Create FIPS compliant image for DAST Runner Validation

Create a separate FIPS compliant image for the DAST Validation Runner.

Related Epic: &11429 (closed)

Implementation Plan

1. Create Dockerfile-fips, parallel to Dockerfile
   1. Use an appropriate UBI base image
      • The DAST FIPS image is based on registry.access.redhat.com/ubi8/ubi-minimal:8.8
   2. Install dependencies of the validation script: bash, curl, libxml2-utils
   3. Create a dast user and group
   4. ADD the validate.sh script
   5. Run the validate.sh script in CMD
2. Add the FIPS image build to the pipeline
   1. Add a build-fips job that extends .build but targets Dockerfile-fips and appends -fips to the image
   2. Add container_scanning-fips to scan the FIPS image
   3. Add smoke_test-fips to test the FIPS image
      1. Tag the job to run on a FIPS runner
      • smoke_test runs a web server in a container built from a custom Dockerfile; does this Dockerfile also need to have a FIPS equivalent in order for the smoke test to run on a FIPS runner? Or will the server work for the purpose of the test even though the image is not in FIPS mode?
   4. Add publishing the FIPS image to the release job
   • See the following MRs for examples of how the dast FIPS image was added to the pipeline:
     • gitlab-org/security-products/dast!748 (diffs)
     • gitlab-org/security-products/dast!743 (diffs)
     • gitlab-org/security-products/dast!782 (diffs)