Update GO_FIPS_VERSION to match GO_VERSION
Looks like in the upgrade of GO_VERSION from 1.21.5 to 1.21.7 we missed this.
This might be the cause of failing incept tests like https://gitlab.com/gitlab-org/ci-cd/tests/runner-incept/-/jobs/6449781061, which suggest that the version of runner in the 16.9.0 fips image is in fact NOT fips enabled:
> docker run -it --rm gitlab/gitlab-runner:ubi-fips-v16.8.1 --version
INFO[0000] Binary was compiled with FIPS mode, but an external SSL
library was not enabled.
Version: 16.8.1
Git revision: a6097117
Git branch: 16-8-stable
GO version: go1.21.5 X:boringcrypto <--- GOOD
Built: 2024-02-15T18:31:50+0000
OS/Arch: linux/amd64 > docker run -it --rm gitlab/gitlab-runner:ubi-fips-v16.9.0 --version
Version: 16.9.0
Git revision: 656c1943
Git branch: 16-9-stable
GO version: go1.21.7 <--- BAD
Built: 2024-02-15T18:34:24+0000
OS/Arch: linux/amd64Furthermore the released runner fips binary for 16.9.0 is NOT the same runner binary in the fips image:
> curl -L https://gitlab.com/gitlab-org/gitlab-runner/-/releases/v16.8.1/downloads/binaries/gitlab-runner-linux-amd64-fips -o gitlab-runner-linux-amd64-fips-16.8.1
> chmod +x gitlab-runner-linux-amd64-fips-16.8.1
> ./gitlab-runner-linux-amd64-fips-16.8.1 --version
INFO[0000] Binary was compiled with FIPS mode, but an external SSL
library was not enabled.
Version: 16.8.1
Git revision: a6097117
Git branch: 16-8-stable
GO version: go1.21.5 X:boringcrypto
Built: 2024-02-15T18:31:50+0000
OS/Arch: linux/amd64> curl -L https://gitlab.com/gitlab-org/gitlab-runner/-/releases/v16.9.0/downloads/binaries/gitlab-runner-linux-amd64-fips -o gitlab-runner-linux-amd64-fips-16.9.0
> chmod +x gitlab-runner-linux-amd64-fips-16.9.0
> ./gitlab-runner-linux-amd64-fips-16.9.0 --version
INFO[0000] Binary was compiled with FIPS mode, but an external SSL
library was not enabled.
Version: 16.9.0
Git revision: 656c1943
Git branch: 16-9-stable
GO version: go1.21.5 X:boringcrypto
Built: 2024-02-15T18:31:48+0000
OS/Arch: linux/amd64Edited by Axel von Bertoldi