From 1c59c7e5fbf17e0447fd831121987a58d39d67a4 Mon Sep 17 00:00:00 2001
From: zahidblackduck <zahidul@blackduck.com>
Date: Fri, 19 Sep 2025 17:44:14 +0600
Subject: [PATCH 1/2] add iac scan enable check in detect config factory

---
 .../configuration/DetectConfigurationFactory.java   | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/blackduck/integration/detect/configuration/DetectConfigurationFactory.java b/src/main/java/com/blackduck/integration/detect/configuration/DetectConfigurationFactory.java
index 6bf81a6575..f36891f08c 100644
--- a/src/main/java/com/blackduck/integration/detect/configuration/DetectConfigurationFactory.java
+++ b/src/main/java/com/blackduck/integration/detect/configuration/DetectConfigurationFactory.java
@@ -232,11 +232,22 @@ public DetectToolFilter createToolFilter(RunDecision runDecision, BlackDuckDecis
         AllNoneEnumCollection<DetectTool> excludedTools = detectConfiguration.getValue(DetectProperties.DETECT_TOOLS_EXCLUDED);
         ExcludeIncludeEnumFilter<DetectTool> filter = new ExcludeIncludeEnumFilter<>(excludedTools, includedTools, scanTypeEvidenceMap);
 
-        boolean iacEnabled = includedTools.containsValue(DetectTool.IAC_SCAN) || !detectConfiguration.getValue(DetectProperties.DETECT_IAC_SCAN_PATHS).isEmpty();
+        boolean iacEnabled = isIacScanEnabled(includedTools, excludedTools);
 
         return new DetectToolFilter(filter, impactEnabled.orElse(false), iacEnabled, runDecision, blackDuckDecision);
     }
 
+    private boolean isIacScanEnabled(AllNoneEnumCollection<DetectTool> includedTools, AllNoneEnumCollection<DetectTool> excludedTools) {
+        boolean containsAll = includedTools.containsAll(); // Checking whether --detect.tools=ALL is set or not
+        boolean containsNone = includedTools.isEmpty(); // Checking whether --detect.tools property is unset or not
+        boolean iacIncluded = includedTools.containsValue(DetectTool.IAC_SCAN); // Checking whether --detect.tools=IAC_SCAN is set or not
+        boolean iacExcluded = excludedTools.containsValue(DetectTool.IAC_SCAN); // Checking whether --detect.tools.excluded=IAC_SCAN is set or not
+
+        // Enable IAC_SCAN only if it is included by detect.tools (ALL, unset, or explicitly included) and not excluded by detect.tools.excluded.
+        // The detect.iac.scan.paths property does not affect whether IAC_SCAN runs.
+        return (containsAll || containsNone || iacIncluded) && !iacExcluded;
+    }
+
     public RapidScanOptions createRapidScanOptions() {
         RapidCompareMode rapidCompareMode = detectConfiguration.getValue(DetectProperties.DETECT_BLACKDUCK_RAPID_COMPARE_MODE);
         BlackduckScanMode scanMode= detectConfiguration.getValue(DetectProperties.DETECT_BLACKDUCK_SCAN_MODE);

From ae25b4329371d948034c885d51177240f1144b40 Mon Sep 17 00:00:00 2001
From: zahidblackduck <zahidul@blackduck.com>
Date: Mon, 13 Oct 2025 16:29:46 +0600
Subject: [PATCH 2/2] reuse code as per proposal from andrian

---
 .../DetectConfigurationFactory.java             | 17 ++---------------
 .../detect/util/filter/DetectToolFilter.java    |  6 ------
 2 files changed, 2 insertions(+), 21 deletions(-)

diff --git a/src/main/java/com/blackduck/integration/detect/configuration/DetectConfigurationFactory.java b/src/main/java/com/blackduck/integration/detect/configuration/DetectConfigurationFactory.java
index f36891f08c..7e1ade1288 100644
--- a/src/main/java/com/blackduck/integration/detect/configuration/DetectConfigurationFactory.java
+++ b/src/main/java/com/blackduck/integration/detect/configuration/DetectConfigurationFactory.java
@@ -232,27 +232,14 @@ public DetectToolFilter createToolFilter(RunDecision runDecision, BlackDuckDecis
         AllNoneEnumCollection<DetectTool> excludedTools = detectConfiguration.getValue(DetectProperties.DETECT_TOOLS_EXCLUDED);
         ExcludeIncludeEnumFilter<DetectTool> filter = new ExcludeIncludeEnumFilter<>(excludedTools, includedTools, scanTypeEvidenceMap);
 
-        boolean iacEnabled = isIacScanEnabled(includedTools, excludedTools);
-
-        return new DetectToolFilter(filter, impactEnabled.orElse(false), iacEnabled, runDecision, blackDuckDecision);
-    }
-
-    private boolean isIacScanEnabled(AllNoneEnumCollection<DetectTool> includedTools, AllNoneEnumCollection<DetectTool> excludedTools) {
-        boolean containsAll = includedTools.containsAll(); // Checking whether --detect.tools=ALL is set or not
-        boolean containsNone = includedTools.isEmpty(); // Checking whether --detect.tools property is unset or not
-        boolean iacIncluded = includedTools.containsValue(DetectTool.IAC_SCAN); // Checking whether --detect.tools=IAC_SCAN is set or not
-        boolean iacExcluded = excludedTools.containsValue(DetectTool.IAC_SCAN); // Checking whether --detect.tools.excluded=IAC_SCAN is set or not
-
-        // Enable IAC_SCAN only if it is included by detect.tools (ALL, unset, or explicitly included) and not excluded by detect.tools.excluded.
-        // The detect.iac.scan.paths property does not affect whether IAC_SCAN runs.
-        return (containsAll || containsNone || iacIncluded) && !iacExcluded;
+        return new DetectToolFilter(filter, impactEnabled.orElse(false), runDecision, blackDuckDecision);
     }
 
     public RapidScanOptions createRapidScanOptions() {
         RapidCompareMode rapidCompareMode = detectConfiguration.getValue(DetectProperties.DETECT_BLACKDUCK_RAPID_COMPARE_MODE);
         BlackduckScanMode scanMode= detectConfiguration.getValue(DetectProperties.DETECT_BLACKDUCK_SCAN_MODE);
         List<PolicyRuleSeverityType> severitiesToFailPolicyCheck = getPoliciesToFailOn();
-        
+
         long detectTimeout = findTimeoutInSeconds();
         return new RapidScanOptions(rapidCompareMode, scanMode, detectTimeout, severitiesToFailPolicyCheck);
     }
diff --git a/src/main/java/com/blackduck/integration/detect/util/filter/DetectToolFilter.java b/src/main/java/com/blackduck/integration/detect/util/filter/DetectToolFilter.java
index 5fcaeab8ac..f8a798c602 100644
--- a/src/main/java/com/blackduck/integration/detect/util/filter/DetectToolFilter.java
+++ b/src/main/java/com/blackduck/integration/detect/util/filter/DetectToolFilter.java
@@ -18,7 +18,6 @@
 public class DetectToolFilter {
     private final ExcludeIncludeEnumFilter<DetectTool> excludedIncludedFilter;
     private final boolean impactEnabled;
-    private final boolean iacEnabled;
     private final RunDecision runDecision;
     private final BlackDuckDecision blackDuckDecision;
     
@@ -35,13 +34,11 @@ public class DetectToolFilter {
     public DetectToolFilter(
         ExcludeIncludeEnumFilter<DetectTool> excludedIncludedFilter,
         boolean impactEnabled,
-        boolean iacEnabled, 
         RunDecision runDecision,
         BlackDuckDecision blackDuckDecision
     ) {
         this.excludedIncludedFilter = excludedIncludedFilter;
         this.impactEnabled = impactEnabled;
-        this.iacEnabled = iacEnabled;
         this.runDecision = runDecision;
         this.blackDuckDecision = blackDuckDecision;
     }
@@ -50,9 +47,6 @@ public boolean shouldInclude(DetectTool detectTool) { //Only turn tools OFF, tur
         if (detectTool == DetectTool.IMPACT_ANALYSIS) {
             return impactEnabled;
         }
-        if (detectTool == DetectTool.IAC_SCAN) {
-            return iacEnabled;
-        }
         if (detectTool == DetectTool.DETECTOR && runDecision.getDockerMode() == DetectTargetType.IMAGE) {
             return false;
         }