feat(fips): disable otel components pulling in x/crypto deps (#7548) (#7590)

* feat(fips): disable otel components pulling in x/crypto deps

some otel components are pulling several x/crypto packages under
the hood

disable them in fips mode

* Update components_fips.go

* Update components_nofips.go

* Update components.go

(cherry picked from commit 041f827)

Co-authored-by: kruskall <[email protected]>

Author: mergify[bot]

internal/pkg/otel/components.go

@@ -20,10 +20,8 @@ import (
 	jmxreceiver "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/jmxreceiver"
 	k8sclusterreceiver "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/k8sclusterreceiver"
 	k8sobjectsreceiver "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/k8sobjectsreceiver"
-	kafkareceiver "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/kafkareceiver"
 	kubeletstatsreceiver "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/kubeletstatsreceiver"
 	nginxreceiver "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/nginxreceiver"
-	prometheusreceiver "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/prometheusreceiver"
 	receivercreator "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/receivercreator"
 	redisreceiver "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/redisreceiver"
 	zipkinreceiver "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/zipkinreceiver"
@@ -52,7 +50,6 @@ import (
 	// Exporters:
 	"github.com/open-telemetry/opentelemetry-collector-contrib/exporter/elasticsearchexporter"
 	fileexporter "github.com/open-telemetry/opentelemetry-collector-contrib/exporter/fileexporter" // for e2e tests
-	kafkaexporter "github.com/open-telemetry/opentelemetry-collector-contrib/exporter/kafkaexporter"
 	"github.com/open-telemetry/opentelemetry-collector-contrib/exporter/loadbalancingexporter"
 	debugexporter "go.opentelemetry.io/collector/exporter/debugexporter" // for dev
 	"go.opentelemetry.io/collector/exporter/otlpexporter"
@@ -78,15 +75,14 @@ func components(extensionFactories ...extension.Factory) func() (otelcol.Factori
 		factories := otelcol.Factories{}
 
 		// Receivers
-		factories.Receivers, err = receiver.MakeFactoryMap(
+		receivers := []receiver.Factory{
 			otlpreceiver.NewFactory(),
 			filelogreceiver.NewFactory(),
 			kubeletstatsreceiver.NewFactory(),
 			k8sclusterreceiver.NewFactory(),
 			hostmetricsreceiver.NewFactory(),
 			httpcheckreceiver.NewFactory(),
 			k8sobjectsreceiver.NewFactory(),
-			prometheusreceiver.NewFactory(),
 			receivercreator.NewFactory(),
 			redisreceiver.NewFactory(),
 			nginxreceiver.NewFactory(),
@@ -95,9 +91,12 @@ func components(extensionFactories ...extension.Factory) func() (otelcol.Factori
 			fbreceiver.NewFactory(),
 			mbreceiver.NewFactory(),
 			jmxreceiver.NewFactory(),
-			kafkareceiver.NewFactory(),
 			nopreceiver.NewFactory(),
-		)
+		}
+		// some receivers should only be available when
+		// not in fips mode due to restrictions on crypto usage
+		receivers = addNonFipsReceivers(receivers)
+		factories.Receivers, err = receiver.MakeFactoryMap(receivers...)
 		if err != nil {
 			return otelcol.Factories{}, err
 		}
@@ -122,15 +121,18 @@ func components(extensionFactories ...extension.Factory) func() (otelcol.Factori
 		}
 
 		// Exporters
-		factories.Exporters, err = exporter.MakeFactoryMap(
+		exporters := []exporter.Factory{
 			otlpexporter.NewFactory(),
 			debugexporter.NewFactory(),
 			fileexporter.NewFactory(),
 			elasticsearchexporter.NewFactory(),
 			loadbalancingexporter.NewFactory(),
 			otlphttpexporter.NewFactory(),
-			kafkaexporter.NewFactory(),
-		)
+		}
+		// some exporters should only be available when
+		// not in fips mode due to restrictions on crypto usage
+		exporters = addNonFipsExporters(exporters)
+		factories.Exporters, err = exporter.MakeFactoryMap(exporters...)
 		if err != nil {
 			return otelcol.Factories{}, err
 		}

internal/pkg/otel/components_fips.go

@@ -0,0 +1,22 @@
+// Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+// or more contributor license agreements. Licensed under the Elastic License 2.0;
+// you may not use this file except in compliance with the Elastic License 2.0.
+
+//go:build requirefips
+
+package otel
+
+import (
+	"go.opentelemetry.io/collector/exporter"
+	"go.opentelemetry.io/collector/receiver"
+)
+
+func addNonFipsReceivers(receivers []receiver.Factory) []receiver.Factory {
+	// do not add non fips receivers in fips mode
+	return receivers
+}
+
+func addNonFipsExporters(exporters []exporter.Factory) []exporter.Factory {
+	// do not add non fips exporters in fips mode
+	return exporters
+}

internal/pkg/otel/components_nofips.go

@@ -0,0 +1,31 @@
+// Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+// or more contributor license agreements. Licensed under the Elastic License 2.0;
+// you may not use this file except in compliance with the Elastic License 2.0.
+
+//go:build !requirefips
+
+package otel
+
+import (
+	kafkaexporter "github.com/open-telemetry/opentelemetry-collector-contrib/exporter/kafkaexporter"
+	kafkareceiver "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/kafkareceiver"
+	prometheusreceiver "github.com/open-telemetry/opentelemetry-collector-contrib/receiver/prometheusreceiver"
+	"go.opentelemetry.io/collector/exporter"
+	"go.opentelemetry.io/collector/receiver"
+)
+
+func addNonFipsReceivers(receivers []receiver.Factory) []receiver.Factory {
+	receivers = append(receivers,
+		kafkareceiver.NewFactory(),
+		prometheusreceiver.NewFactory(),
+	)
+
+	return receivers
+}
+
+func addNonFipsExporters(exporters []exporter.Factory) []exporter.Factory {
+	exporters = append(exporters,
+		kafkaexporter.NewFactory(),
+	)
+	return exporters
+}