Create a FIPS compliant atlantis binary

[jdaftari-confluent]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request. Searching for pre-existing feature requests helps us consolidate datapoints for identical requirements into a single place, thank you!
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.

---

• [ ] I'd be willing to implement this feature (contributing guide)

Describe the user story

The Federal Information Processing Standard Publication 140-2, (FIPS PUB 140-2), is a U.S government computer security standard used to approve cryptographic modules. For more information, visit the FIPS 140-2 Wikipedia Page. Since atlantis creates critical parts of the infrastructure, it is imperative to have a FIPS compliant binary that can be used to comply with the cryptographic requirements for government projects.

Describe the solution you'd like

Currently the binary is not FIPS compliant

❯ git clone git@github.com:runatlantis/atlantis.git && cd atlantis
❯ make build
❯ go tool nm ./atlantis | grep FIPS

To create a FIPS complain binary

❯ GOEXPERIMENT=boringcrypto make build
❯ go tool nm ./atlantis | grep FIPS
 1e94b70 D crypto/tls.defaultCipherSuitesFIPS
 1e94bf0 D crypto/tls.defaultFIPSCurvePreferences

Describe the drawbacks of your solution

Describe alternatives you've considered

[vsawant1608]

Are there any updates on this? Do we have FIPS compliant library for atlantis?