diff --git a/.github/workflows/prerelease_linux_on_demand.yml b/.github/workflows/prerelease_linux_on_demand.yml
index aab97aa77..3787be6a9 100644
--- a/.github/workflows/prerelease_linux_on_demand.yml
+++ b/.github/workflows/prerelease_linux_on_demand.yml
@@ -12,6 +12,10 @@ on:
       dest_prefix:
         description: 'Repo prefix'
         required: true
+      BUILD_MODE:
+        description: 'Enable Normal, FIPS or ALL'
+        required: false
+        default: '' # "all" "FIPS":
 
 env:
   GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -47,7 +51,7 @@ jobs:
           ref: ${{ env.BRANCH }}
 
       - name: "Tag this commit" # required for Goreleaser
-        run: git tag ${{ env.FAKE_TAG }}
+        run: git tag
 
       - name: Login to DockerHub
         uses: docker/login-action@v1
@@ -56,10 +60,17 @@ jobs:
           password: ${{ env.DOCKER_HUB_PASSWORD }}
 
       - name: Preparing all linux packages
+        if: ${{ inputs.BUILD_MODE == 'ALL' || inputs.BUILD_MODE == '' }}
         run: make ci/prerelease/linux
         env:
           TAG: ${{ env.FAKE_TAG }}
 
+      - name: Preparing all linux packages
+        if: ${{ inputs.BUILD_MODE == 'ALL' || inputs.BUILD_MODE == 'FIPS' }}
+        run: make ci/prerelease/linux-fips
+        env:
+          TAG: ${{ env.FAKE_TAG }}
+
       - name: Generate checksum files
         uses: ./.github/actions/generate-checksums
         with:
@@ -68,6 +79,7 @@ jobs:
           run_sudo: true
 
       - name: Publish deb to S3 action
+        if: ${{ inputs.BUILD_MODE == 'ALL' || inputs.BUILD_MODE == '' }}
         uses: newrelic/infrastructure-publish-action@v1.3.4
         with:
           tag: ${{env.FAKE_TAG}}
@@ -92,6 +104,33 @@ jobs:
           local_packages_path:  "/srv/dist/"
           apt_skip_mirror:  true
 
+
+      - name: Publish deb to S3 action
+        if: ${{ inputs.BUILD_MODE == 'ALL' || inputs.BUILD_MODE == 'FIPS' }}
+        uses: newrelic/infrastructure-publish-action@v1.3.4
+        with:
+          tag: ${{env.FAKE_TAG}}
+          app_name: "newrelic-infra"
+          repo_name: "newrelic/infrastructure-agent"
+          schema: "custom"
+          schema_url: "https://raw.githubusercontent.com/newrelic/infrastructure-agent/${{ env.BRANCH }}/build/upload-schema-linux-deb-fips.yml"
+          aws_access_key_id: ${{ env.AWS_ACCESS_KEY_ID }}
+          aws_secret_access_key: ${{ env.AWS_SECRET_ACCESS_KEY }}
+          aws_s3_bucket_name: ${{ env.AWS_S3_BUCKET_NAME }}
+          aws_s3_lock_bucket_name: ${{ env.AWS_S3_LOCK_BUCKET_NAME }}
+          access_point_host: ${{ env.ACCESS_POINT_HOST }}
+          run_id: ${{ env.RUN_ID }}
+          aws_region: ${{ env.AWS_REGION }}
+          aws_role_session_name: ${{ env.AWS_ROLE_SESSION_NAME }}
+          aws_role_arn: ${{ env.AWS_ROLE_ARN }}
+          # used for signing package stuff
+          gpg_passphrase: ${{ env.GPG_PASSPHRASE }}
+          gpg_private_key_base64: ${{ env.GPG_PRIVATE_KEY_BASE64 }}
+          disable_lock: ${{ env.DISABLE_LOCK }}
+          dest_prefix: ${{ env.DEST_PREFIX }}
+          local_packages_path:  "/srv/dist/"
+          apt_skip_mirror:  true
+
       - name: Publish rpm to S3 action
         uses: newrelic/infrastructure-publish-action@v1.3.4
         with:
diff --git a/build/ci.mk b/build/ci.mk
index 42a709984..47ae1d127 100644
--- a/build/ci.mk
+++ b/build/ci.mk
@@ -1,9 +1,13 @@
 BUILDER_IMG_TAG = infrastructure-agent-builder
+BUILDER_IMG_TAG_FIPS = infrastructure-agent-builder-fips
+MODE=?
 
 .PHONY: ci/deps
 ci/deps:GH_ARCH ?= amd64
 ci/deps:
-	@docker build -t $(BUILDER_IMG_TAG) --build-arg GH_ARCH=$(GH_ARCH) -f $(CURDIR)/build/Dockerfile.fips $(CURDIR)
+	@docker build -t $(BUILDER_IMG_TAG) --build-arg GH_ARCH=$(GH_ARCH) -f $(CURDIR)/build/Dockerfile $(CURDIR)
+ci/deps-fips:
+	@docker build -t $(BUILDER_IMG_TAG_FIPS) --build-arg GH_ARCH=$(GH_ARCH) -f $(CURDIR)/build/Dockerfile.fips $(CURDIR)
 
 .PHONY: ci/validate
 ci/validate: ci/deps
@@ -59,6 +63,10 @@ ci/tools-test: ci/deps
 ci/prerelease/linux:
 	TARGET_OS=linux $(MAKE) ci/prerelease
 
+.PHONY : ci/prerelease/linux-fips
+ci/prerelease/linux-fips:
+	TARGET_OS=linux-fips $(MAKE) ci/prerelease-fips
+
 .PHONY : ci/prerelease/linux-amd64
 ci/prerelease/linux-amd64:
 	TARGET_OS=linux-amd64 $(MAKE) ci/prerelease
@@ -107,6 +115,29 @@ ifdef TAG
 			-e SNAPSHOT=false \
 			$(BUILDER_IMG_TAG) make release-${TARGET_OS}
 
+
+else
+	@echo "===> infrastructure-agent ===  [ci/prerelease/linux] TAG env variable expected to be set"
+	exit 1
+endif
+
+.PHONY : ci/prerelease-fips
+ci/prerelease-fips: ci/deps-fips
+ifdef TAG
+	@docker run --rm -t \
+			--name "infrastructure-agent-prerelease" \
+			-v $(CURDIR):/go/src/github.com/newrelic/infrastructure-agent \
+            -w /go/src/github.com/newrelic/infrastructure-agent \
+			-e PRERELEASE=true \
+			-e GITHUB_TOKEN \
+			-e TAG \
+			-e GPG_MAIL \
+			-e GPG_PASSPHRASE \
+			-e GPG_PRIVATE_KEY_BASE64 \
+			-e SNAPSHOT=false \
+			$(BUILDER_IMG_TAG_FIPS) make release-${TARGET_OS}
+
+
 else
 	@echo "===> infrastructure-agent ===  [ci/prerelease/linux] TAG env variable expected to be set"
 	exit 1
diff --git a/build/release.mk b/build/release.mk
index bc34b658d..0fee79c7e 100644
--- a/build/release.mk
+++ b/build/release.mk
@@ -69,6 +69,17 @@ release/pkg-linux: release/get-fluentbit-linux-arm64
 	@echo "=== [release/pkg-linux] PRE-RELEASE compiling all binaries, creating packages, archives"
 	$(GORELEASER_BIN) release --config $(GORELEASER_CONFIG_LINUX) $(PKG_FLAGS)
 
+.PHONY : release/pkg-linux-fips
+release/pkg-linux: release/deps release/clean generate-goreleaser-multiarch-fips
+release/pkg-linux: release/get-integrations-amd64 #NO FIPS ASSETS AVAILABLE FOR NOW
+release/pkg-linux: release/get-integrations-arm64 #NO FIPS ASSETS AVAILABLE FOR NOW
+release/pkg-linux: release/get-integrations-arm #NO FIPS ASSETS AVAILABLE FOR NOW
+release/pkg-linux: release/get-fluentbit-linux-amd64 #NO FIPS ASSETS AVAILABLE FOR NOW
+#release/pkg-linux: release/get-fluentbit-linux-arm
+release/pkg-linux: release/get-fluentbit-linux-arm64 #NO FIPS ASSETS AVAILABLE FOR NOW
+	@echo "=== [release/pkg-linux] PRE-RELEASE compiling all binaries, creating packages, archives"
+	$(GORELEASER_BIN) release --config $(GORELEASER_CONFIG_LINUX) $(PKG_FLAGS)
+
 .PHONY : release/pkg-linux-amd64
 release/pkg-linux-amd64: release/deps release/clean
 release/pkg-linux-amd64: generate-goreleaser-amd64
@@ -84,11 +95,11 @@ release/pkg-linux-arm: release/get-integrations-arm
 	@echo "=== [release/pkg-linux-arm] PRE-RELEASE compiling all binaries, creating packages, archives"
 	$(GORELEASER_BIN) release --config $(GORELEASER_CONFIG_LINUX) $(PKG_FLAGS)
 
-.PHONY : release/pkg-linux-arm64
-release/pkg-linux-arm64: release/deps release/clean generate-goreleaser-arm64
-release/pkg-linux-arm64: release/get-integrations-arm64
-release/pkg-linux-arm64: release/get-fluentbit-linux-arm64
-	@echo "=== [release/pkg-linux-arm64] PRE-RELEASE compiling all binaries, creating packages, archives"
+.PHONY : release/pkg-linux-fips-arm64
+release/pkg-linux-fips-arm64: release/deps release/clean generate-goreleaser-fips-arm64
+release/pkg-linux-fips-arm64: release/get-integrations-arm64
+release/pkg-linux-fips-arm64: release/get-fluentbit-linux-arm64
+	@echo "=== [release/pkg-linux-arm64] PRE-RELEASE compiling all fips binaries, creating packages, archives"
 	$(GORELEASER_BIN) release --config $(GORELEASER_CONFIG_LINUX) $(PKG_FLAGS)
 
 .PHONY : release/pkg-linux-legacy
@@ -148,6 +159,10 @@ release-linux-arm: release/pkg-linux-arm release/fix-tarballs-linux release/sign
 release-linux-arm64: release/pkg-linux-arm64 release/fix-tarballs-linux release/sign
 	@echo "=== [release-linux-arm64] full pre-release cycle complete for nix"
 
+.PHONY : release-linux-fips-arm64
+release-linux-fips-arm64: release/pkg-linux-arm64 release/fix-tarballs-linux release/sign
+	@echo "=== [release-linux-arm64] full pre-release cycle complete for nix"
+
 .PHONY : release-linux-legacy
  release-linux-legacy: release/pkg-linux-legacy release/fix-tarballs-linux release/sign
 	@echo "=== [release-linux-legacy] full pre-release cycle complete for nix"
@@ -287,6 +302,49 @@ generate-goreleaser-multiarch:
   		$(CURDIR)/build/goreleaser/linux/sles_155_arm64.yml\
   		 > $(GORELEASER_CONFIG_LINUX)
 
+.PHONY : generate-goreleaser-multiarch-fips
+generate-goreleaser-multiarch-fips:
+	cat $(CURDIR)/build/goreleaser/linux/header.yml\
+		$(CURDIR)/build/goreleaser/linux/build_amd64.yml\
+		$(CURDIR)/build/goreleaser/linux/build_arm.yml\
+		$(CURDIR)/build/goreleaser/linux/build_arm64.yml\
+		$(CURDIR)/build/goreleaser/linux/archives_header.yml\
+		$(CURDIR)/build/goreleaser/linux/archives_amd64.yml\
+		$(CURDIR)/build/goreleaser/linux/archives_arm.yml\
+		$(CURDIR)/build/goreleaser/linux/archives_arm64.yml\
+		$(CURDIR)/build/goreleaser/linux/nfpms_header.yml\
+		$(CURDIR)/build/goreleaser/linux/al2023_amd64.yml\
+		$(CURDIR)/build/goreleaser/linux/al2023_arm.yml\
+		$(CURDIR)/build/goreleaser/linux/al2023_arm64.yml\
+  		$(CURDIR)/build/goreleaser/linux/al2_amd64.yml\
+  		$(CURDIR)/build/goreleaser/linux/al2_arm.yml\
+  		$(CURDIR)/build/goreleaser/linux/al2_arm64.yml\
+  		$(CURDIR)/build/goreleaser/linux/centos_6_amd64.yml\
+  		$(CURDIR)/build/goreleaser/linux/centos_7_amd64.yml\
+  		$(CURDIR)/build/goreleaser/linux/centos_7_arm.yml\
+  		$(CURDIR)/build/goreleaser/linux/centos_7_arm64.yml\
+  		$(CURDIR)/build/goreleaser/linux/centos_8_amd64.yml\
+  		$(CURDIR)/build/goreleaser/linux/centos_8_arm.yml\
+  		$(CURDIR)/build/goreleaser/linux/centos_8_arm64.yml\
+  		$(CURDIR)/build/goreleaser/linux/rhel_9_amd64.yml\
+  		$(CURDIR)/build/goreleaser/linux/rhel_9_arm.yml\
+  		$(CURDIR)/build/goreleaser/linux/rhel_9_arm64.yml\
+  		$(CURDIR)/build/goreleaser/linux/debian_systemd_amd64.yml\
+  		$(CURDIR)/build/goreleaser/linux/debian_systemd_arm.yml\
+  		$(CURDIR)/build/goreleaser/linux/debian_systemd_arm64.yml\
+  		$(CURDIR)/build/goreleaser/linux/debian_upstart_amd64.yml\
+  		$(CURDIR)/build/goreleaser/linux/sles_125_amd64.yml\
+  		$(CURDIR)/build/goreleaser/linux/sles_125_arm64.yml\
+  		$(CURDIR)/build/goreleaser/linux/sles_152_amd64.yml\
+  		$(CURDIR)/build/goreleaser/linux/sles_152_arm64.yml\
+  		$(CURDIR)/build/goreleaser/linux/sles_153_amd64.yml\
+  		$(CURDIR)/build/goreleaser/linux/sles_153_arm64.yml\
+  		$(CURDIR)/build/goreleaser/linux/sles_154_amd64.yml\
+  		$(CURDIR)/build/goreleaser/linux/sles_154_arm64.yml\
+  		$(CURDIR)/build/goreleaser/linux/sles_155_amd64.yml\
+  		$(CURDIR)/build/goreleaser/linux/sles_155_arm64.yml\
+  		 > $(GORELEASER_CONFIG_LINUX)
+
 .PHONY : generate-goreleaser-for-docker
 generate-goreleaser-for-docker:
 	cat $(CURDIR)/build/goreleaser/linux/header.yml\
diff --git a/build/upload-schema-linux-deb.yml b/build/upload-schema-linux-deb.yml
index 65034b80b..286cf6cd9 100644
--- a/build/upload-schema-linux-deb.yml
+++ b/build/upload-schema-linux-deb.yml
@@ -1,5 +1,5 @@
 ---
-- src: "newrelic-infra_systemd_{version}_{arch}.deb"
+- src: "newrelic-infra_systemd_{version}_{arch}_fips.deb"
   arch:
     - amd64
     - arm64
@@ -22,7 +22,7 @@
         - bullseye
         - bookworm
 
-- src: "newrelic-infra_upstart_{version}_{arch}.deb"
+- src: "newrelic-infra_upstart_{version}_{arch}_fips.deb"
   arch:
     - amd64
   uploads:
@@ -37,7 +37,7 @@
   # UPLOAD CHECKSUMS #
 #########################
 
-- src: "newrelic-infra_systemd_{version}_{arch}.deb.sum"
+- src: "newrelic-infra_systemd_{version}_{arch}_fips.deb.sum"
   arch:
     - amd64
     - arm64
@@ -45,7 +45,7 @@
   uploads:
     - type: file
       dest: "{dest_prefix}linux/apt/pool/main/n/newrelic-infra/{src}"
-- src: "newrelic-infra_upstart_{version}_{arch}.deb.sum"
+- src: "newrelic-infra_upstart_{version}_{arch}_fips.deb.sum"
   arch:
     - amd64
   uploads: