Use Labkit for FIPS check

We can reduce code duplication used for the FIPS check by using
LabKit's implementation.

LabKit uses the `fips` tag instead of the `boringcrypto` tag, which is
deprecated in any case and replaced with `GOEXPERIMENT=boringcrypto`
due to golang/go#51940.

This commit changes the message on a FIPS system from:

```
FIPS mode enabled. Using BoringSSL.
```

to:

```
FIPS mode is enabled. Using an external SSL library.
```

On a non-FIPS system, this commit changes the message from:

```
GitLab Runner was compiled with FIPS mode but BoringSSL is not enabled.
```

to:

```
Binary was compiled with FIPS mode, but an external SSL library was not enabled.
```

Author: stanhu

Makefile.build.mk

@@ -10,7 +10,7 @@ runner-bin-fips: export GOARCH ?= amd64
 runner-bin-fips:
 	# Building $(NAME) in version $(VERSION) for FIPS $(GOOS) $(GOARCH)
 	GOOS=$(GOOS) GOARCH=$(GOARCH) CGO_ENABLED=1 go build \
-		   -tags boringcrypto \
+		   -tags fips \
 		   -ldflags "$(GO_LDFLAGS)" \
 		   -o="out/binaries/$(NAME)-$(GOOS)-$(GOARCH)-fips" \
 		   $(PKG)

Makefile.runner_helper.mk

@@ -105,7 +105,7 @@ ${BASE_BINARY_PATH}-fips: export GOARCH ?= amd64
 ${BASE_BINARY_PATH}-fips: APP_NAME := "gitlab-runner-helper"
 ${BASE_BINARY_PATH}-fips: $(HELPER_GO_FILES)
 	GOOS=$(GOOS) GOARCH=$(GOARCH) CGO_ENABLED=1 go build \
-    		   -tags boringcrypto \
+    		   -tags fips \
     		   -ldflags "$(GO_LDFLAGS)" \
     		   -o="${BASE_BINARY_PATH}.$(GO_ARCH_NAME_$(GOARCH))-fips" \
     		   $(PKG)/apps/gitlab-runner-helper

boring/boring.go

@@ -18,7 +18,7 @@ require (
 	github.com/docker/go-units v0.5.0
 	github.com/docker/machine v0.7.1-0.20170120224952-7b7a141da844
 	github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa
-	github.com/getsentry/sentry-go v0.11.0
+	github.com/getsentry/sentry-go v0.13.0
 	github.com/golang/mock v1.6.0
 	github.com/googleapis/gax-go/v2 v2.7.0
 	github.com/gorhill/cronexpr v0.0.0-20160318121724-f0984319b442
@@ -48,6 +48,7 @@ require (
 	gitlab.com/gitlab-org/fleeting/taskscaler/metrics/prometheus v0.0.0-20221107182235-c41f6499e083
 	gitlab.com/gitlab-org/gitlab-terminal v0.0.0-20210104151801-2a71b03b4462
 	gitlab.com/gitlab-org/golang-cli-helpers v0.0.0-20210929155855-70bef318ae0a
+	gitlab.com/gitlab-org/labkit v1.17.0
 	gocloud.dev v0.27.0
 	golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa
 	golang.org/x/net v0.5.0
@@ -76,6 +77,7 @@ require (
 	github.com/Microsoft/go-winio v0.5.2 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/client9/reopen v1.0.0 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/docker/docker-credential-helpers v0.6.3 // indirect
@@ -89,7 +91,7 @@ require (
 	github.com/go-openapi/swag v0.21.1 // indirect
 	github.com/gofrs/uuid v4.2.0+incompatible // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang-jwt/jwt v3.2.1+incompatible // indirect
+	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
@@ -141,6 +143,7 @@ require (
 	github.com/morikuni/aec v1.0.0 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/oklog/run v1.1.0 // indirect
+	github.com/oklog/ulid/v2 v2.0.2 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/opencontainers/image-spec v1.0.2 // indirect
 	github.com/pierrec/lz4 v2.0.5+incompatible // indirect
@@ -151,6 +154,7 @@ require (
 	github.com/russross/blackfriday/v2 v2.0.1 // indirect
 	github.com/ryanuber/go-glob v1.0.0 // indirect
 	github.com/saracen/zipextra v0.0.0-20220303013732-0187cb0159ea // indirect
+	github.com/sebest/xff v0.0.0-20210106013422-671bd2870b3a // indirect
 	github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/stretchr/objx v0.5.0 // indirect