FIPS Build

[michel-laterman]

What does this PR do?

Adds FIPS env var to magefile to enable FIPS compliant builds using the microsoft/go toolchain.

This PR will not be sufficient to ensure that every artifact made with these changes are compliant, we still need to verify our crypto use.

Why is it important?

FIPS artifacts must be built with compliant toolchains.

Checklist

• I have read and understood the pull request guidelines of this project.
• My code follows the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have made corresponding change to the default configuration files
• I have added tests that prove my fix is effective or that my feature works
• I have added an entry in ./changelog/fragments using the changelog tool
• I have added an integration test or an E2E test

Disruptive User Impact

None

How to test this PR locally

Assuming microsoft go is available, run FIPS=true mage build:binary

[mergify]

This pull request does not have a backport label. Could you fix it @michel-laterman? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

• backport-./d./d is the label to automatically backport to the 8./d branch. /d is the digit

[mergify]

backport-v8.x has been added to help with the transition to the new branch 8.x.
If you don't need it please use backport-skip label and remove the backport-8.x label.

[michel-laterman]

Currently using this image directly fails; i think it's because mage is not installed.
The error when running FIPS=true PACKAGES="tar.gz" PLATFORMS=linux/arm64 mage package is:

docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "--build-cmd": executable file not found in $PATH: unknown.
docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "--build-cmd": executable file not found in $PATH: unknown.
package ran for 14.597428834s
Error: multiple failures: running "docker run --env EXEC_UID=501 --env EXEC_GID=20 -v /Users/mlaterman/go/pkg/mod:/go/pkg/mod:ro --rm --env GOFLAGS=-mod=readonly --env MAGEFILE_VERBOSE= --env MAGEFILE_TIMEOUT= --env SNAPSHOT=false --env DEV=false --env EXTERNAL=false --env FIPS=true -v /Users/mlaterman/git/elastic-agent:/go/src/github.com/elastic/elastic-agent -w /go/src/github.com/elastic/elastic-agent mcr.microsoft.com/oss/go/microsoft/golang:1.22.10-1-fips-bookworm --build-cmd build/mage-linux-arm64 buildGoDaemon --platforms linux/arm64" failed with exit code 127
multiple failures: running "docker run --env EXEC_UID=501 --env EXEC_GID=20 -v /Users/mlaterman/go/pkg/mod:/go/pkg/mod:ro --rm --env GOFLAGS=-mod=readonly --env MAGEFILE_VERBOSE= --env MAGEFILE_TIMEOUT= --env SNAPSHOT=false --env DEV=false --env EXTERNAL=false --env FIPS=true -v /Users/mlaterman/git/elastic-agent:/go/src/github.com/elastic/elastic-agent -w /go/src/github.com/elastic/elastic-agent mcr.microsoft.com/oss/go/microsoft/golang:1.22.10-1-fips-bookworm --build-cmd build/mage-linux-arm64 golangCrossBuild --platforms linux/arm64" failed with exit code 127

[elastic-sonarqube]

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube