Conditionally check for ms_tls13kdf build tag
#10160
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ycombinator
added
Team:Elastic-Agent-Control-Plane
|
Pinging @elastic/elastic-agent-control-plane (Team:Elastic-Agent-Control-Plane) |
|
This pull request does not have a backport label. Could you fix it @ycombinator? 🙏
|
ycombinator
changed the title
ms_tls13kdf build tag
ycombinator
changed the title
ms_tls13kdf build tagms_tls13kdf build tag
|
💛 Build succeeded, but was flaky
Failed CI Stepscc @ycombinator |
pchila
approved these changes
Sep 26, 2025
mergify bot
pushed a commit
that referenced
this pull request
Sep 26, 2025
(cherry picked from commit aae77c4)
mergify bot
pushed a commit
that referenced
this pull request
Sep 26, 2025
(cherry picked from commit aae77c4)
This was referenced Sep 26, 2025
ycombinator
added a commit
that referenced
this pull request
Sep 26, 2025
(cherry picked from commit aae77c4) Co-authored-by: Shaunak Kashyap <[email protected]>
ycombinator
added a commit
that referenced
this pull request
Sep 26, 2025
(cherry picked from commit aae77c4) Co-authored-by: Shaunak Kashyap <[email protected]>
v1v
added a commit
that referenced
this pull request
Sep 26, 2025
* upstream: (505 commits) Update journald tests now that Filebeat supports watching folders (#10131) [deploy/kubernetes]: add info about hostPID for Universal Profiling (#10173) Fall back to process runtime if otel runtime is unsupported (#10087) Conditionall check for ms_tls13kdf build tag (#10160) [docs][edot] add entry for profiles (#10163) edot/docs: add support for profiles (#10146) Add Logstash exporter (#10137) Add back publish to serverless. (#10159) Improve Integration test documentation (#10155) Fix multiarch service image push from main to serverless (#10129) Forward migrate action to endpoint (#9801) Comment out check for ms_tls13kdf tag for FIPS-capable binaries (#10148) [otel] add receivers: apache, iis, mysql, postgresql, sqlserver v0.135.0 (#9344) Add k8sevents receiver in kube-stack (#10086) feat: emit system resource metrics for EDOT subprocess (#10003) [AutoOps] Configure OTel Exporter to Send Maximum-sized Batches (#10126) keep enrollment token when replacing data with signed (#10115) Revert "Publish `elastic-agent-service` container directly to serverless from main (#9583)" (#10127) Add agent_policy_id and policy_revision_idx to checkin requests (#9931) remove resource/k8s processor and use k8sattributes processor for service attributes (#10108) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
This PR restores the check for the
ms_tls13kdfGo build tag on the packaged FIPS-capableelastic-agentbinary and component binaries. However, it only checks for this build tag if the binary was built with Go 1.24.x, which is where this tag was supported and required to ensure FIPS compliance.Why is it important?
To ensure FIPS compliance of binaries built with Go 1.24.x.
Checklist
I have made corresponding changes to the documentationI have made corresponding change to the default configuration filesI have added tests that prove my fix is effective or that my feature worksI have added an entry in./changelog/fragmentsusing the changelog toolI have added an integration test or an E2E testDisruptive User Impact
None; this is a change to a Go test that gets executed when Elastic Agent is packaged.
How to test this PR locally
Create a FIPS-capable Elastic Agent package. Make sure a Go version other than 1.24.x is being used.
Make sure the package builds without any errors.