Backup spec: Restrict crypto algorithms in FIPS mode
What does this MR do?
Backup spec: Restrict crypto algorithms in FIPS mode
Restrict crypto settings if operating in FIPS mode. This is needed because we now further enforce FIPS behavior and CI restores a non-FIPS backup into FIPS environments.
Related issues
Relates https://gitlab.com/gitlab-org/build/CNG/-/issues/779
Author checklist
For general guidance, please follow our Contributing guide.
Required
For anything in this list which will not be completed, please provide a reason in the MR discussion.
-
Merge Request Title and Description are up to date, accurate, and descriptive. -
MR targeting the appropriate branch. -
MR has a green pipeline. -
Documentation created/updated. -
Tests added/updated, and test plan for scenarios not covered by automated tests. -
Equivalent MR/issue for omnibus-gitlab opened.
Test Plan
CI passes with images enforcing stronger FIPS behavior: !3963 (comment 2171217864)
Reviewers checklist
-
MR has a green pipeline on https://gitlab.com/gitlab-org/charts/gitlab. -
Consider downstream impact to the Operator, as per evaluating impact from changes to GitLab Chart.
Edited by Hossein Pursultani