[TT-16951] fix: plugin compiler FIPS support + goplugin tag#8012
[TT-16951] fix: plugin compiler FIPS support + goplugin tag#8012buger merged 1 commit intorelease-5.12.1from
Conversation
- Add FIPS plugin compiler image (tykio/tyk-plugin-compiler-fips) with GOFIPS140=v1.0.0 and -tags=goplugin,ee,fips - Fix build.sh to always include goplugin in build tags - Fix embedded test binary to include BUILD_TAG - Add GOFIPS140 ARG/ENV pass-through in Dockerfile - Update Taskfile golang-cross references from 1.22 to 1.24 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
This PR introduces support for building FIPS-compliant Go plugins and corrects the build tag configuration for all plugin types. Files Changed Analysis
Architecture & Impact AssessmentThis PR enhances the Go plugin development toolchain for Tyk Gateway, with no direct changes to the gateway's core runtime. Its primary accomplishments are:
The main affected component is the CI/CD pipeline for the plugin compiler and the development environment for users creating custom Go plugins, particularly for Enterprise and FIPS deployments. graph TD
subgraph "Plugin Compiler Build Matrix"
A[Build Trigger] --> B{Edition};
B -- Standard --> C[Image: tyk-plugin-compiler<br/>Tags: goplugin];
B -- Enterprise --> D[Image: tyk-plugin-compiler-ee<br/>Tags: goplugin,ee];
B -- FIPS --> E[Image: tyk-plugin-compiler-fips<br/>Tags: goplugin,ee,fips<br/>Env: GOFIPS140=v1.0.0];
end
Scope Discovery & Context ExpansionThe changes are scoped to the plugin compilation tooling. The Metadata
Powered by Visor from Probelabs Last updated: 2026-04-15T09:46:43.929Z | Triggered by: pr_opened | Commit: ec21214 💡 TIP: You can chat with Visor using |
|
API Changes no api changes detected |
Security Issues (2)
Architecture Issues (1)
✅ Performance Check PassedNo performance issues found – changes LGTM. Powered by Visor from Probelabs Last updated: 2026-04-15T09:46:34.743Z | Triggered by: pr_opened | Commit: ec21214 💡 TIP: You can chat with Visor using |
🚨 Jira Linter FailedCommit: The Jira linter failed to validate your PR. Please check the error details below: 🔍 Click to view error detailsNext Steps
This comment will be automatically deleted once the linter passes. |
Summary
tykio/tyk-plugin-compiler-fipsimage withGOFIPS140=v1.0.0and-tags=goplugin,ee,fipsbuild.shnow always includesgopluginin build tags (was missing for EE/FIPS builds)BUILD_TAGfor proper validationgolang-crossreferences from 1.22 to 1.24Plugin compiler image matrix:
tykio/tyk-plugin-compilergoplugintykio/tyk-plugin-compiler-eegoplugin,eetykio/tyk-plugin-compiler-fipsgoplugin,ee,fipsv1.0.0Test plan
Generated with Claude Code