Enable unit tests with -tags=requirefips (#43611)

Enable unit tests with -tags=requirefips for auditbeat, filebeat, metricbeat, and libbeat.

Author: michel-laterman

.buildkite/auditbeat/auditbeat-pipeline.yml

@@ -103,6 +103,33 @@ steps:
           - github_commit_status:
               context: "auditbeat: Ubuntu x86_64 Unit Tests"
 
+      - label: ":ubuntu: Auditbeat: Ubuntu x86_64 Unit Tests FIPS"
+        command: |
+          set -euo pipefail
+          cd auditbeat
+          mage unitTest
+        retry:
+          automatic:
+            - limit: 1
+        agents:
+          provider: "gcp"
+          image: "${IMAGE_UBUNTU_2204_X86_64}"
+          machineType: "${GCP_DEFAULT_MACHINE_TYPE}"
+        env:
+          FIPS: "true"
+        artifact_paths:
+          - "auditbeat/build/*.xml"
+          - "auditbeat/build/*.json"
+        plugins:
+          - test-collector#v1.10.2:
+              files: "auditbeat/build/TEST-*.xml"
+              format: "junit"
+              branches: "main"
+              debug: true
+        notify:
+          - github_commit_status:
+              context: "auditbeat: Ubuntu x86_64 Unit Tests FIPS"
+
       - label: ":rhel: Auditbeat: RHEL9 Unit Tests"
         command: |
           set -euo pipefail

.buildkite/filebeat/filebeat-pipeline.yml

@@ -101,6 +101,32 @@ steps:
           - github_commit_status:
               context: "filebeat: Ubuntu x86_64 Unit Tests"
 
+      - label: ":ubuntu: Filebeat: Ubuntu x86_64 Unit Tests FIPS"
+        command: |
+          cd filebeat
+          mage unitTest
+        retry:
+          automatic:
+            - limit: 1
+        agents:
+          provider: "gcp"
+          image: "${IMAGE_UBUNTU_X86_64}"
+          machineType: "${GCP_DEFAULT_MACHINE_TYPE}"
+        env:
+          FIPS: "true"
+        artifact_paths:
+          - "filebeat/build/*.xml"
+          - "filebeat/build/*.json"
+        plugins:
+          - test-collector#v1.10.2:
+              files: "filebeat/build/TEST-*.xml"
+              format: "junit"
+              branches: "main"
+              debug: true
+        notify:
+          - github_commit_status:
+              context: "filebeat: Ubuntu x86_64 Unit Tests FIPS"
+
       - label: ":ubuntu: Filebeat: Go Integration Tests"
         command: |
           cd filebeat

.buildkite/libbeat/pipeline.libbeat.yml

@@ -87,6 +87,34 @@ steps:
           - github_commit_status:
               context: "libbeat: Ubuntu x86_64 Unit Tests"
 
+      - label: ":ubuntu: Libbeat: Ubuntu x86_64 Unit Tests FIPS"
+        key: "mandatory-linux-unit-test-fips"
+        command: |
+          set -euo pipefail
+          cd libbeat
+          mage unitTest
+        retry:
+          automatic:
+            - limit: 1
+        agents:
+          provider: "gcp"
+          image: "${IMAGE_UBUNTU_X86_64}"
+          machineType: "${GCP_DEFAULT_MACHINE_TYPE}"
+        env:
+          FIPS: "true"
+        artifact_paths:
+          - "libbeat/build/*.xml"
+          - "libbeat/build/*.json"
+        plugins:
+          - test-collector#v1.10.2:
+              files: "libbeat/build/TEST-*-unit.xml"
+              format: "junit"
+              branches: "main"
+              debug: true
+        notify:
+          - github_commit_status:
+              context: "libbeat: Ubuntu x86_64 Unit Tests FIPS"
+
       - label: ":ubuntu: Libbeat: Go Integration Tests"
         key: "mandatory-int-test"
         command: |
@@ -111,7 +139,7 @@ steps:
               debug: true
         notify:
           - github_commit_status:
-              context: "libbeat: Go Integration Tests"
+              context: "libbeat: Go Integration Tests FIPS"
 
       - label: ":ubuntu: Libbeat: Python Integration Tests"
         key: "mandatory-python-int-test"

.buildkite/metricbeat/pipeline.yml

@@ -105,6 +105,33 @@ steps:
           - github_commit_status:
               context: "metricbeat: Ubuntu x86_64 Unit Tests"
 
+      - label: ":ubuntu: Metricbeat: Ubuntu x86_64 Unit Tests FIPS"
+        key: "mandatory-linux-unit-test-fips"
+        command: |
+          cd metricbeat
+          mage unitTest
+        retry:
+          automatic:
+            - limit: 1
+        agents:
+          provider: "gcp"
+          image: "${IMAGE_UBUNTU_X86_64}"
+          machineType: "${GCP_DEFAULT_MACHINE_TYPE}"
+        env:
+          FIPS: "true"
+        artifact_paths:
+          - "metricbeat/build/*.xml"
+          - "metricbeat/build/*.json"
+        plugins:
+          - test-collector#v1.10.2:
+              files: "metricbeat/build/TEST-*.xml"
+              format: "junit"
+              branches: "main"
+              debug: true
+        notify:
+          - github_commit_status:
+              context: "metricbeat: Ubuntu x86_64 Unit Tests FIPS"
+
       - label: ":ubuntu: Metricbeat: Go Integration Tests (Module)"
         key: "mandatory-int-test"
         command: |

.buildkite/x-pack/pipeline.xpack.auditbeat.yml

@@ -106,6 +106,33 @@ steps:
           - github_commit_status:
               context: "x-pack/auditbeat: Build Tests (Module)"
 
+      - label: ":ubuntu: x-pack/auditbeat: Ubuntu Unit Tests FIPS"
+        key: "mandatory-linux-unit-test-fips"
+        command: |
+          cd x-pack/auditbeat
+          mage unitTest
+        retry:
+          automatic:
+            - limit: 1
+        agents:
+          provider: "gcp"
+          image: "${IMAGE_UBUNTU_X86_64}"
+          machineType: "${GCP_DEFAULT_MACHINE_TYPE}"
+        env:
+          FIPS: "true"
+        artifact_paths:
+          - "x-pack/auditbeat/build/*.xml"
+          - "x-pack/auditbeat/build/*.json"
+        plugins:
+          - test-collector#v1.10.2:
+              files: "x-pack/auditbeat/build/TEST-*.xml"
+              format: "junit"
+              branches: "main"
+              debug: true
+        notify:
+          - github_commit_status:
+              context: "x-pack/auditbeat: Ubuntu Unit Tests FIPS"
+
       - label: ":rhel: x-pack/auditbeat: RHEL9 Unit Tests"
         key: "mandatory-rhel9-unit-test"
         command: |

.buildkite/x-pack/pipeline.xpack.filebeat.yml

@@ -103,6 +103,33 @@ steps:
           - github_commit_status:
               context: "x-pack/filebeat: Ubuntu x86_64 Unit Tests"
 
+      - label: ":ubuntu: x-pack/filebeat: Ubuntu x86_64 Unit Tests FIPS"
+        key: "x-pack-filebeat-mandatory-linux-unit-test-FIPS"
+        command: |
+          cd x-pack/filebeat
+          mage unitTest
+        retry:
+          automatic:
+            - limit: 1
+        agents:
+          provider: "gcp"
+          image: "${IMAGE_UBUNTU_X86_64}"
+          machineType: "${GCP_DEFAULT_MACHINE_TYPE}"
+        env:
+          FIPS: "true"
+        artifact_paths:
+          - "x-pack/filebeat/build/*.xml"
+          - "x-pack/filebeat/build/*.json"
+        plugins:
+          - test-collector#v1.10.2:
+              files: "x-pack/filebeat/build/TEST-*.xml"
+              format: "junit"
+              branches: "main"
+              debug: true
+        notify:
+          - github_commit_status:
+              context: "x-pack/filebeat: Ubuntu x86_64 Unit Tests FIPS"
+
       - label: ":ubuntu: x-pack/filebeat: Go Integration Tests"
         key: "x-pack-filebeat-mandatory-int-test"
         command: |

.buildkite/x-pack/pipeline.xpack.libbeat.yml

@@ -86,6 +86,27 @@ steps:
           - github_commit_status:
               context: "x-pack/libbeat: Ubuntu x86_64 Unit Tests"
 
+      - label: ":ubuntu: x-pack/libbeat: Ubuntu x86_64 Unit Tests FIPS"
+        key: "mandatory-linux-unit-test-fips"
+        command: |
+          cd x-pack/libbeat
+          mage unitTest
+        retry:
+          automatic:
+            - limit: 1
+        agents:
+          provider: "gcp"
+          image: "${IMAGE_UBUNTU_X86_64}"
+          machineType: "${GCP_DEFAULT_MACHINE_TYPE}"
+        env:
+          FIPS: "true"
+        artifact_paths:
+          - "x-pack/libbeat/build/*.xml"
+          - "x-pack/libbeat/build/*.json"
+        notify:
+          - github_commit_status:
+              context: "x-pack/libbeat: Ubuntu x86_64 Unit Tests FIPS"
+
       - label: ":ubuntu: x-pack/libbeat: Go Integration Tests"
         key: "mandatory-int-test"
         command: |

.buildkite/x-pack/pipeline.xpack.metricbeat.yml

@@ -99,6 +99,33 @@ steps:
           - github_commit_status:
               context: "x-pack/metricbeat: Ubuntu x86_64 Unit Tests"
 
+      - label: ":ubuntu: x-pack/metricbeat: Ubuntu x86_64 Unit Tests FIPS"
+        key: "mandatory-linux-unit-test-fips"
+        command: |
+          cd x-pack/metricbeat
+          mage unitTest
+        retry:
+          automatic:
+            - limit: 1
+        agents:
+          provider: "gcp"
+          image: "${IMAGE_UBUNTU_X86_64}"
+          machineType: "${GCP_DEFAULT_MACHINE_TYPE}"
+        env:
+          FIPS: "true"
+        artifact_paths:
+          - "x-pack/metricbeat/build/*.xml"
+          - "x-pack/metricbeat/build/*.json"
+        plugins:
+          - test-collector#v1.10.2:
+              files: "x-pack/metricbeat/build/TEST-*.xml"
+              format: "junit"
+              branches: "main"
+              debug: true
+        notify:
+          - github_commit_status:
+              context: "x-pack/metricbeat: Ubuntu x86_64 Unit Tests FIPS"
+
       - label: ":ubuntu: x-pack/metricbeat: Go Integration Tests (Module)"
         key: "mandatory-int-test"
         env:

auditbeat/module/file_integrity/file_parsers_fips_test.go

@@ -0,0 +1,64 @@
+// Licensed to Elasticsearch B.V. under one or more contributor
+// license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright
+// ownership. Elasticsearch B.V. licenses this file to you under
+// the Apache License, Version 2.0 (the "License"); you may
+// not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+//go:build requirefips
+
+package file_integrity
+
+import (
+	"reflect"
+	"testing"
+
+	"github.com/elastic/elastic-agent-libs/config"
+)
+
+func TestFileParsers(t *testing.T) {
+	cfg, err := config.NewConfigFrom(map[string]interface{}{
+		"paths":        []string{"/usr/bin"},
+		"file_parsers": []string{"file.elf.sections", `/\.pe\./`},
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	c := defaultConfig
+	if err := cfg.Unpack(&c); err != nil {
+		t.Fatal(err)
+	}
+
+	wantParserNames := map[string]bool{
+		"executable_object": true,
+	}
+	wantFields := map[string]bool{
+		"file.elf.sections":              true,
+		"file.pe.sections":               true,
+		"file.pe.sections.name":          true,
+		"file.pe.sections.physical_size": true,
+		"file.pe.sections.virtual_size":  true,
+		"file.pe.sections.entropy":       true,
+		"file.pe.sections.var_entropy":   true,
+		"file.pe.go_stripped":            true,
+	}
+
+	gotParserNames, gotFields := parserNamesAndFields(c)
+	if !reflect.DeepEqual(gotParserNames, wantParserNames) {
+		t.Errorf("unexpected parser name set: got:%v want:%v", gotParserNames, wantParserNames)
+	}
+	if !reflect.DeepEqual(gotFields, wantFields) {
+		t.Errorf("unexpected fields set: got:%v want:%v", gotFields, wantFields)
+	}
+}

…dule/file_integrity/file_parsers_test.go …le_integrity/file_parsers_nofips_test.goauditbeat/module/file_integrity/file_parsers_test.go renamed to auditbeat/module/file_integrity/file_parsers_nofips_test.go auditbeat/module/file_integrity/file_parsers_test.go renamed to auditbeat/module/file_integrity/file_parsers_nofips_test.go

@@ -15,6 +15,8 @@
 // specific language governing permissions and limitations
 // under the License.
 
+//go:build !requirefips
+
 package file_integrity
 
 import (