tetrateio · nacx · Mar 6, 2024 · Mar 5, 2024 · Mar 5, 2024 · Mar 6, 2024
diff --git a/cmd/main.go b/cmd/main.go
@@ -66,6 +66,8 @@ func main() {
 		&signal.Handler{}, // handle graceful termination
 	)
 
+	internal.LogFIPS() // Print the FIPS status
+
 	if err := g.Run(); err != nil {
 		fmt.Printf("Unexpected exit: %v\n", err)
 		os.Exit(-1)

diff --git a/config/gen/go/v1/config.pb.go b/config/gen/go/v1/config.pb.go
diff --git a/config/gen/go/v1/mock/config.pb.go b/config/gen/go/v1/mock/config.pb.go
diff --git a/config/gen/go/v1/oidc/config.pb.go b/config/gen/go/v1/oidc/config.pb.go
diff --git a/internal/fips_disabled.go b/internal/fips_disabled.go
@@ -0,0 +1,22 @@
+// Copyright 2024 Tetrate
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build !boringcrypto
+
+package internal
+
+// LogFIPS logs whether FIPS is enabled or not.
+func LogFIPS() {
+	Logger(Default).Info("FIPS: boringcrypto", "enabled", false)
+}
diff --git a/cmd/fips.go → internal/fips_enabled.go b/cmd/fips.go → internal/fips_enabled.go
@@ -14,14 +14,11 @@
 
 //go:build boringcrypto
 
-package main
+package internal
 
-import (
-	"crypto/boring"
-	"fmt"
-)
+import "crypto/boring"
 
-// This line will only be printed in the output if boringcrypto is enabled.
-func init() {
-	fmt.Println("FIPS: boringcrypto enabled:", boring.Enabled())
+// LogFIPS logs whether FIPS is enabled or not.
+func LogFIPS() {
+	Logger(Default).Info("FIPS: boringcrypto", "enabled", boring.Enabled())
 }