[9.4] (backport #14516) build(deps): bump github.com/elastic/elastic-agent-libs from 0.43.0 to 0.43.1 in the go-dependencies group across 1 directory

[mergify]

Bumps the go-dependencies group with 1 update in the / directory: github.com/elastic/elastic-agent-libs.

Updates github.com/elastic/elastic-agent-libs from 0.43.0 to 0.43.1

Release notes

Sourced from github.com/elastic/elastic-agent-libs's releases.

v0.43.1

What's Changed

• fix(tlscommon): restore empty Certificates slice for backward compatibility by @​ycombinator in elastic/elastic-agent-libs#421

Full Changelog: elastic/elastic-agent-libs@v0.43.0...v0.43.1

Commits

• 3f8211f fix(tlscommon): restore empty Certificates slice for backward compat (#421)
• See full diff in compare view

---

This is an automatic backport of pull request #14516 done by [Mergify](https://mergify.com).

[mergify]

Cherry-pick of 9337671 has failed:

On branch mergify/bp/9.4/pr-14516
Your branch is up to date with 'origin/9.4'.

You are currently cherry-picking commit 933767197.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   NOTICE-fips.txt
	both modified:   NOTICE.txt
	both modified:   go.mod
	both modified:   go.sum
	both modified:   internal/edot/go.mod
	both modified:   internal/edot/go.sum

no changes added to commit (use "git add" and/or "git commit -a")

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

[infra-vault-gh-plugin-prod]

Pinging @elastic/elastic-agent-control-plane (Team:Elastic-Agent-Control-Plane)

[ebeahan]

@copilot fix the merge conflicts on this PR.

[Copilot]

@copilot fix the merge conflicts on this PR.

Resolved by merging 9.4 into this branch to clear conflicts (93be5493cf).

[elasticmachine]

💔 Build Failed

• Buildkite Build
• Commit: bedcd20

Failed CI Steps

• Unit tests - Ubuntu 22.04
• Unit tests - Ubuntu 22.04
• Unit tests - Ubuntu 22.04 with requirefips build tag
• Unit tests - Ubuntu 22.04 with requirefips build tag
• Unit tests - fips140=only Ubuntu 22.04
• Unit tests - fips140=only Ubuntu 22.04
• Unit tests - Ubuntu 22.04 ARM64
• Unit tests - Ubuntu 22.04 ARM64
• Unit tests - Windows 2022
• Unit tests - Windows 2022
• Unit tests - Windows 2016
• Unit tests - Windows 2016
• Unit tests - macOS 15 ARM
• Unit tests - macOS 15 ARM
• Unit tests - Windows 10
• Unit tests - Windows 10
• Unit tests - Windows 11
• Unit tests - Windows 11
• Unit tests - Windows 11 arm64
• Unit tests - Windows 11 arm64
• 📦 amd64: Containers
• 📦 arm64: Containers
• 📦 amd64: FIPS Containers
• 📦 arm64: FIPS Containers
• ESS FIPS stack cleanup
• :pipeline: Run elastic-agent-package with agent core from the manifest

History

• 💔 Build #40344 failed 93be549
• 💔 Build #40281 failed be11d17

[github-actions]

TL;DR

Buildkite #40347 is failing for two distinct reasons: (1) a real test regression after the elastic-agent-libs bump (OTel translate SSL expectations are stale), and (2) external Wolfi packaging failures (cgr.dev/chainguard/wolfi-base:latest / apk package availability) causing docker/package jobs to fail. Fix the test expectations in this backport branch, then re-run CI; package failures may require retry/pinning base image.

Remediation

• Update backport test expectations to include the new SSL field added by the bumped dependency:
  • internal/pkg/otel/translate/otelconfig_test.go (failing at assertion logged at otelconfig_test.go:2145)
  • internal/pkg/otel/translate/output_logstash_test.go (failing at assertion logged at output_logstash_test.go:116)
  • Specifically add/expect ssl.certificate_reload ({"enabled": nil, "reload_interval": "0s"}) where SSL maps are asserted.
• Re-run unit tests first; once green, re-run package jobs. If package jobs still fail, treat as infra/dependency issue and avoid latest drift (pin the Wolfi base image digest/tag used by packaging templates).

Investigation details

Root Cause

1. Code/Test failure (deterministic): Unit tests fail across Linux/macOS/Windows in the same OTel translate assertions because actual output now includes ssl.certificate_reload, while expected maps in this PR commit do not.
2. Dependency/Infrastructure failure (external): Docker package jobs fail resolving/using Wolfi base and apk packages (shadow, libcap-utils) from Chainguard repos.
3. Cleanup fallout: ESS FIPS stack cleanup fails because required artifacts are missing from integration-fips-ess (No artifacts found for downloading).

Evidence

• Build: https://buildkite.com/elastic/elastic-agent/builds/40347
• Unit test jobs (multiple OSes) show identical assertion diffs, e.g.:

=== FAIL: internal/pkg/otel/translate TestGetBeatsAuthExtensionConfig/with_ssl_enabled_and_verification_mode_certificate
otelconfig_test.go:2145: Not equal ...
expected ssl map ...
actual ssl map includes "certificate_reload": {"enabled": <nil>, "reload_interval": "0s"}

=== FAIL: internal/pkg/otel/translate TestLogStashToExporter/when_host_is_a_string_and_ssl_is_configured
output_logstash_test.go:116: Not equal ...
actual ssl map includes "certificate_reload": {"enabled": <nil>, "reload_interval": "0s"}

• Package jobs:

ERROR: failed to build: failed to solve: cgr.dev/chainguard/wolfi-base:latest: not found

ERROR: unable to select packages:
  libcap-utils (no such package)
  shadow (no such package)

• Cleanup job:

buildkite-agent: fatal: failed to download artifacts: No artifacts found for downloading

• Relevant repo paths tied to packaging failures:
  • dev-tools/packaging/templates/docker/Dockerfile.elastic-agent.tmpl:12
  • dev-tools/packaging/packages.yml:640,644,658,663

Verification

• Local rerun not performed in this read-only detective workflow.

Follow-up

• I checked for existing flaky-test tracking issues with label flaky-test for TestLogStashToExporter, TestGetBeatsAuthExtensionConfig, and Wolfi/apk errors; none found.

---

What is this? | From workflow: PR Buildkite Detective

Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not.