As an engineer who cares about our FIPS certification,
I want to understand how people are using x/crypto,
So that I'm not surprised late in a release that we're doing something that isn't allowed.

Goals:

• Know if there are any new uses of x/crypto in OpenShift.
• Allow someone responsible for FIPS certification to approve new uses.
• Don't create a lot of noise or false positives for that someone responsible.

Background:
Talking with a few engineers I've learned the check-payload command is one way we assert FIPS compliance. It seems like that would be a reasonable place to add checks for the usage of x/crypto. This is how this story made it to the Infrastructure Security and Compliance team. My teams in the SHIP group maintain our CI platform and release pipelines. We're happy to talk through this with you to help figure out a maintainable solution.