Update to OpenSSL 3.x where possible for official packages

[patrick-stephens]

Is your feature request related to a problem? Please describe.

OpenSSL 3.x series should be compatible with Fluent Bit and is used for the most recent Ubuntu 22 target but almost all other targets still prefer to use OpenSSL 1.x series. This can lead to security issues and is not best practice so we should step up to OpenSSL 3.x series for all possible targets.

fluent-bit/packaging/distros/ubuntu/Dockerfile

Lines 112 to 122 in 0714d10

	FROM arm64v8/ubuntu:22.04 as ubuntu-22.04.arm64v8-base
	ENV DEBIAN_FRONTEND noninteractive
	COPY --from=multiarch-aarch64 /usr/bin/qemu-aarch64-static /usr/bin/qemu-aarch64-static
	# hadolint ignore=DL3008,DL3015
	RUN apt-get update && \
	apt-get install -y curl ca-certificates build-essential libsystemd-dev \
	cmake make bash wget unzip nano vim valgrind dh-make flex bison \
	libpq-dev postgresql-server-dev-all libpq5 \
	libsasl2-2 libsasl2-dev openssl libssl-dev libssl3 libyaml-dev pkg-config zlib1g-dev && \

We need to ensure there is no dual linkage to both OpenSSL libraries via other dependencies.

Describe the solution you'd like

See above.

Modify the official build containers in packaging/distros .

Describe alternatives you've considered
None.

Additional context

[edsiper]

it seems to me this needs to be a manual check per distro to see which one can use OpenSSL 3 v/s 1

[github-actions]

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days. Maintainers can add the exempt-stale label.

[nr-dsharma]

@patrick-stephens is it possible to put OpenSSL 3.x static linking so other distros can use ?

[patrick-stephens]

If the distro provides openssl 3 then it should be, just need a PR to update.
I don't think we do static linking for any and it's generally not recommended so you can update the system library easily.