Problem:

• Compliance Operator from version 1.7 we will be supporting 3 different CIS and 3 different DISA STIG profiles, which impacts substantially our maintenance work. At the same time. Both benchmarks release new versions quite frequently (around 3 times a year), making the last profile the one most up to date and relevant.

Goal:

We want to be able to deprecate older profiles for these two benchmarks at the pace we see fit without having to provide explanation release per release about deprecation.

Solution = Documentation:

We want to state in the documentation that starting from CO 1.8, the only supported versions of CIS and DISA STIG profiles will be the latest. Our recommendation to customers is to use ocp4-cis and ocp4-cis-node, ocp4-stig, ocp4-stig-node which is always points to the latest version, to avoid running with an unsupported profile. 

Acceptance criteria:

• Release notes include this information
• This information should be included permanently in the docs too.