diff --git a/agent.go b/agent.go index a4ddaab..4e6a6fb 100644 --- a/agent.go +++ b/agent.go @@ -12,6 +12,7 @@ import ( const ( StepSecurityLogCorrelationPrefix = "Step Security Job Correlation ID:" + StepSecurityAnnotationPrefix = "StepSecurity Harden Runner:" EgressPolicyAudit = "audit" EgressPolicyBlock = "block" ) @@ -109,6 +110,7 @@ func Run(ctx context.Context, configFilePath string, hostDNSServer DNSServer, ipAddress, err := dnsProxy.getIPByDomain(domainName) if err != nil { WriteLog(fmt.Sprintf("Error resolving allowed domain %v", err)) + WriteAnnotation(fmt.Sprintf("%s Reverting agent since allowed endpoint %s could not be resolved", StepSecurityAnnotationPrefix, domainName)) RevertChanges(iptables, nflog, cmd, resolvdConfigPath, dockerDaemonConfigPath, dnsConfig) return err }