TUN-5551: Show whether the binary was built for FIPS compliance

This is shown in 3 ways: - the version output with `cloudflared version` and alike commands - the build_info prometheus metric - a logging message
2025-07-27 18:39:58 +00:00 · 2021-12-27 19:05:14 +00:00
parent 01ad2785ee
commit a39d95d5f7
8 changed files with 46 additions and 29 deletions
--- a/1
+++ b/1
@@ -25,6 +25,7 @@ ifeq ($(FIPS), true)
 	LINK_FLAGS := -linkmode=external -extldflags=-static $(LINK_FLAGS)
 	# Prevent linking with libc regardless of CGO enabled or not.
 	GO_BUILD_TAGS := $(GO_BUILD_TAGS) osusergo netgo fips
+	VERSION_FLAGS := $(VERSION_FLAGS) -X "main.BuildType=FIPS"
 endif

 LDFLAGS := -ldflags='$(VERSION_FLAGS) $(LINK_FLAGS)'