Migrate from BC to BCFIPS libraries #17507
Conversation
|
❌ Gradle check result for 8540984: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
8540984 to
3966e04
Compare
|
❌ Gradle check result for 3966e04: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
3966e04 to
bedd7e6
Compare
|
❌ Gradle check result for bedd7e6: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
bedd7e6 to
92abe7c
Compare
|
❌ Gradle check result for 92abe7c: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
92abe7c to
0dccac7
Compare
|
❌ Gradle check result for 0dccac7: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
0dccac7 to
77cc952
Compare
|
❌ Gradle check result for 77cc952: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
77cc952 to
cf65dcb
Compare
|
❌ Gradle check result for cf65dcb: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
cf65dcb to
64bf6c5
Compare
|
❌ Gradle check result for 64bf6c5: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
|
❌ Gradle check result for 37eae20: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
37eae20 to
e2384f5
Compare
|
❌ Gradle check result for e2384f5: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
e2384f5 to
0f0ae5d
Compare
|
❌ Gradle check result for 0f0ae5d: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
0f0ae5d to
78fddee
Compare
|
❌ Gradle check result for 78fddee: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
78fddee to
b904edc
Compare
|
❌ Gradle check result for b904edc: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
b904edc to
b66477c
Compare
|
❌ Gradle check result for b66477c: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
b66477c to
a6103e7
Compare
|
❌ Gradle check result for a6103e7: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
|
❌ Gradle check result for 0825345: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
@beanuwave my understanding is that FIPS would be a separate build that requires passing |
|
@cwperks For simplicity, the upcoming build parameter |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
9ff88b6 to
eff2ba7
Compare
Signed-off-by: Igonin <[email protected]> Co-authored-by: Benny Goerzig <[email protected]> Co-authored-by: Karsten Schnitter <[email protected]> Co-authored-by: Kai Sternad <[email protected]> # Conflicts: # release-notes/opensearch.release-notes-3.0.0-alpha1.md
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
eff2ba7 to
31e983a
Compare
|
❌ Gradle check result for 31e983a: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
2 times, most recently
from
85761ee to
aa11b27
Compare
|
❌ Gradle check result for aa11b27: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
aa11b27 to
e24118d
Compare
|
❌ Gradle check result for e24118d: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
Signed-off-by: Igonin <[email protected]> Co-authored-by: Benny Goerzig <[email protected]> Co-authored-by: Karsten Schnitter <[email protected]> Co-authored-by: Kai Sternad <[email protected]>
beanuwave
force-pushed
the
bc_to_bcfips_migration
branch
from
e24118d to
8edda48
Compare
server/src/main/resources/org/opensearch/bootstrap/security.policy
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Thank you @beanuwave, with the removal of the extra deps on the server module this LGTM. I just tested with the security plugin and the sec plugin can be installed w/ these changes in place.
@andrross @reta Could I also get a second set of eyes on this?
|
❕ Gradle check result for 8edda48: UNSTABLE
Please review all flaky tests that succeeded after retry and create an issue if one does not already exist to track the flaky failure. |
Signed-off-by: Igonin <[email protected]> Co-authored-by: Benny Goerzig <[email protected]> Co-authored-by: Karsten Schnitter <[email protected]> Co-authored-by: Kai Sternad <[email protected]>
* Migrate from BC to BCFIPS libraries Signed-off-by: Igonin <[email protected]> Co-authored-by: Benny Goerzig <[email protected]> Co-authored-by: Karsten Schnitter <[email protected]> Co-authored-by: Kai Sternad <[email protected]> # Conflicts: # release-notes/opensearch.release-notes-3.0.0-alpha1.md * reduce footprint of BC libs Signed-off-by: Igonin <[email protected]> Co-authored-by: Benny Goerzig <[email protected]> Co-authored-by: Karsten Schnitter <[email protected]> Co-authored-by: Kai Sternad <[email protected]> * restrain permissions in server policy file Signed-off-by: Igonin <[email protected]> Co-authored-by: Benny Goerzig <[email protected]> Co-authored-by: Karsten Schnitter <[email protected]> Co-authored-by: Kai Sternad <[email protected]> --------- Signed-off-by: Igonin <[email protected]> Co-authored-by: Igonin <[email protected]> Co-authored-by: Igonin <[email protected]> Co-authored-by: Benny Goerzig <[email protected]> Co-authored-by: Karsten Schnitter <[email protected]> Co-authored-by: Kai Sternad <[email protected]>
NOTE: Basically a split up from the original #14912
Description
Migration of BouncyCastle's BC libraries to their FIPS counterparts. BC-FIPS libraries are used in general mode only, FIPS-140-3 related changes are not included in this commit.
Other components with hard BC dependencies are likely to break. Fortunately @terryquickleysas has already provided a brief summery for v2.17.
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.