPersistentVolumeSource`]
-| csi represents storage that is handled by an external CSI driver (Beta feature).
-
-| `fc`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-FCVolumeSource[`FCVolumeSource`]
-| fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.
-
-| `flexVolume`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-FlexPersistentVolumeSource[`FlexPersistentVolumeSource`]
-| flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.
-
-| `flocker`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-FlockerVolumeSource[`FlockerVolumeSource`]
-| flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running
-
-| `gcePersistentDisk`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-GCEPersistentDiskVolumeSource[`GCEPersistentDiskVolumeSource`]
-| gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
-
-| `glusterfs`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-GlusterfsPersistentVolumeSource[`GlusterfsPersistentVolumeSource`]
-| glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md
-
-| `hostPath`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-HostPathVolumeSource[`HostPathVolumeSource`]
-| hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
-
-| `iscsi`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-ISCSIPersistentVolumeSource[`ISCSIPersistentVolumeSource`]
-| iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.
-
-| `local`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-LocalVolumeSource[`LocalVolumeSource`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | local represents directly-attached storage with node affinity
 
 | `mountOptions`
@@ -3871,19 +3773,11 @@ Type::
 | mountOptions is the list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply fail if one is invalid. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
 
 | `nfs`
-<<<<<<< HEAD
 | `NFSVolumeSource`
 | nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
 
 | `nodeAffinity`
 | `VolumeNodeAffinity`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-NFSVolumeSource[`NFSVolumeSource`]
-| nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
-
-| `nodeAffinity`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-VolumeNodeAffinity[`VolumeNodeAffinity`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume.
 
 | `persistentVolumeReclaimPolicy`
@@ -3896,7 +3790,6 @@ Possible enum values:
  - `"Retain"` means the volume will be left in its current phase (Released) for manual reclamation by the administrator. The default policy is Retain.
 
 | `photonPersistentDisk`
-<<<<<<< HEAD
 | `PhotonPersistentDiskVolumeSource`
 | photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine
 
@@ -3914,25 +3807,6 @@ Possible enum values:
 
 | `scaleIO`
 | `ScaleIOPersistentVolumeSource`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-PhotonPersistentDiskVolumeSource[`PhotonPersistentDiskVolumeSource`]
-| photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine
-
-| `portworxVolume`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-PortworxVolumeSource[`PortworxVolumeSource`]
-| portworxVolume represents a portworx volume attached and mounted on kubelets host machine
-
-| `quobyte`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-QuobyteVolumeSource[`QuobyteVolumeSource`]
-| quobyte represents a Quobyte mount on the host that shares a pod's lifetime
-
-| `rbd`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-RBDPersistentVolumeSource[`RBDPersistentVolumeSource`]
-| rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md
-
-| `scaleIO`
-| xref:../objects/index.adoc#io-k8s-api-core-v1-ScaleIOPersistentVolumeSource[`ScaleIOPersistentVolumeSource`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.
 
 | `storageClassName`
@@ -3940,11 +3814,7 @@ Possible enum values:
 | storageClassName is the name of StorageClass to which this persistent volume belongs. Empty value means that this volume does not belong to any StorageClass.
 
 | `storageos`
-<<<<<<< HEAD
 | `StorageOSPersistentVolumeSource`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-StorageOSPersistentVolumeSource[`StorageOSPersistentVolumeSource`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md
 
 | `volumeAttributesClassName`
@@ -3960,11 +3830,7 @@ Possible enum values:
  - `"Filesystem"` means the volume will be or is formatted with a filesystem.
 
 | `vsphereVolume`
-<<<<<<< HEAD
 | `VsphereVirtualDiskVolumeSource`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-VsphereVirtualDiskVolumeSource[`VsphereVirtualDiskVolumeSource`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine
 
 |===
@@ -4077,11 +3943,7 @@ Type::
 | Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
 
 | `spec`
-<<<<<<< HEAD
 | `PodSpec`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-PodSpec[`PodSpec`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
 
 |===
@@ -4194,11 +4056,7 @@ Type::
 | hard is the set of desired hard limits for each named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/
 
 | `scopeSelector`
-<<<<<<< HEAD
 | `ScopeSelector_v2`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-ScopeSelector_v2[`ScopeSelector_v2`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota but expressed using ScopeSelectorOperator in combination with possible values. For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched.
 
 | `scopes`
@@ -4260,11 +4118,7 @@ Type::
 | Property | Type | Description
 
 | `claims`
-<<<<<<< HEAD
 | `array (ResourceClaim)`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-ResourceClaim[`array (ResourceClaim)`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.
 
 This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.
@@ -4401,11 +4255,7 @@ Type::
 | defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
 
 | `items`
-<<<<<<< HEAD
 | `array (KeyToPath)`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-KeyToPath[`array (KeyToPath)`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
 
 | `optional`
@@ -4574,11 +4424,7 @@ Type::
 | Property | Type | Description
 
 | `matchLabelExpressions`
-<<<<<<< HEAD
 | `array (TopologySelectorLabelRequirement)`
-=======
-| xref:../objects/index.adoc#io-k8s-api-core-v1-TopologySelectorLabelRequirement[`array (TopologySelectorLabelRequirement)`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | A list of topology selector requirements by labels.
 
 |===
@@ -5012,11 +4858,7 @@ Type::
 | Property | Type | Description
 
 | `clusterRoleSelectors`
-<<<<<<< HEAD
 | `array (LabelSelector_v3)`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-LabelSelector_v3[`array (LabelSelector_v3)`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. If any of the selectors match, then the ClusterRole's permissions will be added
 
 |===
@@ -5502,7 +5344,6 @@ Type::
 |
 
 | `additionalItems`
-<<<<<<< HEAD
 | ``
 |
 
@@ -5520,63 +5361,27 @@ Type::
 
 | `default`
 | `JSON`
-=======
-| xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSONSchemaPropsOrBool[``]
-| 
-
-| `additionalProperties`
-| xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSONSchemaPropsOrBool[``]
-| 
-
-| `allOf`
-| xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSONSchemaProps[`array (undefined)`]
-| 
-
-| `anyOf`
-| xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSONSchemaProps[`array (undefined)`]
-| 
-
-| `default`
-| xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSON[`JSON`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | default is a default value for undefined object fields. Defaulting is a beta feature under the CustomResourceDefaulting feature gate. Defaulting requires spec.preserveUnknownFields to be false.
 
 | `definitions`
 | xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSONSchemaProps[`object (undefined)`]
-<<<<<<< HEAD
 |
 
 | `dependencies`
 | `object (undefined)`
 |
-=======
-| 
-
-| `dependencies`
-| xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSONSchemaPropsOrStringArray[`object (undefined)`]
-| 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 | `description`
 | `string`
 |
 
 | `enum`
-<<<<<<< HEAD
 | `array (JSON)`
 |
 
 | `example`
 | `JSON`]
 |
-=======
-| xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSON[`array (JSON)`]
-| 
-
-| `example`
-| xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSON[`JSON`]
-| 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 | `exclusiveMaximum`
 | `boolean`
@@ -5587,13 +5392,8 @@ Type::
 |
 
 | `externalDocs`
-<<<<<<< HEAD
 | `ExternalDocumentation`
 |
-=======
-| xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-ExternalDocumentation[`ExternalDocumentation`]
-| 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 | `format`
 | `string`
@@ -5606,13 +5406,8 @@ Type::
 |
 
 | `items`
-<<<<<<< HEAD
 | ``
 |
-=======
-| xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSONSchemaPropsOrArray[``]
-| 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 | `maxItems`
 | `integer`
@@ -5652,11 +5447,7 @@ Type::
 
 | `not`
 | xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSONSchemaProps[``]
-<<<<<<< HEAD
 |
-=======
-| 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 | `nullable`
 | `boolean`
@@ -5664,11 +5455,7 @@ Type::
 
 | `oneOf`
 | xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSONSchemaProps[`array (undefined)`]
-<<<<<<< HEAD
 |
-=======
-| 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 | `pattern`
 | `string`
@@ -5676,19 +5463,11 @@ Type::
 
 | `patternProperties`
 | xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSONSchemaProps[`object (undefined)`]
-<<<<<<< HEAD
 |
 
 | `properties`
 | xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSONSchemaProps[`object (undefined)`]
 |
-=======
-| 
-
-| `properties`
-| xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-JSONSchemaProps[`object (undefined)`]
-| 
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 | `required`
 | `array (string)`
@@ -5764,11 +5543,7 @@ Defaults to atomic for arrays.
 | x-kubernetes-preserve-unknown-fields stops the API server decoding step from pruning fields which are not specified in the validation schema. This affects fields recursively, but switches back to normal pruning behaviour if nested properties or additionalProperties are specified in the schema. This can either be true or undefined. False is forbidden.
 
 | `x-kubernetes-validations`
-<<<<<<< HEAD
 | `array (ValidationRule)`
-=======
-| xref:../objects/index.adoc#io-k8s-apiextensions-apiserver-pkg-apis-apiextensions-v1-ValidationRule[`array (ValidationRule)`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | x-kubernetes-validations describes a list of validation rules written in the CEL expression language. This field is an alpha-level. Using this field requires the feature gate `CustomResourceValidationExpressions` to be enabled.
 
 |===
@@ -5919,11 +5694,7 @@ Type::
 | Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
 
 | `preconditions`
-<<<<<<< HEAD
 | `Preconditions`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-Preconditions[`Preconditions`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.
 
 | `propagationPolicy`
@@ -6008,11 +5779,7 @@ Type::
 | Property | Type | Description
 
 | `matchExpressions`
-<<<<<<< HEAD
 | `array (LabelSelectorRequirement)`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-LabelSelectorRequirement[`array (LabelSelectorRequirement)`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | matchExpressions is a list of label selector requirements. The requirements are ANDed.
 
 | `matchLabels`
@@ -6043,11 +5810,7 @@ Type::
 | Property | Type | Description
 
 | `matchExpressions`
-<<<<<<< HEAD
 | `array (LabelSelectorRequirement_v2)`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-LabelSelectorRequirement_v2[`array (LabelSelectorRequirement_v2)`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | matchExpressions is a list of label selector requirements. The requirements are ANDed.
 
 | `matchLabels`
@@ -6172,11 +5935,7 @@ Applied only if Name is not specified. More info: https://git.k8s.io/community/c
 | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels
 
 | `managedFields`
-<<<<<<< HEAD
 | `array (ManagedFieldsEntry)`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-ManagedFieldsEntry[`array (ManagedFieldsEntry)`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
 
 | `name`
@@ -6190,11 +5949,7 @@ Applied only if Name is not specified. More info: https://git.k8s.io/community/c
 Must be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces
 
 | `ownerReferences`
-<<<<<<< HEAD
 | `array (OwnerReference)`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-OwnerReference[`array (OwnerReference)`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
 
 | `resourceVersion`
@@ -6277,11 +6032,7 @@ Applied only if Name is not specified. More info: https://git.k8s.io/community/c
 | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels
 
 | `managedFields`
-<<<<<<< HEAD
 | `array (ManagedFieldsEntry)`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-ManagedFieldsEntry[`array (ManagedFieldsEntry)`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
 
 | `name`
@@ -6295,11 +6046,7 @@ Applied only if Name is not specified. More info: https://git.k8s.io/community/c
 Must be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces
 
 | `ownerReferences`
-<<<<<<< HEAD
 | `array (OwnerReference)`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-OwnerReference[`array (OwnerReference)`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
 
 | `resourceVersion`
@@ -6350,11 +6097,7 @@ Type::
 | Suggested HTTP return code for this status, 0 if not set.
 
 | `details`
-<<<<<<< HEAD
 | `StatusDetails`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-StatusDetails[`StatusDetails`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
 
 | `kind`
@@ -6409,11 +6152,7 @@ Type::
 | Suggested HTTP return code for this status, 0 if not set.
 
 | `details`
-<<<<<<< HEAD
 | `StatusDetails_v2`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-StatusDetails_v2[`StatusDetails_v2`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
 
 | `kind`
@@ -6468,11 +6207,7 @@ Type::
 | Suggested HTTP return code for this status, 0 if not set.
 
 | `details`
-<<<<<<< HEAD
 | `StatusDetails_v2`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-StatusDetails_v2[`StatusDetails_v2`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
 
 | `kind`
@@ -6527,11 +6262,7 @@ Type::
 | Suggested HTTP return code for this status, 0 if not set.
 
 | `details`
-<<<<<<< HEAD
 | `StatusDetails_v2`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-StatusDetails_v2[`StatusDetails_v2`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
 
 | `kind`
@@ -6586,11 +6317,7 @@ Type::
 | Suggested HTTP return code for this status, 0 if not set.
 
 | `details`
-<<<<<<< HEAD
 | `StatusDetails_v2`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-StatusDetails_v2[`StatusDetails_v2`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
 
 | `kind`
@@ -6645,11 +6372,7 @@ Type::
 | Suggested HTTP return code for this status, 0 if not set.
 
 | `details`
-<<<<<<< HEAD
 | `StatusDetails_v2`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-StatusDetails_v2[`StatusDetails_v2`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
 
 | `kind`
@@ -6704,11 +6427,7 @@ Type::
 | Suggested HTTP return code for this status, 0 if not set.
 
 | `details`
-<<<<<<< HEAD
 | `StatusDetails_v2`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-StatusDetails_v2[`StatusDetails_v2`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
 
 | `kind`
@@ -6763,11 +6482,7 @@ Type::
 | Suggested HTTP return code for this status, 0 if not set.
 
 | `details`
-<<<<<<< HEAD
 | `StatusDetails_v2`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-StatusDetails_v2[`StatusDetails_v2`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
 
 | `kind`
@@ -6822,11 +6537,7 @@ Type::
 | Suggested HTTP return code for this status, 0 if not set.
 
 | `details`
-<<<<<<< HEAD
 | `StatusDetails_v2`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-StatusDetails_v2[`StatusDetails_v2`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
 
 | `kind`
@@ -6881,11 +6592,7 @@ Type::
 | Suggested HTTP return code for this status, 0 if not set.
 
 | `details`
-<<<<<<< HEAD
 | `StatusDetails_v2`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-StatusDetails_v2[`StatusDetails_v2`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
 
 | `kind`
@@ -6940,11 +6647,7 @@ Type::
 | Suggested HTTP return code for this status, 0 if not set.
 
 | `details`
-<<<<<<< HEAD
 | `StatusDetails_v2`
-=======
-| xref:../objects/index.adoc#io-k8s-apimachinery-pkg-apis-meta-v1-StatusDetails_v2[`StatusDetails_v2`]
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 | Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
 
 | `kind`

rosa_architecture/about-hcp.adoc

@@ -89,7 +89,7 @@ ifdef::openshift-rosa-hcp[]
 link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-policy-process-security.html#rosa-policy-process-security[Understanding process and security]
 endif::openshift-rosa-hcp[]
 ifndef::openshift-rosa-hcp[]
-xref:../../rosa_architecture/rosa_policy_service_definition/rosa-policy-process-security.adoc#rosa-policy-process-security[Understanding process and security]
+xref:../rosa_architecture/rosa_policy_service_definition/rosa-policy-process-security.adoc#rosa-policy-process-security[Understanding process and security]
 endif::openshift-rosa-hcp[]
 | 
 xref:../rosa_architecture/rosa_policy_service_definition/rosa-hcp-service-definition.adoc#rosa-hcp-service-definition[{hcp-title} service definition]

rosa_architecture/cloud-experts-rosa-hcp-sts-explained.adoc

@@ -56,7 +56,6 @@ The policies determine the allowed actions for each of the roles. See link:https
 *** link:https://docs.aws.amazon.com/aws-managed-policy/latest/reference/ROSAKubeControllerPolicy.html[ROSAKubeControllerPolicy]
 *** link:https://docs.aws.amazon.com/aws-managed-policy/latest/reference/ROSAManageSubscription.html[ROSAManageSubscription]
 *** link:https://docs.aws.amazon.com/aws-managed-policy/latest/reference/ROSANodePoolManagementPolicy.html[ROSANodePoolManagementPolicy]
---
 +
 [NOTE]
 ====

rosa_architecture/rosa-understanding.adoc

@@ -41,7 +41,7 @@ For additional information about ROSA installation, see link:https://www.redhat.
 //- The service is limited to the set permissions.
 //- When the service is run, it obtains credentials that expire in one hour, so there is no need to rotate or revoke credentials. The expiration also reduces the risks of credentials leaking and being reused.
 
-//A listing of the account-wide and per-cluster roles is provided in xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-about-iam-resources[About IAM resources for ROSA clusters that use STS].
+//A listing of the account-wide and per-cluster roles is provided in ../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-about-iam-resources[About IAM resources for ROSA clusters that use STS].
 
 //[id="rosa-understanding-aws-without-sts_{context}"]
 //=== ROSA without STS
@@ -60,7 +60,6 @@ To get started with deploying your cluster, ensure your AWS account has met the
 == Additional resources
 
 * xref:../ocm/ocm-overview.adoc#ocm-overview[OpenShift Cluster Manager]
-* xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-sts-about-iam-resources[About IAM resources for ROSA clusters that use STS]
 * xref:../rosa_getting_started/rosa-getting-started.adoc#rosa-getting-started[Getting started with {product-title}]
 * link:https://aws.amazon.com/rosa/pricing/[AWS pricing page]
 

rosa_architecture/rosa_policy_service_definition/rosa-hcp-instance-types.adoc

@@ -18,10 +18,5 @@ include::modules/rosa-sdpolicy-am-aws-compute-types-graviton.adoc[leveloffset=+1
 
 [role="_additional-resources"]
 .Additional resources
-<<<<<<< HEAD
-
-* xref:../../rosa_planning/rosa-hcp-limits-scalability.adoc#rosa-hcp-limits-scalability[{hcp-title} limits and scalability]
-=======
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 * link:https://aws.amazon.com/ec2/instance-types[AWS Instance Types]

rosa_architecture/rosa_policy_service_definition/rosa-instance-types.adoc

@@ -12,10 +12,6 @@ include::modules/rosa-sdpolicy-am-aws-compute-types.adoc[leveloffset=+1]
 
 [role="_additional-resources"]
 .Additional resources
-<<<<<<< HEAD
 
 * xref:../../rosa_planning/rosa-limits-scalability.adoc#rosa-limits-scalability[Limits and scalability]
-=======
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
-
 * link:https://aws.amazon.com/ec2/instance-types[AWS Instance Types]

rosa_architecture/rosa_policy_service_definition/rosa-policy-responsibility-matrix.adoc

@@ -42,9 +42,4 @@ include::modules/rosa-policy-disaster-recovery.adoc[leveloffset=+1]
 
 * xref:../../rosa_cluster_admin/rosa_nodes/rosa-nodes-machinepools-about.adoc#rosa-nodes-machinepools-about[About machine pools]
 
-include::modules/rosa-policy-customer-responsibility.adoc[leveloffset=+1]
-
-[role="_additional-resources"]
-== Additional resources
-
-* For more information about Red{nbsp}Hat site reliability engineering (SRE) teams access, see xref:../../rosa_architecture/rosa_policy_service_definition/rosa-sre-access.adoc#rosa-policy-identity-access-management_rosa-sre-access[Identity and access management].
+include::modules/rosa-policy-customer-responsibility.adoc[leveloffset=+1]

rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc

@@ -19,13 +19,6 @@ include::modules/rosa-sdpolicy-am-cluster-self-service.adoc[leveloffset=+2]
 [role="_additional-resources"]
 .Additional resources
 
-ifdef::openshift-rosa-hcp[]
-* link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-service-definition.html#rosa-sdpolicy-red-hat-operator_rosa-service-definition[Red{nbsp}Hat Operator Support]
-endif::openshift-rosa-hcp[]
-ifndef::openshift-rosa-hcp[]
-* xref:../../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-red-hat-operator_rosa-service-definition[Red{nbsp}Hat Operator Support]
-endif::openshift-rosa-hcp[]
-
 ifdef::openshift-rosa-hcp[]
 * link:https://docs.openshift.com/rosa/rosa_cluster_admin/rosa-configuring-pid-limits.html#rosa-configuring-pid-limits[Configuring PID limits]
 endif::openshift-rosa-hcp[]
@@ -38,7 +31,6 @@ include::modules/rosa-sdpolicy-instance-types.adoc[leveloffset=+2]
 [role="_additional-resources"]
 .Additional resources
 
-<<<<<<< HEAD
 For a detailed listing of supported instance types, see 
 ifdef::openshift-rosa-hcp[]
 xref:../rosa_policy_service_definition/rosa-hcp-instance-types.adoc#rosa-instance-types[{product-title} instance types].endif::openshift-rosa-hcp[]
@@ -46,21 +38,11 @@ ifndef::openshift-rosa-hcp[]
 xref:../rosa_policy_service_definition/rosa-instance-types.adoc#rosa-instance-types[{product-title} instance types].
 endif::openshift-rosa-hcp[]
 =======
-<<<<<<< HEAD
 * xref:../rosa_policy_service_definition/rosa-instance-types.adoc#rosa-instance-types[{product-title} instance types]
 
 * xref:../../rosa_planning/rosa-limits-scalability.adoc#rosa-limits-scalability[Limits and scalability]
 
-=======
 For a detailed listing of supported instance types, see 
-ifdef::openshift-rosa-hcp[]
-link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-hcp-instance-types.html#rosa-hcp-instance-types[{product-title} instance types].
-endif::openshift-rosa-hcp[]
-ifndef::openshift-rosa-hcp[]
-xref:../rosa_policy_service_definition/rosa-instance-types.adoc#rosa-instance-types[{product-title} instance types].
-endif::openshift-rosa-hcp[]
->>>>>>> 42a0000f89 (Upgrading ROSA with HCP updates)
->>>>>>> 8c77e6d308 (Upgrading ROSA with HCP updates)
 
 include::modules/rosa-sdpolicy-am-regions-az.adoc[leveloffset=+2]
 

rosa_learning/creating_cluster_workshop/cloud-experts-getting-started-managing-worker-nodes.adoc

@@ -9,12 +9,8 @@ toc::[]
 //rosaworkshop.io content metadata
 //Brought into ROSA product docs 2023-11-30
 
-ifndef::openshift-rosa-hcp[]
-In {product-title} (ROSA), changing aspects of your worker nodes is performed through the use of machine pools. A machine pool allows users to manage many machines as a single entity. Every ROSA cluster has a default machine pool that is created when the cluster is created. For more information, see the xref:../../rosa_cluster_admin/rosa_nodes/rosa-nodes-machinepools-about.adoc#rosa-nodes-machinepools-about[machine pool] documentation.
-endif::openshift-rosa-hcp[]
-ifdef::openshift-rosa-hcp[]
 In {product-title} (ROSA), changing aspects of your worker nodes is performed through the use of machine pools. A machine pool allows users to manage many machines as a single entity. Every ROSA cluster has a default machine pool that is created when the cluster is created.
-
+ifdef::openshift-rosa-hcp[]
 For more information, see the link:https://docs.openshift.com/rosa/rosa_cluster_admin/rosa_nodes/rosa-nodes-machinepools-about.html[machine pool] documentation.
 endif::openshift-rosa-hcp[]
 
@@ -215,23 +211,9 @@ rosa create machinepool --cluster=<cluster-name> --name=<mp-name> --replicas=<nu
 rosa create machinepool --cluster=my-rosa-cluster --name=db-nodes-large-mp --replicas=2 --labels='app=db','tier=backend' --instance-type=m5.2xlarge
 ----
 
-<<<<<<< HEAD
-<<<<<<< HEAD
-<<<<<<< HEAD
-. To see all the xref:../../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-aws-instance-types_rosa-service-definition[instance types available], run the following command:
-=======
 ifdef::openshift-rosa-hcp[]
 . To see all the link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-instance-types.html[instance types available], run the following command:
 endif::openshift-rosa-hcp[]
->>>>>>> 72fb79ab1d (Updated the HCP migration to include the ROSA Tutorals and Learning sections)
-=======
-. To see all the xref:../../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-aws-instance-types_rosa-service-definition[instance types available], run the following command:
->>>>>>> e3ad7b9382 (OSDOCS-11269)
-=======
-ifdef::openshift-rosa-hcp[]
-. To see all the link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-instance-types.html[instance types available], run the following command:
-endif::openshift-rosa-hcp[]
->>>>>>> 7aaa9ed78d (Updated the HCP migration to include the ROSA Tutorals and Learning sections)
 +
 [source,terminal]
 ----

rosa_release_notes/rosa-release-notes.adoc

@@ -25,13 +25,9 @@ toc::[]
 [id="rosa-q3-2024_{context}"]
 === Q3 2024
 
-<<<<<<< HEAD
 * **{hcp-title} multi-architecture cluster update.** {hcp-title-first} clusters created before 25 July, 2024 will migrate to a multi-architecture image on their next upgrade allowing you to use {AWS} Arm-based Graviton instance types for your workloads. For more information, see xref:../upgrading/rosa-hcp-upgrading.adoc#rosa-upgrade-options_rosa-hcp-upgrading[Upgrading ROSA with HCP clusters].
 
 * **{hcp-title} cluster node limit update.** {hcp-title} clusters can now scale to 500 worker nodes. This is an increase from the previous limit of 250 nodes. The 250 node limit is an increase from the previous limit 90 nodes on 26 August, 2024. For more information, see xref:../rosa_planning/rosa-hcp-limits-scalability.adoc#tested-cluster-maximums-hcp-sd_rosa-hcp-limits-scalability[ROSA with HCP cluster maximums].
-=======
-* **{hcp-title} cluster node limit update.** {hcp-title} clusters can now scale to 250 worker nodes. This is an increase from the previous limit of 180 nodes. For more information, see xref:../rosa_planning/rosa-hcp-limits-scalability.adoc#tested-cluster-maximums-hcp-sd_rosa-hcp-limits-scalability[ROSA with HCP limits and scalability].
->>>>>>> c17ffd7cec (Adding the Security HCP cherrypick)
 
 * **IMDSv2 support in {hcp-title}.** You can now enforce the use of the IMDSv2 endpoint for default machine pool worker nodes on new {hcp-title} clusters and for new machine pools on existing clusters. For more information, see xref:../rosa_hcp/terraform/rosa-hcp-creating-a-cluster-quickly-terraform.adoc#rosa-hcp-creating-a-cluster-quickly-terraform[Creating a default ROSA cluster using Terraform].
 

snippets/ibu-ImageBasedGroupUpgrade.adoc

@@ -21,6 +21,7 @@ spec:
       pullSecretRef:
         name: "<seed_pull_secret>"
   extraManifests: # <3>
+    - name: example-extra-manifests
       namespace: openshift-lifecycle-agent
   oadpContent: # <4>
     - name: oadp-cm

snippets/ztp_PtpConfigDualCardGmWpc.yaml

@@ -89,11 +89,11 @@ spec:
                 - "-p"
                 - "MON-HW"
               reportOutput: true
-            - args: #ubxtool -P 29.20 -p CFG-MSG,1,38,300
+            - args: #ubxtool -P 29.20 -p CFG-MSG,1,38,248
                 - "-P"
                 - "29.20"
                 - "-p"
-                - "CFG-MSG,1,38,300"
+                - "CFG-MSG,1,38,248"
               reportOutput: true
       ts2phcOpts: " "
       ts2phcConf: |

snippets/ztp_PtpConfigGmWpc.yaml

@@ -82,11 +82,11 @@ spec:
                 - "-p"
                 - "MON-HW"
               reportOutput: true
-            - args: #ubxtool -P 29.20 -p CFG-MSG,1,38,300
+            - args: #ubxtool -P 29.20 -p CFG-MSG,1,38,248
                 - "-P"
                 - "29.20"
                 - "-p"
-                - "CFG-MSG,1,38,300"
+                - "CFG-MSG,1,38,248"
               reportOutput: true
       ts2phcOpts: " "
       ts2phcConf: |

upgrading/rosa-hcp-upgrading.adoc

@@ -8,8 +8,8 @@ toc::[]
 
 include::modules/rosa-hcp-upgrade-options.adoc[leveloffset=+1]
 
-.Additional resources
-* xref:../cli_reference/rosa_cli/rosa-manage-objects-cli.adoc#rosa-edit-machinepool_rosa-managing-objects-cli[ROSA CLI reference: `rosa edit machinepool`]
+// .Additional resources
+// * ../cli_reference/rosa_cli/rosa-manage-objects-cli.adoc#rosa-edit-machinepool_rosa-managing-objects-cli[ROSA CLI reference: `rosa edit machinepool`]
 
 //This cannot be a module if we want to use the xrefs
 [id="rosa-lifecycle-policy_{context}"]
@@ -47,10 +47,21 @@ Upgrading the entire cluster involves upgrading both the hosted control plane an
 * You have installed and configured the latest version of the ROSA CLI.
 * No other upgrades are in progress or scheduled to take place at the same time as this upgrade.
 
+
+ifdef::context[:prevcontext: {context}]
+:context: rosa-hcp-upgrading-whole-cluster
+
 include::modules/rosa-hcp-upgrading-cli-control-plane.adoc[leveloffset=+2]
+
+ifdef::prevcontext[:context: {prevcontext}]
+ifdef::context[:prevcontext: {context}]
+
+:context: rosa-hcp-upgrading-whole-cluster
+
 include::modules/rosa-hcp-upgrading-cli-machinepool.adoc[leveloffset=+2]
-include::modules/rosa-hcp-upgrading-cli-tutorial.adoc[leveloffset=+1]
 
 ifdef::prevcontext[:context: {prevcontext}]
 ifndef::prevcontext[:!context:]
+//LB: Remove until here if we don't want the "whole cluster" upgrade section
+
 include::modules/rosa-hcp-upgrading-cli-tutorial.adoc[leveloffset=+1]