Skip to content

[ci] Run Go unit tests with GODEBUG=fips140=only #13926

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 8 commits into
base: main
Choose a base branch
from
Draft

[ci] Run Go unit tests with GODEBUG=fips140=only #13926

wants to merge 8 commits into from
+12 −0

Conversation

@ycombinator
Copy link
Contributor

@ycombinator ycombinator commented Oct 3, 2025
edited
Loading

Description

This PR runs all Golang unit tests in this repository with the GODEBUG=fips140=only environment set. This is useful to detect any FIPS-140 violations of code covered by these unit tests.

To achieve the above, this PR introduces a new gotest-fips140-only target in Makefile and a corresponding test-fips140-only target in Makefile.Common.

Link to tracking issue

Relates to #13925

Testing

Documentation

@codecov
Copy link

codecov bot commented Oct 3, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.44%. Comparing base (0f3b0c9) to head (c4a20ca).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #13926      +/-   ##
==========================================
- Coverage   92.50%   92.44%   -0.06%     
==========================================
  Files         660      660              
  Lines       36196    36218      +22     
==========================================
  Hits        33483    33483              
- Misses       1892     1913      +21     
- Partials      821      822       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@ycombinator ycombinator changed the title Add Makefile targets for running unit tests with GODEBUG=fips140=only [chore] Add Makefile targets for running unit tests with GODEBUG=fips140=only Oct 3, 2025
@ycombinator
Copy link
Contributor Author

ycombinator commented Oct 3, 2025
edited
Loading

Running make gotest-fips140-only fails fast, so instead I'm running make test-fips140-only in each module, with Golang 1.25.0, like so:

$ go version
go version go1.25.0 linux/arm64

$ for m in $(find . -iname go.mod); do d=$(dirname $m); cd $d; make test-fips140-only; cd -; done

Ignoring passing and skipped tests, here are the failures:

=== Failed
=== FAIL: internal/builder TestVersioning/defaults (0.16s)
2025-10-09T23:03:01.172-0700	INFO	builder/main.go:99	Sources created	{"path": "/tmp/otelcol-distribution2818115018"}
    main_test.go:220:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/cmd/builder/internal/builder/main_test.go:220
        	Error:      	Target error should be in err chain:
        	            	expected: ""
        	            	in chain: "failed to update go.mod: go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get \"https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod\": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode\n"
        	            		"go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get \"https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod\": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode\n"
        	            		"exit status 1"
        	Test:       	TestVersioning/defaults

=== FAIL: internal/builder TestVersioning/old_component_version (0.16s)
2025-10-09T23:03:01.341-0700	INFO	builder/main.go:99	Sources created	{"path": "/tmp/otelcol-distribution2842198807"}
    main_test.go:220:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/cmd/builder/internal/builder/main_test.go:220
        	Error:      	Target error should be in err chain:
        	            	expected: ""
        	            	in chain: "failed to update go.mod: go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get \"https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod\": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode\n"
        	            		"go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get \"https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod\": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode\n"
        	            		"exit status 1"
        	Test:       	TestVersioning/old_component_version

=== FAIL: internal/builder TestVersioning/old_component_version_without_strict_mode (0.17s)
2025-10-09T23:03:01.503-0700	INFO	builder/main.go:99	Sources created	{"path": "/tmp/otelcol-distribution1917550671"}
    main_test.go:220:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/cmd/builder/internal/builder/main_test.go:220
        	Error:      	Target error should be in err chain:
        	            	expected: ""
        	            	in chain: "failed to update go.mod: go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get \"https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod\": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode\n"
        	            		"go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get \"https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod\": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode\n"
        	            		"exit status 1"
        	Test:       	TestVersioning/old_component_version_without_strict_mode

=== FAIL: internal/builder TestVersioning (0.50s)

=== FAIL: internal/builder TestGenerateAndCompile/Default_Configuration_Compilation (0.19s)
2025-10-09T23:03:01.676-0700	INFO	builder/config.go:160	Using go	{"go-executable": "/usr/local/go/bin/go"}
2025-10-09T23:03:01.679-0700	INFO	builder/main.go:99	Sources created	{"path": "/tmp/TestGenerateAndCompileDefault_Configuration_Compilation252918051/001"}
    main_test.go:338:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/cmd/builder/internal/builder/main_test.go:338
        	Error:      	Received unexpected error:
        	            	failed to update go.mod: go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get "https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
        	Test:       	TestGenerateAndCompile/Default_Configuration_Compilation

=== FAIL: internal/builder TestGenerateAndCompile/LDFlags_Compilation (0.18s)
2025-10-09T23:03:01.863-0700	INFO	builder/config.go:160	Using go	{"go-executable": "/usr/local/go/bin/go"}
2025-10-09T23:03:01.867-0700	INFO	builder/main.go:99	Sources created	{"path": "/tmp/TestGenerateAndCompileLDFlags_Compilation3165267322/001"}
    main_test.go:338:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/cmd/builder/internal/builder/main_test.go:338
        	Error:      	Received unexpected error:
        	            	failed to update go.mod: go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get "https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
        	Test:       	TestGenerateAndCompile/LDFlags_Compilation

=== FAIL: internal/builder TestGenerateAndCompile/GCFlags_Compilation (0.18s)
2025-10-09T23:03:02.048-0700	INFO	builder/config.go:160	Using go	{"go-executable": "/usr/local/go/bin/go"}
2025-10-09T23:03:02.050-0700	INFO	builder/main.go:99	Sources created	{"path": "/tmp/TestGenerateAndCompileGCFlags_Compilation937123693/001"}
    main_test.go:338:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/cmd/builder/internal/builder/main_test.go:338
        	Error:      	Received unexpected error:
        	            	failed to update go.mod: go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get "https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
        	Test:       	TestGenerateAndCompile/GCFlags_Compilation

=== FAIL: internal/builder TestGenerateAndCompile/Build_Tags_Compilation (0.19s)
2025-10-09T23:03:02.226-0700	INFO	builder/config.go:160	Using go	{"go-executable": "/usr/local/go/bin/go"}
2025-10-09T23:03:02.230-0700	INFO	builder/main.go:99	Sources created	{"path": "/tmp/TestGenerateAndCompileBuild_Tags_Compilation452952742/001"}
    main_test.go:338:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/cmd/builder/internal/builder/main_test.go:338
        	Error:      	Received unexpected error:
        	            	failed to update go.mod: go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get "https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
        	Test:       	TestGenerateAndCompile/Build_Tags_Compilation

=== FAIL: internal/builder TestGenerateAndCompile/Debug_Compilation (0.19s)
    main_test.go:338:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/cmd/builder/internal/builder/main_test.go:338
        	Error:      	Received unexpected error:
        	            	failed to update go.mod: go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get "https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
        	Test:       	TestGenerateAndCompile/Debug_Compilation

=== FAIL: internal/builder TestGenerateAndCompile/No_providers (0.18s)
2025-10-09T23:03:02.604-0700	INFO	builder/config.go:160	Using go	{"go-executable": "/usr/local/go/bin/go"}
2025-10-09T23:03:02.607-0700	INFO	builder/main.go:99	Sources created	{"path": "/tmp/TestGenerateAndCompileNo_providers3344910177/001"}
    main_test.go:338:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/cmd/builder/internal/builder/main_test.go:338
        	Error:      	Received unexpected error:
        	            	failed to update go.mod: go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get "https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
        	Test:       	TestGenerateAndCompile/No_providers

=== FAIL: internal/builder TestGenerateAndCompile/With_confmap_factories (0.18s)
2025-10-09T23:03:02.783-0700	INFO	builder/config.go:160	Using go	{"go-executable": "/usr/local/go/bin/go"}
2025-10-09T23:03:02.785-0700	INFO	builder/main.go:99	Sources created	{"path": "/tmp/TestGenerateAndCompileWith_confmap_factories465256339/001"}
    main_test.go:338:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/cmd/builder/internal/builder/main_test.go:338
        	Error:      	Received unexpected error:
        	            	failed to update go.mod: go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get "https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
        	Test:       	TestGenerateAndCompile/With_confmap_factories

=== FAIL: internal/builder TestGenerateAndCompile/ConfResolverDefaultURIScheme_set (0.19s)
2025-10-09T23:03:02.967-0700	INFO	builder/config.go:160	Using go	{"go-executable": "/usr/local/go/bin/go"}
2025-10-09T23:03:02.971-0700	INFO	builder/main.go:99	Sources created	{"path": "/tmp/TestGenerateAndCompileConfResolverDefaultURIScheme_set2737885439/001"}
    main_test.go:338:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/cmd/builder/internal/builder/main_test.go:338
        	Error:      	Received unexpected error:
        	            	failed to update go.mod: go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get "https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
        	Test:       	TestGenerateAndCompile/ConfResolverDefaultURIScheme_set

=== FAIL: internal/builder TestGenerateAndCompile (1.48s)

=== FAIL: internal/builder TestReplaceStatementsAreComplete (0.29s)
2025-10-09T23:03:03.275-0700	INFO	builder/main.go:99	Sources created	{"path": "/tmp/TestReplaceStatementsAreComplete182791686/001"}
    main_test.go:420:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/cmd/builder/internal/builder/main_test.go:420
        	Error:      	Received unexpected error:
        	            	failed to update go.mod: go subcommand failed with args '[mod tidy -compat=1.24]': exit status 1, error message: go: github.com/knadh/koanf/[email protected]: Get "https://proxy.golang.org/github.com/knadh/koanf/maps/@v/v0.1.2.mod": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
        	Test:       	TestReplaceStatementsAreComplete

DONE 39 tests, 14 failures in 2.484s
make: *** [../../Makefile.Common:33: test-fips140-only] Error 1
...
=== Failed
=== FAIL: . TestHttpReception/TLS (2.01s)
    configgrpc_test.go:754:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/config/configgrpc/configgrpc_test.go:754
        	Error:      	Received unexpected error:
        	            	rpc error: code = DeadlineExceeded desc = latest balancer error: connection error: desc = "transport: authentication handshake failed: crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode"
        	Test:       	TestHttpReception/TLS

=== FAIL: . TestHttpReception/mTLS (2.03s)
    configgrpc_test.go:754:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/config/configgrpc/configgrpc_test.go:754
        	Error:      	Received unexpected error:
        	            	rpc error: code = DeadlineExceeded desc = latest balancer error: connection error: desc = "transport: authentication handshake failed: crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode"
        	Test:       	TestHttpReception/mTLS

=== FAIL: . TestHttpReception (10.08s)

DONE 73 tests, 3 failures in 10.121s
make: *** [../../Makefile.Common:33: test-fips140-only] Error 1
...
=== Failed
=== FAIL: . TestHttpReception/TLS (0.00s)
    server_test.go:267:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/config/confighttp/server_test.go:267
        	Error:      	Received unexpected error:
        	            	Get "https://127.0.0.1:39113": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
        	Test:       	TestHttpReception/TLS

=== FAIL: . TestHttpReception/TLS_(HTTP/1.1) (0.00s)
    server_test.go:267:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/config/confighttp/server_test.go:267
        	Error:      	Received unexpected error:
        	            	Get "https://127.0.0.1:34695": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
        	Test:       	TestHttpReception/TLS_(HTTP/1.1)

=== FAIL: . TestHttpReception/mTLS (0.01s)
    server_test.go:267:
        	Error Trace:	/home/shaunak/development/github/opentelemetry-collector/config/confighttp/server_test.go:267
        	Error:      	Received unexpected error:
        	            	Get "https://127.0.0.1:42475": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
        	Test:       	TestHttpReception/mTLS

=== FAIL: . TestHttpReception (0.02s)

DONE 159 tests, 4 failures in 0.160s
make: *** [../../Makefile.Common:33: test-fips140-only] Error 1
...
=== Failed
=== FAIL: . TestTPM_loadCertificate (0.00s)
panic: crypto/cipher: use of CFB is not allowed in FIPS 140-only mode [recovered, repanicked]

goroutine 173 [running]:
testing.tRunner.func1.2({0x813860, 0x91ee50})
	/usr/local/go/src/testing/testing.go:1872 +0x2b4
testing.tRunner.func1()
	/usr/local/go/src/testing/testing.go:1875 +0x460
panic({0x813860?, 0x91ee50?})
	/usr/local/go/src/runtime/panic.go:783 +0x120
crypto/cipher.NewCFBEncrypter(...)
	/usr/local/go/src/crypto/cipher/cfb.go:65
github.com/google/go-tpm/tpm2.(*hmacSession).Encrypt(0xc000170300, {0xc00001a982, 0x4, 0x3e})
	/home/shaunak/go/pkg/mod/github.com/google/[email protected]/tpm2/sessions.go:634 +0x36c
github.com/google/go-tpm/tpm2.cmdParameters[...]({0x922b28, 0xc0001b8380}, {0xc0002261a0, 0x2, 0x10})
	/home/shaunak/go/pkg/mod/github.com/google/[email protected]/tpm2/reflect.go:882 +0x288
github.com/google/go-tpm/tpm2.execute[...]({0xffff95968420, 0xc00022c540}, {0x922b28, 0xc0001b8380}, 0xc0002f4120, {0xc00039eb38, 0x1, 0xc00039e801})
	/home/shaunak/go/pkg/mod/github.com/google/[email protected]/tpm2/reflect.go:49 +0x318
github.com/google/go-tpm/tpm2.Create.Execute({{0x922790, 0xc00038a930}, {0x0}, {0xc000590fc0, {0x0, 0x0, 0x0}}, {{}, {0x0, 0x0, ...}}, ...}, ...)
	/home/shaunak/go/pkg/mod/github.com/google/[email protected]/tpm2/tpm2.go:193 +0xd0
github.com/foxboron/go-tpm-keyfiles.createKeyWithHandle(0xc00039ec40, {0x80000000, {{}, {0xc00051e7e0, 0x22, 0x22}}, {0x925a58, 0xc0000d73c8}}, 0x23, 0x100, ...)
	/home/shaunak/go/pkg/mod/github.com/foxboron/[email protected]/tpm.go:575 +0xa3c
github.com/foxboron/go-tpm-keyfiles.NewLoadableKeyWithResponse({0x922ba0, 0xc00022c540}, 0x23, 0x100, {0x1b55ea0, 0x0, 0x0}, {0x0, 0x0, 0x0})
	/home/shaunak/go/pkg/mod/github.com/foxboron/[email protected]/loadablekey.go:31 +0x19c
github.com/foxboron/go-tpm-keyfiles.NewLoadableKey(...)
	/home/shaunak/go/pkg/mod/github.com/foxboron/[email protected]/loadablekey.go:15
go.opentelemetry.io/collector/config/configtls.createTPMKeyCert(0xc0002fb880, {0x922ba0, 0xc00022c540})
	/home/shaunak/development/github/opentelemetry-collector/config/configtls/tpm_test.go:191 +0x68
go.opentelemetry.io/collector/config/configtls.TestTPM_loadCertificate(0xc0002fb880)
	/home/shaunak/development/github/opentelemetry-collector/config/configtls/tpm_test.go:41 +0xf4
testing.tRunner(0xc0002fb880, 0x8ae980)
	/usr/local/go/src/testing/testing.go:1934 +0x168
created by testing.(*T).Run in goroutine 1
	/usr/local/go/src/testing/testing.go:1997 +0x6e4

DONE 119 tests, 1 failure in 0.135s
make: *** [../../Makefile.Common:33: test-fips140-only] Error 1
...
=== FAIL: provider/internal/configurablehttpprovider TestFunctionalityDownloadFileHTTPS (0.02s)
panic: crypto/sha1: use of SHA-1 is not allowed in FIPS 140-only mode [recovered, repanicked]

goroutine 4 [running]:
testing.tRunner.func1.2({0x1048c0a20, 0x1049564c0})
	/Users/shaunak/.gvm/gos/go1.25.1/src/testing/testing.go:1872 +0x2b4
testing.tRunner.func1()
	/Users/shaunak/.gvm/gos/go1.25.1/src/testing/testing.go:1875 +0x460
panic({0x1048c0a20?, 0x1049564c0?})
	/Users/shaunak/.gvm/gos/go1.25.1/src/runtime/panic.go:783 +0x120
crypto/sha1.Sum({0xc0002d0240, 0x10e, 0x10e})
	/Users/shaunak/.gvm/gos/go1.25.1/src/crypto/sha1/sha1.go:278 +0x154
crypto/x509.CreateCertificate({0x104958b20, 0xc00011c250}, 0xc0002c2e58, 0xc0002c2e58, {0x1048e2160, 0xc000280230}, {0x104925f00, 0xc000280230})
	/Users/shaunak/.gvm/gos/go1.25.1/src/crypto/x509/x509.go:1738 +0x5a4
go.opentelemetry.io/collector/confmap/provider/internal/configurablehttpprovider.generateCertificate(0xc000005180, {0x1047c868d, 0x9})
	/Users/shaunak/development/github/opentelemetry-collector/confmap/provider/internal/configurablehttpprovider/provider_test.go:81 +0x510
go.opentelemetry.io/collector/confmap/provider/internal/configurablehttpprovider.TestFunctionalityDownloadFileHTTPS(0xc000005180)
	/Users/shaunak/development/github/opentelemetry-collector/confmap/provider/internal/configurablehttpprovider/provider_test.go:126 +0x40
testing.tRunner(0xc000005180, 0x1049535d0)
	/Users/shaunak/.gvm/gos/go1.25.1/src/testing/testing.go:1934 +0x168
created by testing.(*T).Run in goroutine 1
	/Users/shaunak/.gvm/gos/go1.25.1/src/testing/testing.go:1997 +0x6e4

DONE 243 tests, 1 skipped, 1 failure in 3.058s
...
=== Failed
=== FAIL: . TestSendTracesWhenEndpointHasHttpScheme/Use_https_scheme (10.01s)
    otlp_test.go:461:
        	Error Trace:	/Users/shaunak/development/github/opentelemetry-collector/exporter/otlpexporter/otlp_test.go:461
        	Error:      	Condition never satisfied
        	Test:       	TestSendTracesWhenEndpointHasHttpScheme/Use_https_scheme

=== FAIL: . TestSendTracesWhenEndpointHasHttpScheme (10.02s)

=== FAIL: . TestSendProfilesWhenEndpointHasHttpScheme/Use_https_scheme (10.01s)
    otlp_test.go:1034:
        	Error Trace:	/Users/shaunak/development/github/opentelemetry-collector/exporter/otlpexporter/otlp_test.go:1034
        	Error:      	Condition never satisfied
        	Test:       	TestSendProfilesWhenEndpointHasHttpScheme/Use_https_scheme

=== FAIL: . TestSendProfilesWhenEndpointHasHttpScheme (10.03s)

DONE 62 tests, 4 failures in 28.041s
...

@atoulme
Copy link
Contributor

atoulme commented Oct 3, 2025

I think you can just set GODEBUG as an env var before running make.

GODEBUG=fips140=only make test

Please feel free to open issues for each test occurrence failing, and request fips140-3 be considered for support.

@ycombinator
Copy link
Contributor Author

ycombinator commented Oct 4, 2025
edited
Loading

Thanks @atoulme, I'll run the Go unit tests as you suggested.

The goal would be to eventually run these unit tests with GODEBUG=fips140=only in CI so we can detect any regressions once all the test failures are addressed. I'll amend this PR accordingly and file separate issues for each failing test. Once those issues are resolved, we can return to this PR, rebasing it on main, and making sure it passes CI.

@ycombinator ycombinator changed the title [chore] Add Makefile targets for running unit tests with GODEBUG=fips140=only [chore] Run Go unit tests with GODEBUG=fips140=only Oct 4, 2025
@ycombinator ycombinator changed the title [chore] Run Go unit tests with GODEBUG=fips140=only [ci] Run Go unit tests with GODEBUG=fips140=only Oct 4, 2025
@ycombinator ycombinator force-pushed the unit-tests-fips140-only branch 2 times, most recently from d9eb679 to b269e9d Compare October 10, 2025 05:57
This was referenced Oct 10, 2025
Open
Open
Open
Closed
Open
Closed
@ycombinator
Copy link
Contributor Author

Please feel free to open issues for each test occurrence failing, and request fips140-3 be considered for support.

This was referenced Oct 20, 2025
Merged
Open
@ycombinator ycombinator force-pushed the unit-tests-fips140-only branch from b269e9d to 063717e Compare October 24, 2025 18:24
@ycombinator ycombinator mentioned this pull request Oct 24, 2025
Open
@ycombinator ycombinator force-pushed the unit-tests-fips140-only branch from 4fbf367 to c4a20ca Compare October 24, 2025 23:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ycombinator @atoulme