Emit a warning when trying to set a non-existing config key #2924
Comments
|
hey @leogr , i want to contribute on this issue, can you guide me to what changes required and how can i proceed in this. Thanks |
Hey @h4l0gen I haven't looked into code details, but I guess that we should look for the existence of an option while parsing the YAML here 👇 An alternative approach would be to create a YAML schema and validate the file before loading it (I wonder if it is worth keeping this approach). @jasondellaluce any suggestion in this regard? @h4l0gen let me know if this is ok for you. In case you plan to work on this, please |
|
hey @leogr , |
|
/assign |
|
Hey @h4l0gen How is it going? :) |
|
Issues go stale after 90d of inactivity. Mark the issue as fresh with Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with Provide feedback via https://github.com/falcosecurity/community. /lifecycle stale |
|
/remove-lifecycle stale |
Motivation
Silently ignoring a non-existing config key in
falco.yamlcan hide problems and mislead users. A simple typo can make Falco completely ignore the value, which may be hard to spot.For example:
vs.
(N.B. the typo in stduot_output)
Currently, Falco silently ignores the latter case.
Feature
Falco should emit a warning when the user sets a non-existent config key.
Alternatives
An alternative can be to emit an error and stop the Falco execution. Would this alternative be better? 🤔
On the other hand, a simple warning could help spot misconfiguration when upgrading to a new version without blocking the deployment.
Additional context
This idea came up while reviewing this PR #2413
The text was updated successfully, but these errors were encountered: