From 77ace71f92dc8b5092df78e8404715410b26dcc0 Mon Sep 17 00:00:00 2001
From: Paolo Chila <paolo.chila@elastic.co>
Date: Tue, 4 Mar 2025 16:12:20 +0100
Subject: [PATCH] fixup! WIP - package FIPS-compliant Beats

---
 dev-tools/mage/pkg.go      | 10 ++++++++--
 dev-tools/mage/pkgspecs.go | 12 ++++++------
 go.mod                     |  2 +-
 3 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/dev-tools/mage/pkg.go b/dev-tools/mage/pkg.go
index fcbc3c753fe0..04bdc497ca8d 100644
--- a/dev-tools/mage/pkg.go
+++ b/dev-tools/mage/pkg.go
@@ -24,6 +24,7 @@ import (
 	"os"
 	"path/filepath"
 	"runtime"
+	"slices"
 	"strconv"
 	"strings"
 
@@ -88,8 +89,13 @@ func Package() error {
 				}
 
 				// TODO add filters on fips-enabled beats
-				if pkg.Spec.FIPS && !FIPSBuild {
-					log.Printf("Skipping creation for package type %v because spec.Fips=%b and fips=%b: %v", pkgType, pkg.Spec.FIPS, FIPSBuild)
+				if FIPSBuild && !slices.Contains(FIPSConfig.Beats, BeatName) {
+					log.Printf("Skipping creation for beat %v package type %v because beat is not listed as FIPS compliant %v", BeatName, pkgType, FIPSConfig.Beats)
+					continue
+				}
+
+				if pkg.Spec.FIPS != FIPSBuild {
+					log.Printf("Skipping creation for package type %v because spec.FIPS = %v and FIPSBuild = %v", pkgType, pkg.Spec.FIPS, FIPSBuild)
 					continue
 				}
 
diff --git a/dev-tools/mage/pkgspecs.go b/dev-tools/mage/pkgspecs.go
index 7702ab3a8e7e..ad68fcc1e154 100644
--- a/dev-tools/mage/pkgspecs.go
+++ b/dev-tools/mage/pkgspecs.go
@@ -45,18 +45,18 @@ func UseElasticBeatXPackPackaging() {
 	MustUsePackaging("elastic_beat_xpack", packageSpecFile)
 }
 
+// UseElasticBeatXPackFIPSPackaging configures the package target to build Elastic
+// licensed (X-Pack) FIPS compliant packages for agent use.
+func UseElasticBeatXPackFIPSPackaging() {
+	MustUsePackaging("elastic_beat_xpack_fips", packageSpecFile)
+}
+
 // UseElasticBeatXPackReducedPackaging configures the package target to build Elastic
 // licensed (X-Pack) packages for agent use.
 func UseElasticBeatXPackReducedPackaging() {
 	MustUsePackaging("elastic_beat_xpack_reduced", packageSpecFile)
 }
 
-// UseElasticBeatXPackFIPSPackaging configures the package target to build Elastic
-// licensed (X-Pack) packages for agent use.
-func UseElasticBeatXPackFIPSPackaging() {
-	MustUsePackaging("elastic_beat_xpack_fips", packageSpecFile)
-}
-
 // MustUsePackaging will load a named spec from a named file, if any errors
 // occurs when loading the specs it will panic.
 //
diff --git a/go.mod b/go.mod
index 94ccb907e5dd..c04784768886 100644
--- a/go.mod
+++ b/go.mod
@@ -232,6 +232,7 @@ require (
 	golang.org/x/term v0.29.0
 	google.golang.org/genproto/googleapis/api v0.0.0-20241118233622-e639e219e697
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1
+	gopkg.in/yaml.v3 v3.0.1
 )
 
 require (
@@ -464,7 +465,6 @@ require (
 	golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da // indirect
 	gonum.org/v1/gonum v0.15.1 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect
-	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
 	k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect