We are switching to efficient build-in configuration audits scanner to eventually deprecate Polaris and Conftest plugins (see #1020).

This is a great opportunity to review documentation pages and explain how build-in configuration audit scanner works, how we configure policies, and how to customize checks with OPA Rego. /cc @AnaisUrlichs

Hi @danielpacak

I currently have an issue when upgrading the operator from chart 0.8 to 0.9, and operator 0.13 to 0.15.0-rc4 (in arm version 👍🏻 ) :

plugin-based and built-in configuration audit scanners cannot be enabled at the same time

Sure I am missing something about the new built-in scanners and doc would be very helpful if something is needed.

My chart config is relatively simple yet :

operator:
  scanJobsConcurrentLimit: 3
targetNamespaces: "" # blank string to let it operate in all namespaces.
image:
  tag: "0.15.0-rc4"
trivy:
  ignoreUnfixed: true

Thanks again for the work on starboard.

Thank you for the feedback @jlamande We haven't published Helm chart for v0.15.0-rc4 yet. It would be version 0.10.0. So please try installing it from cloned repository.

The error you mentioned indicates that both OPERATOR_CONFIG_AUDIT_SCANNER_ENABLED and OPERATOR_CONFIG_AUDIT_SCANNER_BUILTIN are enabled, whereas we're switching over to built-in configuration auditing scanner.