Add FIPS mode enabled builds to GitLab CI
BIND9 supports FIPS mode (--enable-fips-mode
) but is not regularly tested in the CI. For this to happen this needs to be accomplished:
-
Basic FIPS build fixes integrated !4281 (performs builds with
--enable-fips-mode
) -
System test can run without MD5 (there's plenty of
algorithm hmac-md5;
in system test or implicit expectation of MD5 indig
invocations inacl
andallow-query
system tests) -
Red Hat FIPS patches by @pemensik at https://src.fedoraproject.org/rpms/bind/tree/master for
v9_11
evaluated - FIPS-enabled host or VM image (most likely with CentOS)
-
CI job(s) with
--enable-fips-mode
in the build stage and subsequent unit and system test CI jobs