Skip to content

Fix runtime-policies port detection control drift (bug) and malware forensic collection (missing) #330

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
semyonmor merged 1 commit into from
Aug 26, 2025
Merged

Fix runtime-policies port detection control drift (bug) and malware forensic collection (missing) #330

semyonmor merged 1 commit into from
Aug 26, 2025

Conversation

@sarvodayaKumar
Copy link
Collaborator

@sarvodayaKumar sarvodayaKumar commented Aug 26, 2025

fix(runtime-policies): resolve default drift issues and add missing file_forensic_collection handling

  • Defaults cleanup:

    • Removed Default: true from enable_port_scan_protection in container runtime policies.
    • Removed Default: true from enable_ip_reputation in host runtime policies.
    • These defaults caused unwanted Terraform plan drift when users didn’t explicitly set the fields, forcing workarounds.
    • Now the fields properly default to false/unset when not specified, aligning with Terraform provider patterns and preventing drift.
    • Fixes customer issue where policies showed unexpected changes in Terraform plans.

  • File forensic collection fix:

    • Added missing file_forensic_collection field to host runtime policy expansion (expandHostRuntimePolicy).
    • Extended test coverage for malware_scan_options.file_forensic_collection in both container and host runtime policy tests.
    • Ensures consistent handling of file_forensic_collection during policy creation and updates.

cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

@sarvodayaKumar
Fix runtime-policies port detection control drift (bug) and malware f…
bde0e48 
…orensic collection (missing)

fix(runtime-policies): resolve default drift issues and add missing file_forensic_collection handling
* Defaults cleanup:

    * Removed Default: true from enable_port_scan_protection in container runtime policies.
    * Removed Default: true from enable_ip_reputation in host runtime policies.
    * These defaults caused unwanted Terraform plan drift when users didn’t explicitly set the fields, forcing workarounds.
    * Now the fields properly default to false/unset when not specified, aligning with Terraform provider patterns and preventing drift.
    * Fixes customer issue where policies showed unexpected changes in Terraform plans.
* File forensic collection fix:

    * Added missing file_forensic_collection field to host runtime policy expansion (expandHostRuntimePolicy).
    * Extended test coverage for malware_scan_options.file_forensic_collection in both container and host runtime policy tests.
    * Ensures consistent handling of file_forensic_collection during policy creation and updates.
@semyonmor semyonmor merged commit d756d35 into main Aug 26, 2025
9 checks passed
@semyonmor semyonmor deleted the SLK-99903 branch August 26, 2025 18:08
@semyonmor semyonmor mentioned this pull request Aug 26, 2025
Closed
@sarvodayaKumar sarvodayaKumar mentioned this pull request Aug 29, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@semyonmor semyonmor semyonmor approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sarvodayaKumar @semyonmor