feat: whitelist telemetry endpoint for StepSecurity

rohan-stepsecurity · rohan-stepsecurity · commit ee6926727b58 · 2026-03-16T16:19:26.000+05:30
diff --git a/agent.go b/agent.go
@@ -377,10 +377,13 @@ func addImplicitEndpoints(endpoints map[string][]Endpoint, disableTelemetry bool
 		}
 	}
 
-	stepsecurity := Endpoint{domainName: "agent.api.stepsecurity.io", port: 443} // Should be implicit based on user feedback
+	stepsecurity := Endpoint{domainName: "agent.api.stepsecurity.io", port: 443}             // Should be implicit based on user feedback
+	stepsecurityTelemetry := Endpoint{domainName: "prod.app-api.stepsecurity.io", port: 443} // Telemetry endpoint for sending DNS and net connections to StepSecurity
+
 	if !disableTelemetry {
 		// allowing only if disable_telemetry is set to false
 		normalEndpoints[stepsecurity.domainName] = append(normalEndpoints[stepsecurity.domainName], stepsecurity)
+		normalEndpoints[stepsecurityTelemetry.domainName] = append(normalEndpoints[stepsecurityTelemetry.domainName], stepsecurityTelemetry)
 	}
 
 	return normalEndpoints, wildcardEndpoints

Original file line number	Diff line number	Diff line change
`@@ -377,10 +377,13 @@ func addImplicitEndpoints(endpoints map[string][]Endpoint, disableTelemetry bool`
`377`	`377`	`}`
`378`	`378`	`}`
`379`	`379`
`380`		`- stepsecurity := Endpoint{domainName: "agent.api.stepsecurity.io", port: 443} // Should be implicit based on user feedback`
	`380`	`+ stepsecurity := Endpoint{domainName: "agent.api.stepsecurity.io", port: 443} // Should be implicit based on user feedback`
	`381`	`+ stepsecurityTelemetry := Endpoint{domainName: "prod.app-api.stepsecurity.io", port: 443} // Telemetry endpoint for sending DNS and net connections to StepSecurity`
	`382`	`+`
`381`	`383`	`if !disableTelemetry {`
`382`	`384`	`// allowing only if disable_telemetry is set to false`
`383`	`385`	`normalEndpoints[stepsecurity.domainName] = append(normalEndpoints[stepsecurity.domainName], stepsecurity)`
	`386`	`+ normalEndpoints[stepsecurityTelemetry.domainName] = append(normalEndpoints[stepsecurityTelemetry.domainName], stepsecurityTelemetry)`
`384`	`387`	`}`
`385`	`388`
`386`	`389`	`return normalEndpoints, wildcardEndpoints`