Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NR-291019 add fips compliant package builds #530

Merged
merged 1 commit into from
Nov 8, 2024
Merged

NR-291019 add fips compliant package builds #530

merged 1 commit into from
Nov 8, 2024

Conversation

rajrohanyadav
Copy link
Contributor

@rajrohanyadav rajrohanyadav commented Nov 6, 2024
edited
Loading

What?

Adds compilation and packaging of FIPS compliant packages using boringcrypto

Why?

Many customers can only use FIPS compliant packages in their environments

How?

  • use a new Dockerfile to build FIPS and non-FIPS packages
  • update goreleaser config to build and package FIPS compliant packages in addition to the normal packages
  • Update release workflow to use the same format as infra-agent for coverage.

@rajrohanyadav rajrohanyadav force-pushed the NR-291019-build-fips-compliant-nri-flex branch from 4cf7abe to 0e1d24f Compare November 6, 2024 05:57
@rajrohanyadav rajrohanyadav marked this pull request as ready for review November 6, 2024 06:13
gsanchezgavier
gsanchezgavier reviewed Nov 6, 2024
View reviewed changes
Makefile Outdated Show resolved Hide resolved
gsanchezgavier
gsanchezgavier reviewed Nov 6, 2024
View reviewed changes
build/Dockerfile Outdated Show resolved Hide resolved
gsanchezgavier
gsanchezgavier reviewed Nov 6, 2024
View reviewed changes
Copy link
Contributor

@gsanchezgavier gsanchezgavier left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks just left a couple of comments, i see that there is no workflow to run this neither push the artifacts. i guess that it would be following prs ?

build/compile.mk Show resolved Hide resolved
cmd/nri-flex/nri-flex-fips.go Outdated Show resolved Hide resolved
@rajrohanyadav
Copy link
Contributor Author

thanks just left a couple of comments, i see that there is no workflow to run this neither push the artifacts. i guess that it would be following prs ?

Thanks for the comments. I believe goreleaser takes care of pushing the artifacts to the release from the runner (as happening until now for this repo). I don't know if we need to publish these to S3. So, there would be no changes to the way packages are published, just two additional packages with be created for each release.

@rajrohanyadav rajrohanyadav force-pushed the NR-291019-build-fips-compliant-nri-flex branch from 4f570ea to 40154bf Compare November 7, 2024 11:04
alvarocabanas
alvarocabanas reviewed Nov 7, 2024
View reviewed changes
build/compile.mk Show resolved Hide resolved
build/goreleaser.yml Outdated Show resolved Hide resolved
cmd/nri-flex/nri-flex-fips.go Outdated Show resolved Hide resolved
alvarocabanas
alvarocabanas reviewed Nov 7, 2024
View reviewed changes
Copy link
Contributor

@alvarocabanas alvarocabanas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left some comments

build/compile.mk Outdated Show resolved Hide resolved
@rajrohanyadav rajrohanyadav force-pushed the NR-291019-build-fips-compliant-nri-flex branch from 813fd4a to e474ee8 Compare November 7, 2024 14:55
@rajrohanyadav rajrohanyadav force-pushed the NR-291019-build-fips-compliant-nri-flex branch from e474ee8 to 343bc3c Compare November 7, 2024 14:56
alvarocabanas
alvarocabanas approved these changes Nov 7, 2024
View reviewed changes
Copy link
Contributor

@alvarocabanas alvarocabanas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, GOOD JOB!

@rajrohanyadav rajrohanyadav merged commit 77fc666 into master Nov 8, 2024
13 checks passed
@rajrohanyadav rajrohanyadav deleted the NR-291019-build-fips-compliant-nri-flex branch November 8, 2024 03:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alvarocabanas alvarocabanas alvarocabanas approved these changes

@gsanchezgavier gsanchezgavier Awaiting requested review from gsanchezgavier

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rajrohanyadav @alvarocabanas @gsanchezgavier