docs: update installation guides for v0.15.0 (aquasecurity#1063)

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

docs/cli/getting-started.md

@@ -35,13 +35,15 @@ kubectl api-resources --api-group aquasecurity.github.io
 <summary>Result</summary>
 
 ```
-NAME                          SHORTNAMES                 APIVERSION                        NAMESPACED   KIND
-ciskubebenchreports           kubebench                  aquasecurity.github.io/v1alpha1   false        CISKubeBenchReport
-clusterconfigauditreports     clusterconfigaudit         aquasecurity.github.io/v1alpha1   false        ClusterConfigAuditReport
-clustervulnerabilityreports   clustervuln,clustervulns   aquasecurity.github.io/v1alpha1   false        ClusterVulnerabilityReport
-configauditreports            configaudit                aquasecurity.github.io/v1alpha1   true         ConfigAuditReport
-kubehunterreports             kubehunter                 aquasecurity.github.io/v1alpha1   false        KubeHunterReport
-vulnerabilityreports          vuln,vulns                 aquasecurity.github.io/v1alpha1   true         VulnerabilityReport
+NAME                             SHORTNAMES                 APIVERSION                        NAMESPACED   KIND
+ciskubebenchreports              kubebench                  aquasecurity.github.io/v1alpha1   false        CISKubeBenchReport
+clustercompliancedetailreports   compliancedetail           aquasecurity.github.io/v1alpha1   false        ClusterComplianceDetailReport
+clustercompliancereports         compliance                 aquasecurity.github.io/v1alpha1   false        ClusterComplianceReport
+clusterconfigauditreports        clusterconfigaudit         aquasecurity.github.io/v1alpha1   false        ClusterConfigAuditReport
+clustervulnerabilityreports      clustervuln,clustervulns   aquasecurity.github.io/v1alpha1   false        ClusterVulnerabilityReport
+configauditreports               configaudit                aquasecurity.github.io/v1alpha1   true         ConfigAuditReport
+kubehunterreports                kubehunter                 aquasecurity.github.io/v1alpha1   false        KubeHunterReport
+vulnerabilityreports             vuln,vulns                 aquasecurity.github.io/v1alpha1   true         VulnerabilityReport
 ```
 </details>
 
@@ -92,7 +94,7 @@ Moving forward, let's take the same `nginx` Deployment and audit its Kubernetes
 created it with the `kubectl create deployment` command which applies the default settings to the deployment descriptors.
 However, we also know that in Kubernetes the defaults are usually the least secure.
 
-Run the scanner to audit the configuration using [Polaris], which is the default configuration checker:
+Run the scanner to audit the configuration using the built-in configuration checker:
 
 ```
 starboard scan configauditreports deployment/nginx
@@ -114,8 +116,8 @@ kubectl get configauditreport -o wide
 <summary>Result</summary>
 
 ```
-NAME                          SCANNER   AGE    DANGER   WARNING   PASS
-replicaset-nginx-6d4cf56db6   Polaris   155m   1        9         7
+NAME                          SCANNER     AGE   CRITIAL   HIGH   MEDIUM   LOW
+replicaset-nginx-78449c65d4   Starboard   75s   0         0      6        7
 ```
 </details>
 
@@ -141,7 +143,6 @@ open nginx.deploy.html
 * Read up on [Infrastructure Scanners] integrated with Starboard.
 
 [Trivy]: ./../integrations/vulnerability-scanners/trivy.md
-[Polaris]: ./../integrations/config-checkers/polaris.md
 [Custom Resource Definitions]: ./../crds/index.md
 [Katacoda]: https://www.katacoda.com/courses/kubernetes/playground/
 [Play with Kubernetes]: http://labs.play-with-k8s.com/

docs/cli/installation/binary-releases.md

@@ -1,20 +1,24 @@
 Every [release][release] of Starboard provides binary releases for a variety of operating systems. These
 binary versions can be manually downloaded and installed.
 
-1. Download your [desired version][release]
-2. Unpack it (`tar -zxvf starboard_darwin_x86_64.tar.gz`)
+1. Download desired [release archive][release] for your platform
+2. Unpack it. As an example for macOS platform, run the following command:
+   ```
+   tar -zxvf starboard_darwin_x86_64.tar.gz
+   ```
 3. Find the `starboard` binary in the unpacked directory, and move it to its desired destination
-   (`mv starboard_darwin_x86_64/starboard /usr/local/bin/starboard`)
+   ```
+   mv ./starboard /usr/local/bin/starboard
+   ```
 
 From there, you should be able to run Starboard CLI commands: `starboard help`
 
 ## kubectl plugin
 
-The Starboard CLI is compatible with [kubectl][kubectl] and is intended as [kubectl plugin][kubectl-plugins],
-but it's perfectly fine to run it as a stand-alone executable. If you rename the `starboard` executable to
-`kubectl-starboard` and if it's in your path, you can invoke it using `kubectl starboard`.
+The Starboard CLI is compatible with [kubectl] and is intended as [kubectl plugin], but it's perfectly fine to run it as
+a stand-alone executable. If you rename the `starboard` executable to `kubectl-starboard` and if it's in your path, you
+can invoke it using `kubectl starboard`.
 
-
-[release]: https://github.com/aquasecurity/starboard/releases
+[release]: https://github.com/aquasecurity/starboard/releases/{{ git.tag }}
 [kubectl]: https://kubernetes.io/docs/reference/kubectl
-[kubectl-plugins]: https://kubernetes.io/docs/tasks/extend-kubectl/kubectl-plugins
+[kubectl plugin]: https://kubernetes.io/docs/tasks/extend-kubectl/kubectl-plugins

docs/operator/installation/helm.md

@@ -4,7 +4,7 @@
 YAML manifests called Helm [charts].
 
 To address shortcomings of [static YAML manifests](./kubectl.md) we provide the Helm chart to deploy the Starboard
-Operator. The Helm chart supports all [install modes](./../configuration.md#install-modes).
+Operator. The Helm chart supports all [Install Modes](./../configuration.md#install-modes).
 
 As an example, let's install the operator in the `starboard-system` namespace and configure it to watch the `default`
 namespaces:
@@ -37,14 +37,15 @@ namespaces:
      --version {{ var.chart_version }}
    ```
    There are many [values] in the chart that can be set to configure Starboard.
-3. Check that the `starboard-operator` Helm release is created in the `starboard-system` namespace:
+3. Check that the `starboard-operator` Helm release is created in the `starboard-system` namespace, and it has status
+   `deployed`:
    ```console
    $ helm list -n starboard-system
    NAME              	NAMESPACE         	REVISION	UPDATED                             	STATUS  	CHART                   	APP VERSION
    starboard-operator	starboard-system	1       	2021-01-27 20:09:53.158961 +0100 CET	deployed	starboard-operator-{{ var.chart_version }}	{{ git.tag[1:] }}
    ```
-   To confirm that the operator is running, check the number of replicas created by the `starboard-operator` Deployment
-   in the `starboard-system` namespace:
+   To confirm that the operator is running, check that the `starboard-operator` Deployment in the `starboard-system`
+   namespace is available and all its containers are ready:
    ```console
    $ kubectl get deployment -n starboard-system
    NAME                 READY   UP-TO-DATE   AVAILABLE   AGE

docs/operator/installation/olm.md

@@ -41,16 +41,15 @@ configure it to watch the `default` namespaces:
    the `starboard-system` namespace. For example, you can use Trivy
    in [ClientServer](./../../integrations/vulnerability-scanners/trivy.md#clientserver) mode or
    [Aqua Enterprise](./../../integrations/vulnerability-scanners/aqua-enterprise.md) as an active vulnerability scanner.
-   If you skip this step, the operator will ensure [configuration objects](./../../settings.md)
-   on startup with the default settings:
+   If you skip this step, the operator will ensure default [Starboard Settings](./../../settings.md) on startup:
    ```
    kubectl apply -f https://raw.githubusercontent.com/aquasecurity/starboard/{{ git.tag }}/deploy/static/03-starboard-operator.config.yaml
    ```
-   Review the default values and makes sure the operator is configured properly:
+5. Install default OPA Rego policies used by the built-in configuration checker:
    ```
-   kubectl describe cm starboard starboard-trivy-config starboard-polaris-config -n starboard-system
+   kubectl apply -f https://raw.githubusercontent.com/aquasecurity/starboard/{{ git.tag }}/deploy/static/04-starboard-operator.policies.yaml
    ```
-5. Install the operator by creating the Subscription:
+6. Install the operator by creating the Subscription:
    ```
    cat << EOF | kubectl apply -f -
    apiVersion: operators.coreos.com/v1alpha1
@@ -75,10 +74,10 @@ configure it to watch the `default` namespaces:
    EOF
    ```
    The operator will be installed in the `starboard-system` namespace and will be usable from the `default` namespace.
-   Note that the `spec.config` property allows you to override the default [configuration](./../configuration.md) of
+   Note that the `spec.config` property allows you to override the default [Configuration](./../configuration.md) of
    the operator's Deployment.
 
-6. After install, watch the operator come up using the following command:
+7. After install, watch the operator come up using the following command:
    ```console
    $ kubectl get clusterserviceversions -n starboard-system
    NAME                        DISPLAY              VERSION   REPLACES                     PHASE
@@ -117,6 +116,8 @@ You have to manually delete custom resource definitions created by the OLM opera
     kubectl delete crd configauditreports.aquasecurity.github.io
     kubectl delete crd clusterconfigauditreports.aquasecurity.github.io
     kubectl delete crd ciskubebenchreports.aquasecurity.github.io
+    kubectl delete crd clustercompliancereports.aquasecurity.github.io
+    kubectl delete crd clustercompliancedetailreports.aquasecurity.github.io
     ```
 
 [olm]: https://github.com/operator-framework/operator-lifecycle-manager/