When the config validator is enabled with a forseti helm deployment, the "forseti-server" pod tries to read the policy library. This appears to be set via ENV currently not configurable in the helm chart. It also will probably need an init container much like the config validator pod has to sync the policies from gcs/git.
When the config validator is enabled with a forseti helm deployment, the "forseti-server" pod tries to read the policy library. This appears to be set via ENV currently not configurable in the helm chart. It also will probably need an init container much like the config validator pod has to sync the policies from gcs/git.
https://github.com/forseti-security/forseti-security/blob/2138c6d9bdbd46eee6d17760a5c1351dbccd7236/google/cloud/forseti/scanner/scanners/config_validator_scanner.py#L29