I am working in a project to make it FIPS compliance. We are compiling the project using the native Golang FIPS solution released in 1.24 - 1.25 and the environment is configured to be FIPS strict:
GOEXPERIMENT = 'none'
GOFIPS140 = 'v1.0.0'
GODEBUG="fips140=only"
The project is working directly in a cluster getting secrets and other CRDs. We are using client-go to do all those operations but we are facing problem with operations like listing secrets with client-go during the execution:
panic: Get "https://10.0.0.1:443/api/v1/namespaces/test/secrets?labelSelector=sealedsecrets.bitnami.com%2Fsealed-secrets-key%3Dactive": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
Did you see something like this in the past? Is it possible to work with client-go enabling FIPS? I was looking for something missed like specific configuration or something like this, but it was impossible.
Cluster information:
Kubernetes version: 1.33
Cloud being used: AKS Fips/Minikube
Installation method: Helm
Host OS: Linux