pkg/daemon: support FIPS

[runcom]

Signed-off-by: Antonio Murdaca runcom@linux.com

- What I did

Added a new FIPS field to MachineConfig to enable/disable FIPS on rhcos (disabled by default). This is, at this point, only intended as a day-2 operation.

The RHCOS I'm testing with hasn't yet rhe rhcos-tools to flip FIPS so I'm putting this on hold for now.

FIPS would also greatly benefit a dedicated CRD (oc edit fips?) - I'm experimenting with that but it will ofc require a new controller.

/hold

- How to verify it

added an e2e

- Description for the changelog

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: runcom

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [runcom]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[runcom]

/retest

[cgwalters]

Wait dup of #800 right?

[runcom]

Wait dup of #800 right?

oh crap

[openshift-ci-robot]

@runcom: The following tests failed, say /retest to rerun them all:

Test name	Commit	Details	Rerun command
ci/prow/e2e-aws-op	6adb9d5	link	/test e2e-aws-op
ci/prow/e2e-etcd-quorum-loss	6adb9d5	link	/test e2e-etcd-quorum-loss

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.