-
Notifications
You must be signed in to change notification settings - Fork 921
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Emit a warning when trying to set a non-existing config key #2924
Comments
hey @leogr , i want to contribute on this issue, can you guide me to what changes required and how can i proceed in this. Thanks |
Hey @h4l0gen I haven't looked into code details, but I guess that we should look for the existence of an option while parsing the YAML here 👇 An alternative approach would be to create a YAML schema and validate the file before loading it (I wonder if it is worth keeping this approach). @jasondellaluce any suggestion in this regard? @h4l0gen let me know if this is ok for you. In case you plan to work on this, please |
hey @leogr , |
/assign |
Hey @h4l0gen How is it going? :) |
Issues go stale after 90d of inactivity. Mark the issue as fresh with Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with Provide feedback via https://github.com/falcosecurity/community. /lifecycle stale |
/remove-lifecycle stale |
Issues go stale after 90d of inactivity. Mark the issue as fresh with Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with Provide feedback via https://github.com/falcosecurity/community. /lifecycle stale |
/remove-lifecycle stale |
I'd like to prioritize this tentatively for |
Motivation
Silently ignoring a non-existing config key in
falco.yaml
can hide problems and mislead users. A simple typo can make Falco completely ignore the value, which may be hard to spot.For example:
vs.
(N.B. the typo in stduot_output)
Currently, Falco silently ignores the latter case.
Feature
Falco should emit a warning when the user sets a non-existent config key.
Alternatives
An alternative can be to emit an error and stop the Falco execution. Would this alternative be better? 🤔
On the other hand, a simple warning could help spot misconfiguration when upgrading to a new version without blocking the deployment.
Additional context
This idea came up while reviewing this PR #2413
The text was updated successfully, but these errors were encountered: