The patch for the immediate issue is https://review.opendev.org/#/c/708388/, but it doesn't mean that ironic will easily run in FIPS mode. At the very least, we need to make sure MD5 is not used for checksums.
I seems like a prerequisite for this will be OSP support for FIPS (or at least for standalone Ironic), then we would have to ensure Ironic in the context of IPI baremetal is configured appropriately.
Moving to post as the fixes have been in the RPM and thus container builds.
Moving to modified to trigger normal process follow through.
Trying to verifying this BZ we found a new bug in an earlier stage which block us.
BZ1853302 - Installation in FIPS mode fails on BareMetal IPI with error: "disabled for FIPS"
Tested with 4.6.0-0.nightly-2020-08-26-064537:
Installation completed successfully and install-config was updated with fips: true
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.