Follow-up from "Don't specifically check for BoringSSL in FIPS builds"

The following discussion from !1003 (merged) should be addressed:

• @ashmckenzie started a discussion: (+1 comment)

  I noticed we don't have a CI job that checks FIPS building which we really should, something for a follow-up.