Skip to content

[Filebeat] Use existing constant for FIPS distribution #45053

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 26, 2025
Merged

[Filebeat] Use existing constant for FIPS distribution #45053

merged 1 commit into from
Jun 26, 2025

Conversation

ycombinator
Copy link
Contributor

Proposed commit message

This PR is a follow up to #45036. In that PR, a new constant was introduced in libbeat, common.FIPSMode to determine if we're running a FIPS-capable distribution of a Beat or not. Turns out there was already such a constant in place, version.FIPSDistribution. So this PR here deletes common.FIPSMode and reuses version.FIPSDistribution instead.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

How to test this PR locally

$ go test ./filebeat/input/v2/ -test.run TestLoader_ConfigureFIPS -test.count 1 -test.v
=== RUN   TestLoader_ConfigureFIPS
    loader_test.go:209: FIPS mode = false; err = <nil>
--- PASS: TestLoader_ConfigureFIPS (0.00s)
PASS
ok  	github.com/elastic/beats/v7/filebeat/input/v2	0.006s

In an environment configured for FIPS, i.e. with the Microsoft Go fork installed and with the OpenSSL FIPS provider installed:

$ GOEXPERIMENT=systemcrypto go test -tags requirefips ./filebeat/input/v2/ -test.run TestLoader_ConfigureFIPS -test.count 1 -test.v
=== RUN   TestLoader_ConfigureFIPS
    loader_test.go:209: FIPS mode = true; err = running a FIPS-capable distribution but input [a] is not FIPS capable
--- PASS: TestLoader_ConfigureFIPS (0.00s)
PASS
ok  	github.com/elastic/beats/v7/filebeat/input/v2	0.014s

@ycombinator ycombinator requested a review from a team as a code owner June 26, 2025 11:27
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Jun 26, 2025
@github-actions GitHub Actions
Copy link
Contributor

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

  • run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

@ycombinator ycombinator added Team:Elastic-Agent-Data-Plane Label for the Agent Data Plane team backport-8.19 Automated backport to the 8.19 branch and removed needs_team Indicates that the issue/PR needs a Team:* label labels Jun 26, 2025
@elasticmachine
Copy link
Collaborator

Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane)

@ycombinator ycombinator added the release-note:skip The PR should be ignored when processing the changelog label Jun 26, 2025
@ycombinator ycombinator enabled auto-merge (squash) June 26, 2025 12:04
@ycombinator ycombinator disabled auto-merge June 26, 2025 13:41
@ycombinator
Copy link
Contributor Author

ycombinator commented Jun 26, 2025
edited
Loading

CI is failing like so:

=== FAIL: x-pack/filebeat/fbreceiver TestReceiverDegraded/failed_input (3.36s)
--
  | SDK 2025/06/26 12:09:08 WARN falling back to IMDSv1: operation error ec2imds: getToken, http response error StatusCode: 405, request to EC2 IMDS failed
  | oteltest.go:187:
  | Error Trace:	/opt/buildkite-agent/builds/bk-agent-prod-gcp-1750939501187081759/elastic/beats-xpack-filebeat/libbeat/otelbeat/oteltest/oteltest.go:187
  | /opt/buildkite-agent/.asdf/installs/golang/1.24.4/go/src/runtime/asm_amd64.s:1700
  | Error:      	Expected value not to be nil.
  | Test:       	TestReceiverDegraded/failed_input
  | Messages:   	expected not nil nil, got <nil>
  | oteltest.go:156: Ingested Logs: map[]
  |  
  | === FAIL: x-pack/filebeat/fbreceiver TestReceiverDegraded (9.65s)

This failure is unrelated to the changes in this PR. It can also be seen on main CI builds, e.g. https://buildkite.com/elastic/beats-xpack-filebeat/builds/17300#0197aba6-a712-480f-b28d-c9931ebe98bf.

@pierrehilbert is it OK to force merge this PR once all other checks are successful? Will wait until the test is skipped via #45058 then rebase this PR on main and run CI on it again.

@VihasMakwana
Copy link
Contributor

@ycombinator the flaky test PR is merged.

@ycombinator ycombinator force-pushed the fips-fb-inputs-fips-check branch from 9af3933 to c85cdda Compare June 26, 2025 15:03
@ycombinator ycombinator enabled auto-merge (squash) June 26, 2025 16:15
@ycombinator ycombinator merged commit 6798fe5 into elastic:main Jun 26, 2025
202 checks passed
mergify bot pushed a commit that referenced this pull request Jun 26, 2025
@ycombinator @mergify
Use existing constants (#45053)
dfb27d4 
(cherry picked from commit 6798fe5)
@mergify mergify bot mentioned this pull request Jun 26, 2025
Merged
6 tasks
@ycombinator ycombinator added the backport-9.1 Automated backport to the 9.1 branch label Jun 28, 2025
@ycombinator ycombinator deleted the fips-fb-inputs-fips-check branch June 28, 2025 00:11
mergify bot pushed a commit that referenced this pull request Jun 28, 2025
@ycombinator @mergify
Use existing constants (#45053)
52da8d0 
(cherry picked from commit 6798fe5)
@mergify mergify bot mentioned this pull request Jun 28, 2025
Merged
6 tasks
ycombinator added a commit that referenced this pull request Jun 28, 2025
@mergify @ycombinator
Use existing constants (#45053) (#45103)
b5808f4 
(cherry picked from commit 6798fe5)

Co-authored-by: Shaunak Kashyap <ycombinator@gmail.com>
ycombinator added a commit that referenced this pull request Jul 2, 2025
@ycombinator
Use existing constants (#45053)
e219693 
(cherry picked from commit 6798fe5)
ycombinator added a commit that referenced this pull request Jul 2, 2025
@ycombinator
Use existing constants (#45053)
35a17f3 
(cherry picked from commit 6798fe5)
ycombinator added a commit that referenced this pull request Jul 3, 2025
@ycombinator
Use existing constants (#45053)
97a24e8 
(cherry picked from commit 6798fe5)
ycombinator added a commit that referenced this pull request Jul 3, 2025
@mergify @ycombinator
Use existing constants (#45053) (#45074)
fcdc9fb 
(cherry picked from commit 6798fe5)

Co-authored-by: Shaunak Kashyap <ycombinator@gmail.com>
@khushijain21 khushijain21 mentioned this pull request Jul 15, 2025
Closed
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@belimawr belimawr belimawr approved these changes

@mauri870 mauri870 mauri870 approved these changes

@khushijain21 khushijain21 Awaiting requested review from khushijain21 khushijain21 is a code owner automatically assigned from elastic/elastic-agent-data-plane

@andrzej-stencel andrzej-stencel Awaiting requested review from andrzej-stencel andrzej-stencel is a code owner automatically assigned from elastic/elastic-agent-data-plane

@leehinman leehinman Awaiting requested review from leehinman

@michel-laterman michel-laterman Awaiting requested review from michel-laterman

Assignees

@ycombinator ycombinator

Labels
backport-8.19 Automated backport to the 8.19 branch backport-9.1 Automated backport to the 9.1 branch release-note:skip The PR should be ignored when processing the changelog Team:Elastic-Agent-Data-Plane Label for the Agent Data Plane team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@ycombinator @elasticmachine @VihasMakwana @belimawr @mauri870