[Build] Change the build option from ENABLE_FIPS_FEATURE to INCLUDE_F…

…IPS (sonic-net#15758) Why I did it [Build] Change the build option from ENABLE_FIPS_FEATURE to INCLUDE_FIPS Work item tracking Microsoft ADO (number only): 24485797 How I did it
sonic-otn · Sep 20, 2023 · 0c76f73 · 0c76f73
1 parent e0d4f3a
commit 0c76f73
Show file tree

Hide file tree

Showing 6 changed files with 13 additions and 13 deletions.
diff --git a/Makefile.work b/Makefile.work
@@ -176,13 +176,13 @@ DOCKER_ROOT = $(PWD)/fsroot.docker.$(BLDENV)
 
 # Support FIPS feature, armhf not supported yet
 ifeq ($(PLATFORM_ARCH),armhf)
-ENABLE_FIPS_FEATURE := n
+INCLUDE_FIPS := n
 ENABLE_FIPS := n
 endif
 
-ifeq ($(ENABLE_FIPS_FEATURE), n)
+ifeq ($(INCLUDE_FIPS), n)
 ifeq ($(ENABLE_FIPS), y)
-    $(error Cannot set fips config ENABLE_FIPS=y when ENABLE_FIPS_FEATURE=n)
+    $(error Cannot set fips config ENABLE_FIPS=y when INCLUDE_FIPS=n)
 endif
 endif
 
@@ -209,7 +209,7 @@ $(shell \
 $(shell CONFIGURED_ARCH=$(CONFIGURED_ARCH) \
 	MULTIARCH_QEMU_ENVIRON=$(MULTIARCH_QEMU_ENVIRON) \
 	CROSS_BUILD_ENVIRON=$(CROSS_BUILD_ENVIRON) \
-	ENABLE_FIPS_FEATURE=$(ENABLE_FIPS_FEATURE) \
+	INCLUDE_FIPS=$(INCLUDE_FIPS) \
 	DOCKER_EXTRA_OPTS=$(DOCKER_EXTRA_OPTS) \
 	DEFAULT_CONTAINER_REGISTRY=$(DEFAULT_CONTAINER_REGISTRY) \
 	GZ_COMPRESS_PROGRAM=$(GZ_COMPRESS_PROGRAM) \
@@ -559,7 +559,7 @@ SONIC_BUILD_INSTRUCTION :=  $(MAKE) \
                            ENABLE_ASAN=$(ENABLE_ASAN) \
                            SONIC_INCLUDE_BOOTCHART=$(INCLUDE_BOOTCHART) \
                            SONIC_ENABLE_BOOTCHART=$(ENABLE_BOOTCHART) \
-                           ENABLE_FIPS_FEATURE=$(ENABLE_FIPS_FEATURE) \
+                           INCLUDE_FIPS=$(INCLUDE_FIPS) \
                            ENABLE_FIPS=$(ENABLE_FIPS) \
                            SONIC_SLAVE_DOCKER_DRIVER=$(SONIC_SLAVE_DOCKER_DRIVER) \
                            MIRROR_URLS=$(MIRROR_URLS) \

diff --git a/rules/config b/rules/config
@@ -286,9 +286,9 @@ INCLUDE_BOOTCHART = y
 # ENABLE_BOOTCHART - whether to enable systemd-bootchart on boot
 ENABLE_BOOTCHART = n
 
-# ENABLE_FIPS_FEATURE - support FIPS feature, only for amd64 or arm64, armhf not supported yet
+# INCLUDE_FIPS - support FIPS feature, only for amd64 or arm64, armhf not supported yet
 # ENABLE_FIPS - support FIPS flag, if enabled, no additional config requred for the image to support FIPS
-ENABLE_FIPS_FEATURE ?= y
+INCLUDE_FIPS ?= y
 ENABLE_FIPS ?= n
 
 # SONIC_SLAVE_DOCKER_DRIVER - set the sonic slave docker storage driver

diff --git a/rules/docker-base-bullseye.mk b/rules/docker-base-bullseye.mk
@@ -12,7 +12,7 @@ OPENSSH = openssh-client
 SSHPASS = sshpass
 STRACE = strace
 
-ifeq ($(ENABLE_FIPS_FEATURE), y)
+ifeq ($(INCLUDE_FIPS), y)
 $(DOCKER_BASE_BULLSEYE)_DEPENDS += $(FIPS_OPENSSL_LIBSSL) $(FIPS_OPENSSL_LIBSSL_DEV) $(FIPS_OPENSSL) $(SYMCRYPT_OPENSSL) $(FIPS_KRB5)
 endif
 

diff --git a/rules/sonic-fips.mk b/rules/sonic-fips.mk
@@ -47,7 +47,7 @@ FIPS_PACKAGE_ALL = $(SYMCRYPT_OPENSSL) $(FIPS_DERIVED_TARGET)
 
 $(foreach package,$(FIPS_DERIVED_TARGET),$(eval $(call add_extra_package,$(SYMCRYPT_OPENSSL),$(package))))
 
-ifeq ($(ENABLE_FIPS_FEATURE), y)
+ifeq ($(INCLUDE_FIPS), y)
   FIPS_BASEIMAGE_INSTALLERS = $(FIPS_OPENSSL_LIBSSL) $(FIPS_OPENSSL_LIBSSL_DEV) $(FIPS_OPENSSL) $(SYMCRYPT_OPENSSL) $(FIPS_OPENSSH) $(FIPS_OPENSSH_CLIENT) $(FIPS_OPENSSH_SFTP_SERVER) $(FIPS_OPENSSH_SERVER) $(FIPS_KRB5)
   SONIC_MAKE_DEBS += $(SYMCRYPT_OPENSSL)
 endif
diff --git a/slave.mk b/slave.mk
@@ -353,7 +353,7 @@ endif
 export SONIC_ROUTING_STACK
 export FRR_USER_UID
 export FRR_USER_GID
-export ENABLE_FIPS_FEATURE
+export INCLUDE_FIPS
 export ENABLE_FIPS
 
 ###############################################################################
@@ -428,7 +428,7 @@ $(info "INCLUDE_TEAMD"                   : "$(INCLUDE_TEAMD)")
 $(info "INCLUDE_ROUTER_ADVERTISER"       : "$(INCLUDE_ROUTER_ADVERTISER)")
 $(info "INCLUDE_BOOTCHART                : "$(INCLUDE_BOOTCHART)")
 $(info "ENABLE_BOOTCHART                 : "$(ENABLE_BOOTCHART)")
-$(info "ENABLE_FIPS_FEATURE"             : "$(ENABLE_FIPS_FEATURE)")
+$(info "INCLUDE_FIPS"             : "$(INCLUDE_FIPS)")
 $(info "ENABLE_TRANSLIB_WRITE"           : "$(ENABLE_TRANSLIB_WRITE)")
 $(info "ENABLE_NATIVE_WRITE"             : "$(ENABLE_NATIVE_WRITE)")
 $(info "ENABLE_AUTO_TECH_SUPPORT"        : "$(ENABLE_AUTO_TECH_SUPPORT)")
@@ -1245,7 +1245,7 @@ $(addprefix $(TARGET_PATH)/, $(SONIC_INSTALLERS)) : $(TARGET_PATH)/% : \
         $$(addprefix $(FILES_PATH)/,$$($$*_FILES)) \
         $(addsuffix -install,$(addprefix $(IMAGE_DISTRO_DEBS_PATH)/,$(DEBOOTSTRAP))) \
         $(if $(findstring y,$(ENABLE_ZTP)),$(addprefix $(IMAGE_DISTRO_DEBS_PATH)/,$(SONIC_ZTP))) \
-        $(if $(findstring y,$(ENABLE_FIPS_FEATURE)),$(addprefix $(IMAGE_DISTRO_DEBS_PATH)/,$(SYMCRYPT_OPENSSL))) \
+        $(if $(findstring y,$(INCLUDE_FIPS)),$(addprefix $(IMAGE_DISTRO_DEBS_PATH)/,$(SYMCRYPT_OPENSSL))) \
         $(addprefix $(PYTHON_WHEELS_PATH)/,$(SONIC_UTILITIES_PY3)) \
         $(addprefix $(PYTHON_WHEELS_PATH)/,$(SONIC_PY_COMMON_PY2)) \
         $(addprefix $(PYTHON_WHEELS_PATH)/,$(SONIC_PY_COMMON_PY3)) \

diff --git a/sonic-slave-bullseye/Dockerfile.j2 b/sonic-slave-bullseye/Dockerfile.j2
@@ -468,7 +468,7 @@ RUN apt-get install -y kernel-wedge
 
 # For gobgp and telemetry build
 RUN apt-get install -y golang-1.15 && ln -s /usr/lib/go-1.15 /usr/local/go
-{%- if ENABLE_FIPS_FEATURE == "y" %}
+{%- if INCLUDE_FIPS == "y" %}
 RUN wget -O golang-go.deb 'https://sonicstorage.blob.core.windows.net/public/fips/bullseye/0.1/{{ CONFIGURED_ARCH }}/golang-1.15-go_1.15.15-1~deb11u4%2Bfips_{{ CONFIGURED_ARCH }}.deb' \
  && wget -O golang-src.deb 'https://sonicstorage.blob.core.windows.net/public/fips/bullseye/0.1/{{ CONFIGURED_ARCH }}/golang-1.15-src_1.15.15-1~deb11u4%2Bfips_{{ CONFIGURED_ARCH }}.deb' \
  && dpkg -i golang-go.deb golang-src.deb \