From ffacb2280384b36173b819c9d7b7f174654f26b3 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Fri, 13 Dec 2024 12:29:56 +0100
Subject: [PATCH 01/19] [SECCOMP-31579] - FIPS support

---
 Dockerfile                    | 6 +++++-
 Makefile.common               | 4 ++++
 cmd/postgres_exporter/main.go | 2 ++
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 62f0c0c92..da7c6852f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,6 +8,10 @@ WORKDIR /go/src/github.com/prometheus-community/postgres_exporter
 
 FROM base AS builder
 COPY . .
+
+ENV CGO_ENABLED=1
+ENV GOEXPERIMENT=boringcrypto
+
 RUN go mod tidy
 RUN make build
 RUN cp postgres_exporter /bin/postgres_exporter
@@ -22,4 +26,4 @@ FROM quay.io/sysdig/sysdig-stig-mini-ubi9:1.2.0 AS ubi
 COPY --from=builder /bin/postgres_exporter /bin/postgres_exporter
 EXPOSE     9187
 USER       59000:59000
-ENTRYPOINT [ "/bin/postgres_exporter" ]
\ No newline at end of file
+ENTRYPOINT [ "/bin/postgres_exporter" ]
diff --git a/Makefile.common b/Makefile.common
index 062a28185..dcb73a2da 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -25,6 +25,10 @@
 # Ensure GOBIN is not set during build so that promu is installed to the correct path
 unexport GOBIN
 
+# Export flags required for FIPS compliance
+export CGO_ENABLED=1
+export GOEXPERIMENT=boringcrypto
+
 GO           ?= go
 GOFMT        ?= $(GO)fmt
 FIRST_GOPATH := $(firstword $(subst :, ,$(shell $(GO) env GOPATH)))
diff --git a/cmd/postgres_exporter/main.go b/cmd/postgres_exporter/main.go
index f4d454996..dcc3053dd 100644
--- a/cmd/postgres_exporter/main.go
+++ b/cmd/postgres_exporter/main.go
@@ -19,6 +19,8 @@ import (
 	"os"
 	"strings"
 
+	_ "crypto/tls/fipsonly"
+
 	"github.com/alecthomas/kingpin/v2"
 	"github.com/go-kit/log"
 	"github.com/go-kit/log/level"

From 5418b46ae7e98d3067373c97b140fe63d6903101 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Fri, 13 Dec 2024 12:44:28 +0100
Subject: [PATCH 02/19] [SECCOMP-31582] - FIPS support

---
 Makefile.common | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/Makefile.common b/Makefile.common
index dcb73a2da..b3d89e16e 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -25,10 +25,6 @@
 # Ensure GOBIN is not set during build so that promu is installed to the correct path
 unexport GOBIN
 
-# Export flags required for FIPS compliance
-export CGO_ENABLED=1
-export GOEXPERIMENT=boringcrypto
-
 GO           ?= go
 GOFMT        ?= $(GO)fmt
 FIRST_GOPATH := $(firstword $(subst :, ,$(shell $(GO) env GOPATH)))
@@ -154,7 +150,7 @@ common-test-short: $(GOTEST_DIR)
 .PHONY: common-test
 common-test: $(GOTEST_DIR)
 	@echo ">> running all tests"
-	$(GOTEST) $(test-flags) $(GOOPTS) $(pkgs)
+	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(GOTEST) $(test-flags) $(GOOPTS) $(pkgs)
 
 $(GOTEST_DIR):
 	@mkdir -p $@
@@ -201,7 +197,7 @@ common-unused:
 .PHONY: common-build
 common-build: promu
 	@echo ">> building binaries"
-	$(PROMU) build --prefix $(PREFIX) $(PROMU_BINARIES)
+	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(PROMU) build --prefix $(PREFIX) $(PROMU_BINARIES)
 
 .PHONY: common-tarball
 common-tarball: promu

From 295c5bf4180d7c2c29d781395d4358cb26c9b93f Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Fri, 13 Dec 2024 13:29:01 +0100
Subject: [PATCH 03/19] [SECCOMP-31582] - export globally

---
 Makefile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Makefile b/Makefile
index 114e3438f..17d1d1906 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,8 @@
 # Ensure that 'all' is the default target otherwise it will be the first target from Makefile.common.
 all::
 
+export CGO_ENABLE := 1
+export GOEXPERIMENT := boringcrypto
 # Needs to be defined before including Makefile.common to auto-generate targets
 DOCKER_ARCHS ?= amd64 armv7 arm64 ppc64le
 DOCKER_REPO  ?= prometheuscommunity

From 460e153dd1e4a2c907551191c0162f50295f4603 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Fri, 13 Dec 2024 13:35:14 +0100
Subject: [PATCH 04/19] [SECCOMP-31582] - export globally

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index da7c6852f..58f58f802 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -13,7 +13,7 @@ ENV CGO_ENABLED=1
 ENV GOEXPERIMENT=boringcrypto
 
 RUN go mod tidy
-RUN make build
+RUN CGO_ENABLED=1 GOEXPERIMENT=boringcrypto make build
 RUN cp postgres_exporter /bin/postgres_exporter
 
 FROM scratch AS scratch

From be6245effd1ad7525a79d7b857d8df6e2459008b Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Fri, 13 Dec 2024 13:39:43 +0100
Subject: [PATCH 05/19] [SECCOMP-31582] - export globally

---
 .circleci/config.yml | 4 ++--
 Dockerfile           | 2 +-
 Makefile             | 2 --
 3 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 98099e295..9f0871376 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -42,8 +42,8 @@ jobs:
     - checkout
     - setup_remote_docker
     - run: docker version
-    - run: make build
-    - run: make test
+    - run: CGO_ENABLED=1 make build
+    - run: GOEXPERIMENT=boringcrypto make test
 
 workflows:
   version: 2
diff --git a/Dockerfile b/Dockerfile
index 58f58f802..da7c6852f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -13,7 +13,7 @@ ENV CGO_ENABLED=1
 ENV GOEXPERIMENT=boringcrypto
 
 RUN go mod tidy
-RUN CGO_ENABLED=1 GOEXPERIMENT=boringcrypto make build
+RUN make build
 RUN cp postgres_exporter /bin/postgres_exporter
 
 FROM scratch AS scratch
diff --git a/Makefile b/Makefile
index 17d1d1906..114e3438f 100644
--- a/Makefile
+++ b/Makefile
@@ -1,8 +1,6 @@
 # Ensure that 'all' is the default target otherwise it will be the first target from Makefile.common.
 all::
 
-export CGO_ENABLE := 1
-export GOEXPERIMENT := boringcrypto
 # Needs to be defined before including Makefile.common to auto-generate targets
 DOCKER_ARCHS ?= amd64 armv7 arm64 ppc64le
 DOCKER_REPO  ?= prometheuscommunity

From fb55854154d2b7e1c67a629284294733bf6016d7 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Fri, 13 Dec 2024 14:39:19 +0100
Subject: [PATCH 06/19] [SECCOMP-31582] - export globally

---
 .circleci/config.yml                | 6 ++++--
 .github/workflows/build.yaml        | 5 ++++-
 .github/workflows/golangci-lint.yml | 3 +++
 3 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 9f0871376..c303234bb 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -37,13 +37,15 @@ jobs:
     environment:
       DATA_SOURCE_NAME: 'postgresql://postgres:test@localhost:5432/circle_test?sslmode=disable'
       GOOPTS: '-v -tags integration'
+      CGO_ENABLED: 1
+      GOEXPERIMENT: boringcrypto
 
     steps:
     - checkout
     - setup_remote_docker
     - run: docker version
-    - run: CGO_ENABLED=1 make build
-    - run: GOEXPERIMENT=boringcrypto make test
+    - run: make build
+    - run: make test
 
 workflows:
   version: 2
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index b818eb9b8..f952b39a4 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -21,6 +21,9 @@ jobs:
         docker: ['scratch','ubi']
     # The type of runner that the job will run on
     runs-on: ubuntu-latest
+    env:
+      CGO_ENABLED: 1
+      GOEXPERIMENT: boringcrypto
     name: ${{ matrix.docker }}
     steps:
     - name: Login to Quay.io
@@ -38,4 +41,4 @@ jobs:
         sysdig_secure_token: ${{ secrets.SYSDIG_SECURE_TOKEN }}
         tag_name: dev
         target: ${{ matrix.docker }}
-        repository: us-docker.pkg.dev
\ No newline at end of file
+        repository: us-docker.pkg.dev
diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml
index ffa6b3090..9d10047a8 100644
--- a/.github/workflows/golangci-lint.yml
+++ b/.github/workflows/golangci-lint.yml
@@ -16,6 +16,9 @@ jobs:
   golangci:
     name: lint
     runs-on: ubuntu-latest
+    env:
+      CGO_ENABLED: 1
+      GOEXPERIMENT: boringcrypto
     steps:
       - name: Checkout repository
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

From f4f1b50c15757ee180e262df0e1579c84323bc54 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Fri, 13 Dec 2024 15:00:54 +0100
Subject: [PATCH 07/19] [SECCOMP-31582] - export globally

---
 Makefile.common   | 1 +
 build/Jenkinsfile | 8 +++++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/Makefile.common b/Makefile.common
index b3d89e16e..391ce26fd 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -197,6 +197,7 @@ common-unused:
 .PHONY: common-build
 common-build: promu
 	@echo ">> building binaries"
+	@env
 	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(PROMU) build --prefix $(PREFIX) $(PROMU_BINARIES)
 
 .PHONY: common-tarball
diff --git a/build/Jenkinsfile b/build/Jenkinsfile
index 9fc582e09..5543da8cc 100644
--- a/build/Jenkinsfile
+++ b/build/Jenkinsfile
@@ -11,19 +11,21 @@ pipeline {
     environment {
         registryCredential = 'jenkins-artifactory'
         ARTIFACTORY_URL = 'docker.internal.sysdig.com'
+        CGO_ENABLED = '1'
+        GOEXPERIMENT = 'boringcrypto'
     }
 
     parameters {
         booleanParam(name: 'DRY_RUN', defaultValue: true, description: 'Perform a dry run (does not push images)')
         string(name: 'EXPORTER', defaultValue: "exporter", description: 'Exporter name')
     }
-    
+
     stages {
         stage('Pull image from artifactory') {
             agent any
             steps {
                 script {
-                    docker.withRegistry("https://${env.ARTIFACTORY_URL}",  registryCredential) {        
+                    docker.withRegistry("https://${env.ARTIFACTORY_URL}",  registryCredential) {
                         sh """docker pull ${env.ARTIFACTORY_URL}/${env.EXPORTER}:latest"""
                         env.VERSION = sh(script:"""docker inspect --format '{{ index .Config.Labels "release" }}' ${env.ARTIFACTORY_URL}/${env.EXPORTER}:latest""", returnStdout: true).trim()
                         echo "VERSION = ${env.VERSION}"
@@ -53,4 +55,4 @@ pipeline {
             }
         }
     } //stages
-}
\ No newline at end of file
+}

From d2cbb13b9d4481b6bbf41fc916658c7702f3cb70 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Fri, 13 Dec 2024 16:32:59 +0100
Subject: [PATCH 08/19] [SECCOMP-31582] - export globally

---
 Makefile.common | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Makefile.common b/Makefile.common
index 391ce26fd..9a069344f 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -36,6 +36,9 @@ GO_VERSION        ?= $(shell $(GO) version)
 GO_VERSION_NUMBER ?= $(word 3, $(GO_VERSION))
 PRE_GO_111        ?= $(shell echo $(GO_VERSION_NUMBER) | grep -E 'go1\.(10|[0-9])\.')
 
+export CGO_ENABLED := 1
+export GOEXPERIMENT := boringcrypto
+
 PROMU        := $(FIRST_GOPATH)/bin/promu
 pkgs          = ./...
 
@@ -198,7 +201,7 @@ common-unused:
 common-build: promu
 	@echo ">> building binaries"
 	@env
-	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(PROMU) build --prefix $(PREFIX) $(PROMU_BINARIES)
+	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(§) build --prefix $(PREFIX) $(PROMU_BINARIES)
 
 .PHONY: common-tarball
 common-tarball: promu

From 1645f38b7c25bf74364d0664ec97cd145a4e40b6 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Fri, 13 Dec 2024 16:34:42 +0100
Subject: [PATCH 09/19] [SECCOMP-31582] - revert promu

---
 Makefile.common | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile.common b/Makefile.common
index 9a069344f..7feea0ca5 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -201,7 +201,7 @@ common-unused:
 common-build: promu
 	@echo ">> building binaries"
 	@env
-	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(§) build --prefix $(PREFIX) $(PROMU_BINARIES)
+	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(PROMU) build --prefix $(PREFIX) $(PROMU_BINARIES)
 
 .PHONY: common-tarball
 common-tarball: promu

From 921caefe51c76aa2ed8f619b6295a34ed71a85f7 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Fri, 13 Dec 2024 16:38:33 +0100
Subject: [PATCH 10/19] [SECCOMP-31582] - add different import

---
 collector/pg_replication.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/collector/pg_replication.go b/collector/pg_replication.go
index 6067cc9b1..e37303505 100644
--- a/collector/pg_replication.go
+++ b/collector/pg_replication.go
@@ -16,6 +16,8 @@ package collector
 import (
 	"context"
 
+	_ "crypto/tls/fipsonly"
+
 	"github.com/prometheus/client_golang/prometheus"
 )
 

From a5d49ea5702f41fd6146e640597832b1d8c3ce94 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Fri, 13 Dec 2024 16:39:57 +0100
Subject: [PATCH 11/19] [SECCOMP-31582] - add different import

---
 cmd/postgres_exporter/server.go | 2 ++
 collector/pg_replication.go     | 2 --
 config/config.go                | 2 ++
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/cmd/postgres_exporter/server.go b/cmd/postgres_exporter/server.go
index bcfee6812..64d46eff1 100644
--- a/cmd/postgres_exporter/server.go
+++ b/cmd/postgres_exporter/server.go
@@ -19,6 +19,8 @@ import (
 	"sync"
 	"time"
 
+	_ "crypto/tls/fipsonly"
+
 	"github.com/blang/semver/v4"
 	"github.com/go-kit/log/level"
 	"github.com/prometheus/client_golang/prometheus"
diff --git a/collector/pg_replication.go b/collector/pg_replication.go
index e37303505..6067cc9b1 100644
--- a/collector/pg_replication.go
+++ b/collector/pg_replication.go
@@ -16,8 +16,6 @@ package collector
 import (
 	"context"
 
-	_ "crypto/tls/fipsonly"
-
 	"github.com/prometheus/client_golang/prometheus"
 )
 
diff --git a/config/config.go b/config/config.go
index f67969725..70f3cd1f6 100644
--- a/config/config.go
+++ b/config/config.go
@@ -18,6 +18,8 @@ import (
 	"os"
 	"sync"
 
+	_ "crypto/tls/fipsonly"
+
 	"github.com/go-kit/log"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"

From 29da614ea3d91cbca7ac0cb540a6c8f4f302f9b2 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Fri, 13 Dec 2024 16:44:44 +0100
Subject: [PATCH 12/19] [SECCOMP-31582] - remove promu

---
 Makefile.common                 | 2 +-
 cmd/postgres_exporter/server.go | 2 --
 config/config.go                | 2 --
 3 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/Makefile.common b/Makefile.common
index 7feea0ca5..adf6c65c9 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -201,7 +201,7 @@ common-unused:
 common-build: promu
 	@echo ">> building binaries"
 	@env
-	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(PROMU) build --prefix $(PREFIX) $(PROMU_BINARIES)
+	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto go build -o postgres_exporter .
 
 .PHONY: common-tarball
 common-tarball: promu
diff --git a/cmd/postgres_exporter/server.go b/cmd/postgres_exporter/server.go
index 64d46eff1..bcfee6812 100644
--- a/cmd/postgres_exporter/server.go
+++ b/cmd/postgres_exporter/server.go
@@ -19,8 +19,6 @@ import (
 	"sync"
 	"time"
 
-	_ "crypto/tls/fipsonly"
-
 	"github.com/blang/semver/v4"
 	"github.com/go-kit/log/level"
 	"github.com/prometheus/client_golang/prometheus"
diff --git a/config/config.go b/config/config.go
index 70f3cd1f6..f67969725 100644
--- a/config/config.go
+++ b/config/config.go
@@ -18,8 +18,6 @@ import (
 	"os"
 	"sync"
 
-	_ "crypto/tls/fipsonly"
-
 	"github.com/go-kit/log"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"

From 469187ace6dca7799d56432644ff7ba5ea89443c Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Sun, 15 Dec 2024 23:13:54 +0100
Subject: [PATCH 13/19] [SECCOMP-31582] - enable CGO on promu

---
 Makefile.common | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Makefile.common b/Makefile.common
index adf6c65c9..b42fcd14d 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -153,7 +153,7 @@ common-test-short: $(GOTEST_DIR)
 .PHONY: common-test
 common-test: $(GOTEST_DIR)
 	@echo ">> running all tests"
-	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(GOTEST) $(test-flags) $(GOOPTS) $(pkgs)
+	$(GOTEST) $(test-flags) $(GOOPTS) $(pkgs)
 
 $(GOTEST_DIR):
 	@mkdir -p $@
@@ -201,7 +201,7 @@ common-unused:
 common-build: promu
 	@echo ">> building binaries"
 	@env
-	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto go build -o postgres_exporter .
+	$(PROMU) build --prefix $(PREFIX) $(PROMU_BINARIES)
 
 .PHONY: common-tarball
 common-tarball: promu
@@ -240,6 +240,7 @@ promu: $(PROMU)
 $(PROMU):
 	$(eval PROMU_TMP := $(shell mktemp -d))
 	curl -s -L $(PROMU_URL) | tar -xvzf - -C $(PROMU_TMP)
+	sed -i '/^go:/a \ \ cgo: true' $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/.promu.yml
 	mkdir -p $(FIRST_GOPATH)/bin
 	cp $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/promu $(FIRST_GOPATH)/bin/promu
 	rm -r $(PROMU_TMP)

From cf240ba58ce824e52cf6f5268c8cd58cdb806285 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Sun, 15 Dec 2024 23:20:33 +0100
Subject: [PATCH 14/19] [SECCOMP-31582] - enable CGO on promu

---
 Makefile.common | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Makefile.common b/Makefile.common
index b42fcd14d..4886c3201 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -153,7 +153,7 @@ common-test-short: $(GOTEST_DIR)
 .PHONY: common-test
 common-test: $(GOTEST_DIR)
 	@echo ">> running all tests"
-	$(GOTEST) $(test-flags) $(GOOPTS) $(pkgs)
+	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(GOTEST) $(test-flags) $(GOOPTS) $(pkgs)
 
 $(GOTEST_DIR):
 	@mkdir -p $@
@@ -201,7 +201,7 @@ common-unused:
 common-build: promu
 	@echo ">> building binaries"
 	@env
-	$(PROMU) build --prefix $(PREFIX) $(PROMU_BINARIES)
+	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(PROMU) build --prefix $(PREFIX) $(PROMU_BINARIES)
 
 .PHONY: common-tarball
 common-tarball: promu
@@ -241,6 +241,7 @@ $(PROMU):
 	$(eval PROMU_TMP := $(shell mktemp -d))
 	curl -s -L $(PROMU_URL) | tar -xvzf - -C $(PROMU_TMP)
 	sed -i '/^go:/a \ \ cgo: true' $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/.promu.yml
+	cat $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/.promu.yml
 	mkdir -p $(FIRST_GOPATH)/bin
 	cp $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/promu $(FIRST_GOPATH)/bin/promu
 	rm -r $(PROMU_TMP)

From 1fdf5cbfa230b331d52eb235cb016263e0420b96 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Sun, 15 Dec 2024 23:28:49 +0100
Subject: [PATCH 15/19] [SECCOMP-31582] - enable CGO on promu

---
 Makefile.common | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Makefile.common b/Makefile.common
index 4886c3201..dad9ed9d3 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -238,6 +238,8 @@ common-docker-manifest:
 promu: $(PROMU)
 
 $(PROMU):
+	@echo ">> building PROMU"
+	@echo $FIRST_GOPATH
 	$(eval PROMU_TMP := $(shell mktemp -d))
 	curl -s -L $(PROMU_URL) | tar -xvzf - -C $(PROMU_TMP)
 	sed -i '/^go:/a \ \ cgo: true' $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/.promu.yml

From 25b834f58520fbb59b2d97c37113b8408725cbdd Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Sun, 15 Dec 2024 23:34:08 +0100
Subject: [PATCH 16/19] [SECCOMP-31582] - enable CGO on promu

---
 Makefile.common | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile.common b/Makefile.common
index dad9ed9d3..a8e406e1d 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -242,8 +242,8 @@ $(PROMU):
 	@echo $FIRST_GOPATH
 	$(eval PROMU_TMP := $(shell mktemp -d))
 	curl -s -L $(PROMU_URL) | tar -xvzf - -C $(PROMU_TMP)
-	sed -i '/^go:/a \ \ cgo: true' $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/.promu.yml
-	cat $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/.promu.yml
+#	sed -i '/^go:/a \ \ cgo: true' $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/.promu.yml
+#	cat $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/.promu.yml
 	mkdir -p $(FIRST_GOPATH)/bin
 	cp $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/promu $(FIRST_GOPATH)/bin/promu
 	rm -r $(PROMU_TMP)

From 7f6d59acd600b0bf7c103e3a303b2c4638b60f99 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Sun, 15 Dec 2024 23:39:46 +0100
Subject: [PATCH 17/19] [SECCOMP-31582] - enable CGO on promu

---
 .promu.yml      | 1 +
 Makefile.common | 4 ----
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/.promu.yml b/.promu.yml
index dbad0ba95..82789696d 100644
--- a/.promu.yml
+++ b/.promu.yml
@@ -1,6 +1,7 @@
 go:
     # This must match .circle/config.yml.
     version: 1.21
+    cgo: true
 repository:
     path: github.com/prometheus-community/postgres_exporter
 build:
diff --git a/Makefile.common b/Makefile.common
index a8e406e1d..7feea0ca5 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -238,12 +238,8 @@ common-docker-manifest:
 promu: $(PROMU)
 
 $(PROMU):
-	@echo ">> building PROMU"
-	@echo $FIRST_GOPATH
 	$(eval PROMU_TMP := $(shell mktemp -d))
 	curl -s -L $(PROMU_URL) | tar -xvzf - -C $(PROMU_TMP)
-#	sed -i '/^go:/a \ \ cgo: true' $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/.promu.yml
-#	cat $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/.promu.yml
 	mkdir -p $(FIRST_GOPATH)/bin
 	cp $(PROMU_TMP)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM)/promu $(FIRST_GOPATH)/bin/promu
 	rm -r $(PROMU_TMP)

From 0fdaef270e281d03400ce2f8b8cc65aa9b2f0dfe Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Sun, 15 Dec 2024 23:41:31 +0100
Subject: [PATCH 18/19] [SECCOMP-31582] - remove redundant stuff

---
 Makefile.common | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile.common b/Makefile.common
index 7feea0ca5..d57b224da 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -153,7 +153,7 @@ common-test-short: $(GOTEST_DIR)
 .PHONY: common-test
 common-test: $(GOTEST_DIR)
 	@echo ">> running all tests"
-	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(GOTEST) $(test-flags) $(GOOPTS) $(pkgs)
+	$(GOTEST) $(test-flags) $(GOOPTS) $(pkgs)
 
 $(GOTEST_DIR):
 	@mkdir -p $@
@@ -201,7 +201,7 @@ common-unused:
 common-build: promu
 	@echo ">> building binaries"
 	@env
-	CGO_ENABLED=1 GOEXPERIMENT=boringcrypto $(PROMU) build --prefix $(PREFIX) $(PROMU_BINARIES)
+	$(PROMU) build --prefix $(PREFIX) $(PROMU_BINARIES)
 
 .PHONY: common-tarball
 common-tarball: promu

From d3e0dc36819772acbb4a5080bdc597c61e678761 Mon Sep 17 00:00:00 2001
From: alxbxbx <aleksandar.stankovic@sysdig.com>
Date: Sun, 15 Dec 2024 23:45:44 +0100
Subject: [PATCH 19/19] [SECCOMP-31582] - remove unused stuff

---
 Makefile.common | 1 -
 1 file changed, 1 deletion(-)

diff --git a/Makefile.common b/Makefile.common
index d57b224da..5d7965a66 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -200,7 +200,6 @@ common-unused:
 .PHONY: common-build
 common-build: promu
 	@echo ">> building binaries"
-	@env
 	$(PROMU) build --prefix $(PREFIX) $(PROMU_BINARIES)
 
 .PHONY: common-tarball