Add FIPS mode enabled builds to GitLab CI
BIND9 supports FIPS mode (--enable-fips-mode) but is not regularly tested in the CI. For this to happen this needs to be accomplished:
-
Basic FIPS build fixes integrated !4281 (performs builds with
--enable-fips-mode) -
System test can run without MD5 (there's plenty of
algorithm hmac-md5;in system test or implicit expectation of MD5 indiginvocations inaclandallow-querysystem tests) -
Red Hat FIPS patches by @pemensik at https://src.fedoraproject.org/rpms/bind/tree/master for
v9_11evaluated - FIPS-enabled host or VM image (most likely with CentOS)
-
CI job(s) with
--enable-fips-modein the build stage and subsequent unit and system test CI jobs