Fix: Remove invalid GOEXPERIMENT=systemcrypto

Go 1.24 uses GODEBUG=fips140=on at runtime, not GOEXPERIMENT at build time. - Remove GOEXPERIMENT=systemcrypto from all Makefiles - Remove GOEXPERIMENT=systemcrypto from all Dockerfiles FIPS 140-3 mode can be enabled at runtime: GODEBUG=fips140=on ./weed server ...
2 days ago · 6bdff49424
6 changed files with 0 additions and 23 deletions
--- a/4
+++ b/4
@ -6,10 +6,6 @@ ADMIN_DIR = weed/admin
 SOURCE_DIR = .
 debug ?= 0

-# Enable FIPS 140-3 compliant crypto by default (Go 1.24+)
-# Set GOEXPERIMENT= (empty) to disable
-export GOEXPERIMENT ?= systemcrypto
-
 all: install

 install: admin-generate
--- a/docker/Dockerfile.foundationdb_large
+++ b/docker/Dockerfile.foundationdb_large
@ -50,10 +50,6 @@ RUN cd /tmp && \
 ENV CGO_CFLAGS="-I/usr/include/foundationdb"
 ENV CGO_LDFLAGS="-lfdb_c"

-# Enable FIPS 140-3 compliant crypto by default (Go 1.24+)
-ARG GOEXPERIMENT=systemcrypto
-ENV GOEXPERIMENT=${GOEXPERIMENT}
-
 # build SeaweedFS sources; prefer local context but fall back to git clone if context only has docker files
 ARG SOURCE_REF=master
 WORKDIR /go/src/github.com/seaweedfs/seaweedfs
--- a/docker/Dockerfile.go_build
+++ b/docker/Dockerfile.go_build
@ -12,10 +12,6 @@ RUN cd /go/src/github.com/seaweedfs/seaweedfs && \
      git checkout $BRANCH) || \
     (echo "ERROR: Branch/commit $BRANCH not found in repository" && \
      echo "Available branches:" && git branch -a && exit 1))
-# Enable FIPS 140-3 compliant crypto by default (Go 1.24+)
-# Set GOEXPERIMENT= (empty) to disable
-ARG GOEXPERIMENT=systemcrypto
-ENV GOEXPERIMENT=${GOEXPERIMENT}
 RUN cd /go/src/github.com/seaweedfs/seaweedfs/weed \
  && export LDFLAGS="-X github.com/seaweedfs/seaweedfs/weed/util/version.COMMIT=$(git rev-parse --short HEAD)" \
  && CGO_ENABLED=0 go install -tags "$TAGS" -ldflags "-extldflags -static ${LDFLAGS}"
--- a/docker/Dockerfile.rocksdb_large
+++ b/docker/Dockerfile.rocksdb_large
@ -21,9 +21,6 @@ RUN mkdir -p /go/src/github.com/seaweedfs/
 RUN git clone https://github.com/seaweedfs/seaweedfs /go/src/github.com/seaweedfs/seaweedfs
 ARG BRANCH=master
 RUN cd /go/src/github.com/seaweedfs/seaweedfs && git checkout $BRANCH
-# Enable FIPS 140-3 compliant crypto by default (Go 1.24+)
-ARG GOEXPERIMENT=systemcrypto
-ENV GOEXPERIMENT=${GOEXPERIMENT}
 RUN cd /go/src/github.com/seaweedfs/seaweedfs/weed \
  && export LDFLAGS="-X github.com/seaweedfs/seaweedfs/weed/util/version.COMMIT=$(git rev-parse --short HEAD)" \
  && go install -tags "5BytesOffset rocksdb" -ldflags "-extldflags -static ${LDFLAGS}"
--- a/docker/Dockerfile.rocksdb_large_local
+++ b/docker/Dockerfile.rocksdb_large_local
@ -1,9 +1,5 @@
 FROM chrislusf/rocksdb_dev_env as builder

-# Enable FIPS 140-3 compliant crypto by default (Go 1.24+)
-ARG GOEXPERIMENT=systemcrypto
-ENV GOEXPERIMENT=${GOEXPERIMENT}
-
 # build SeaweedFS
 RUN mkdir -p /go/src/github.com/seaweedfs/
 ADD . /go/src/github.com/seaweedfs/seaweedfs
--- a/weed/Makefile
+++ b/weed/Makefile
@ -2,10 +2,6 @@ BINARY = weed

 SOURCE_DIR = .

-# Enable FIPS 140-3 compliant crypto by default (Go 1.24+)
-# Set GOEXPERIMENT= (empty) to disable
-export GOEXPERIMENT ?= systemcrypto
-
 all: install

 .PHONY : clean debug_mount