Skip to content

Enhancement/5039 remove x crypto fips#7072

Merged
kaanyalti merged 2 commits into
elastic:mainfrom
kaanyalti:enhancement/5039_remove_x_crypto_fips
Mar 14, 2025
Merged

Enhancement/5039 remove x crypto fips#7072
kaanyalti merged 2 commits into
elastic:mainfrom
kaanyalti:enhancement/5039_remove_x_crypto_fips

Conversation

@kaanyalti
Copy link
Copy Markdown

@kaanyalti kaanyalti commented Feb 28, 2025
edited by jlind23
Loading

  • Enhancement

What does this PR do?

Removes x/crypto usage

Why is it important?

We need to move away from using x/crypto for fips compliance

Checklist

  • I have read and understood the pull request guidelines of this project.
  • My code follows the style guidelines of this project
  • [ ] I have commented my code, particularly in hard-to-understand areas
  • [ ] I have made corresponding changes to the documentation
  • [ ] I have made corresponding change to the default configuration files
  • [ ] I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in ./changelog/fragments using the changelog tool
  • [ ] I have added an integration test or an E2E test

Disruptive User Impact

None

How to test this PR locally

Ci tests should be enough

Related issues

@mergify
Copy link
Copy Markdown
Contributor

mergify Bot commented Feb 28, 2025

This pull request does not have a backport label. Could you fix it @kaanyalti? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

  • backport-./d./d is the label that automatically backports to the 8./d branch. /d is the digit
  • backport-active-all is the label that automatically backports to all active branches.
  • backport-active-8 is the label that automatically backports to all active minor branches for the 8 major.
  • backport-active-9 is the label that automatically backports to all active minor branches for the 9 major.

kruskall
kruskall reviewed Feb 28, 2025
View reviewed changes
Comment thread go.mod
@kaanyalti kaanyalti force-pushed the enhancement/5039_remove_x_crypto_fips branch from 65d0fb3 to 8e74a0a Compare March 1, 2025 08:35
@kaanyalti kaanyalti marked this pull request as ready for review March 1, 2025 08:36
@kaanyalti kaanyalti requested a review from a team as a code owner March 1, 2025 08:36
@kaanyalti kaanyalti requested review from pchila and swiatekm March 1, 2025 08:36
@kaanyalti
Copy link
Copy Markdown
Author

kaanyalti commented Mar 1, 2025

Blocked until go version can be bumped up to 1.24

@kaanyalti kaanyalti marked this pull request as draft March 1, 2025 08:36
@kaanyalti kaanyalti force-pushed the enhancement/5039_remove_x_crypto_fips branch from df255d7 to 8d17eea Compare March 5, 2025 23:16
@kaanyalti kaanyalti mentioned this pull request Mar 6, 2025
Closed
1 task
@kaanyalti kaanyalti force-pushed the enhancement/5039_remove_x_crypto_fips branch from 8d17eea to ecea4ae Compare March 6, 2025 18:26
@kaanyalti
Copy link
Copy Markdown
Author

kaanyalti commented Mar 6, 2025

unblocked, go version bumped is merged

@kaanyalti kaanyalti marked this pull request as ready for review March 6, 2025 18:29
kruskall
kruskall previously approved these changes Mar 6, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@kruskall kruskall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

just a minor question for the agent team

Comment thread changelog/fragments/1740817861-remove-some-x-crypto-usage.yaml Outdated
kruskall
kruskall reviewed Mar 6, 2025
View reviewed changes
Comment thread go.mod Outdated
@pierrehilbert pierrehilbert added the Team:Elastic-Agent-Control-Plane Label for the Agent Control Plane team label Mar 7, 2025
@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Mar 7, 2025

Pinging @elastic/elastic-agent-control-plane (Team:Elastic-Agent-Control-Plane)

simitt
simitt previously approved these changes Mar 7, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@simitt simitt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

swiatekm
swiatekm reviewed Mar 7, 2025
View reviewed changes
Comment thread go.mod Outdated
pchila
pchila reviewed Mar 10, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@pchila pchila left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, we just need to split off the beats bump to a separate PR and remove the changelog.

Waiting for a green CI before approval

@kaanyalti kaanyalti force-pushed the enhancement/5039_remove_x_crypto_fips branch from ecea4ae to 978420a Compare March 10, 2025 14:32
@kaanyalti kaanyalti dismissed stale reviews from simitt and kruskall via a887c28 March 10, 2025 14:32
@mergify
Copy link
Copy Markdown
Contributor

mergify Bot commented Mar 10, 2025

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b enhancement/5039_remove_x_crypto_fips upstream/enhancement/5039_remove_x_crypto_fips
git merge upstream/main
git push upstream enhancement/5039_remove_x_crypto_fips

@kaanyalti kaanyalti force-pushed the enhancement/5039_remove_x_crypto_fips branch from db2dc3e to 573d9d8 Compare March 10, 2025 17:22
kruskall
kruskall reviewed Mar 10, 2025
View reviewed changes
Comment thread go.mod Outdated
swiatekm
swiatekm previously approved these changes Mar 11, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@swiatekm swiatekm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Left a comment about moving values to named constants, but I'm ok with this being merged without it having been addressed.

Comment thread internal/pkg/agent/vault/vault_file_notwindows.go Outdated
@mergify
Copy link
Copy Markdown
Contributor

mergify Bot commented Mar 11, 2025

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b enhancement/5039_remove_x_crypto_fips upstream/enhancement/5039_remove_x_crypto_fips
git merge upstream/main
git push upstream enhancement/5039_remove_x_crypto_fips

@kaanyalti kaanyalti force-pushed the enhancement/5039_remove_x_crypto_fips branch from 8aa3577 to cae5b1a Compare March 12, 2025 05:06
@kaanyalti kaanyalti force-pushed the enhancement/5039_remove_x_crypto_fips branch from f1df84d to f4dd9cb Compare March 12, 2025 05:40
@kaanyalti kaanyalti added backport-8.x Automated backport to the 8.x branch with mergify backport-9.0 Automated backport to the 9.0 branch labels Mar 12, 2025
@elastic-sonarqube
Copy link
Copy Markdown

elastic-sonarqube Bot commented Mar 12, 2025

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
72.2% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Mar 12, 2025
edited
Loading

💔 Build Failed

Failed CI Steps

History

cc @kaanyalti

@kaanyalti kaanyalti merged commit 33df025 into elastic:main Mar 14, 2025
@kaanyalti kaanyalti deleted the enhancement/5039_remove_x_crypto_fips branch March 14, 2025 14:29
mergify Bot pushed a commit that referenced this pull request Mar 14, 2025
@mergify
Enhancement/5039 remove x crypto fips (#7072)
0707352 
* enhancement(5039): replace x/crypto/pbkdf2 with stdlib pbkdf2

* enhancement(5039): added nolint comment

(cherry picked from commit 33df025)
@mergify mergify Bot mentioned this pull request Mar 14, 2025
Merged
3 tasks
mergify Bot pushed a commit that referenced this pull request Mar 14, 2025
@mergify
Enhancement/5039 remove x crypto fips (#7072)
c88652d 
* enhancement(5039): replace x/crypto/pbkdf2 with stdlib pbkdf2

* enhancement(5039): added nolint comment

(cherry picked from commit 33df025)
@mergify mergify Bot mentioned this pull request Mar 14, 2025
Merged
3 tasks
kaanyalti pushed a commit that referenced this pull request Mar 17, 2025
@mergify
Enhancement/5039 remove x crypto fips (#7072) (#7421)
d1d7e6c 
* enhancement(5039): replace x/crypto/pbkdf2 with stdlib pbkdf2

* enhancement(5039): added nolint comment

(cherry picked from commit 33df025)

Co-authored-by: Kaan Yalti <kaan.yalti@elastic.co>
kaanyalti pushed a commit that referenced this pull request Mar 17, 2025
@mergify
Enhancement/5039 remove x crypto fips (#7072) (#7422)
9f3564c 
* enhancement(5039): replace x/crypto/pbkdf2 with stdlib pbkdf2

* enhancement(5039): added nolint comment

(cherry picked from commit 33df025)

Co-authored-by: Kaan Yalti <kaan.yalti@elastic.co>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@swiatekm swiatekm swiatekm approved these changes

@pchila pchila pchila approved these changes

@kruskall kruskall Awaiting requested review from kruskall

@simitt simitt Awaiting requested review from simitt

Assignees

@kaanyalti kaanyalti

Labels

backport-8.x Automated backport to the 8.x branch with mergify backport-9.0 Automated backport to the 9.0 branch skip-changelog Team:Elastic-Agent-Control-Plane Label for the Agent Control Plane team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@kaanyalti @elasticmachine @simitt @swiatekm @pchila @kruskall @pierrehilbert