aherman
/
packer
mirror of https://github.com/hashicorp/packer
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Initial crt onboarding attempt

Browse Source
crt-onboarding-test
Michele Degges 4 years ago
parent 9f4a1281dd
commit aec184993a
20 changed files with 958 additions and 274 deletions
Show Stats Download Patch File Download Diff File

236
.circleci/config.yml
Unescape View File

@ -1,236 +0,0 @@
orbs:
win: circleci/windows@1.0.0
version: 2.1
executors:
golang:
docker:
- image: docker.mirror.hashicorp.services/circleci/golang:1.17
resource_class: medium+
darwin:
macos:
xcode: "12.0.0"
commands:
install-go-run-tests-unix:
parameters:
GOOS:
type: string
GOVERSION:
type: string
HOME:
type: string
default: "~"
steps:
- checkout
- run: curl https://dl.google.com/go/go<< parameters.GOVERSION >>.<< parameters.GOOS >>-amd64.tar.gz | tar -C << parameters.HOME >>/ -xz
- run: << parameters.HOME >>/go/bin/go test ./... -coverprofile=coverage.txt -covermode=atomic
install-go-run-tests-windows:
parameters:
GOVERSION:
type: string
steps:
- checkout
- run: curl https://dl.google.com/go/go<< parameters.GOVERSION >>.windows-amd64.zip --output ~/go<< parameters.GOVERSION >>.windows-amd64.zip
- run: unzip ~/go<< parameters.GOVERSION >>.windows-amd64.zip -d ~/
- run: ~/go/bin/go test ./... -coverprofile=coverage.txt -covermode=atomic
build-and-persist-packer-binary:
parameters:
GOOS:
type: string
GOARCH:
default: "amd64"
type: string
steps:
- checkout
- run: GOOS=<< parameters.GOOS >> GOARCH=<<parameters.GOARCH>> go build -ldflags="-s -w -X github.com/hashicorp/packer/version.GitCommit=${CIRCLE_SHA1}" -o ./pkg/packer_<< parameters.GOOS >>_<< parameters.GOARCH >> .
- run: zip ./pkg/packer_<< parameters.GOOS >>_<< parameters.GOARCH >>.zip ./pkg/packer_<< parameters.GOOS >>_<< parameters.GOARCH >>
- run: rm ./pkg/packer_<< parameters.GOOS >>_<< parameters.GOARCH >>
- persist_to_workspace:
root: .
paths:
- ./pkg/
# Golang CircleCI 2.0 configuration file
#
# Check https://circleci.com/docs/2.0/language-go/ for more details
jobs:
test-linux:
executor: golang
resource_class: large
working_directory: /go/src/github.com/hashicorp/packer
steps:
- checkout
- run: TESTARGS="-coverprofile=coverage.txt -covermode=atomic" make ci
test-darwin:
executor: darwin
working_directory: ~/go/github.com/hashicorp/packer
steps:
- install-go-run-tests-unix:
GOOS: darwin
GOVERSION: "1.17"
test-windows:
executor:
name: win/vs2019
shell: bash.exe
steps:
- install-go-run-tests-windows:
GOVERSION: "1.17"
check-mod-tidy:
executor: golang
working_directory: /go/src/github.com/hashicorp/packer
steps:
- checkout
- run: go mod tidy -compat=1.17
check-lint:
executor: golang
resource_class: xlarge
steps:
- checkout
- run: git fetch --all
- run:
command: make ci-lint
no_output_timeout: 30m
check-fmt:
executor: golang
steps:
- checkout
- run: make fmt-check
check-generate:
executor: golang
working_directory: /go/src/github.com/hashicorp/packer
steps:
- checkout
- run: make generate-check
build_linux:
executor: golang
steps:
- build-and-persist-packer-binary:
GOOS: linux
build_windows:
executor: golang
working_directory: /go/src/github.com/hashicorp/packer
steps:
- build-and-persist-packer-binary:
GOOS: windows
build_darwin:
executor: golang
working_directory: /go/src/github.com/hashicorp/packer
steps:
- build-and-persist-packer-binary:
GOOS: darwin
build_darwin_arm64:
executor: golang
working_directory: /go/src/github.com/hashicorp/packer
steps:
- build-and-persist-packer-binary:
GOOS: darwin
GOARCH: arm64
build_freebsd:
executor: golang
working_directory: /go/src/github.com/hashicorp/packer
steps:
- build-and-persist-packer-binary:
GOOS: freebsd
build_solaris:
executor: golang
working_directory: /go/src/github.com/hashicorp/packer
steps:
- build-and-persist-packer-binary:
GOOS: solaris
build_openbsd:
executor: golang
working_directory: /go/src/github.com/hashicorp/packer
steps:
- build-and-persist-packer-binary:
GOOS: openbsd
store_artifacts:
executor: golang
steps:
- attach_workspace:
at: .
- store_artifacts:
path: ./pkg/
destination: /
build-website-docker-image:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
steps:
- checkout
- setup_remote_docker
- run:
name: Build Docker Image if Necessary
command: |
IMAGE_TAG=$(cat website/Dockerfile website/package-lock.json | sha256sum | awk '{print $1;}')
echo "Using $IMAGE_TAG"
if curl https://hub.docker.com/v2/repositories/hashicorp/packer-website/tags/$IMAGE_TAG -fsL > /dev/null; then
echo "Dependencies have not changed, not building a new website docker image."
else
cd website/
docker login -u $WEBSITE_DOCKER_USER -p $WEBSITE_DOCKER_PASS
docker build -t hashicorp/packer-website:$IMAGE_TAG .
docker tag hashicorp/packer-website:$IMAGE_TAG hashicorp/packer-website:latest
docker push hashicorp/packer-website
fi
algolia-index:
docker:
- image: docker.mirror.hashicorp.services/node:14
steps:
- checkout
- run:
name: Push content to Algolia Index
command: |
if [ "$CIRCLE_REPOSITORY_URL" != "git@github.com:hashicorp/packer.git" ]; then
echo "Not Packer OSS Repo, not indexing Algolia"
exit 0
fi
cd website/
npm install -g npm@latest
npm install
npx ts-node --skip-ignore -P ./scripts/tsconfig.json ./scripts/index_search_content.ts
workflows:
version: 2
test:
jobs:
- test-linux
- test-darwin
- test-windows
check-code:
jobs:
- check-lint
- check-fmt
- check-mod-tidy
- check-generate
build_packer_binaries:
jobs:
- build_linux
- build_darwin
- build_darwin_arm64
- build_windows
- build_freebsd
- build_openbsd
- build_solaris
- store_artifacts:
requires:
- build_linux
- build_darwin
- build_darwin_arm64
- build_windows
- build_freebsd
- build_openbsd
- build_solaris
website:
jobs:
- build-website-docker-image:
filters:
branches:
only:
- master
- algolia-index:
filters:
branches:
only:
- stable-website

17
.github/workflows/acceptance-test.yml vendored
Unescape View File

@ -0,0 +1,17 @@
name: "Acceptance Test"
on:
schedule:
# Runs every day at midnight
- cron: "0 0 * * *"
jobs:
acceptnace-test:
runs-on: ubuntu-latest
name: Acceptance Test
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: '1.17'
- run: make testacc

24
.github/workflows/algolia-index.yml vendored
Unescape View File

@ -0,0 +1,24 @@
name: "Algolia index"
on:
push:
# Sequence of patterns matched against refs/heads
branches:
# Push events on stable-website branch
- 'stable-website'
jobs:
algolia-index:
runs-on: ubuntu-latest
name: Push content to Algolia Index
if: github.repository == 'hashicorp/packer' && github.ref_name == 'stable-website'
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: '14'
- run: |
cd website/
npm install -g npm@latest
npm install
npx ts-node --skip-ignore -P ./scripts/tsconfig.json ./scripts/index_search_content.ts

254
.github/workflows/build.yml vendored
Unescape View File

@ -0,0 +1,254 @@
name: build
on:
push:
# Sequence of patterns matched against refs/heads
branches:
# Push events on main branch
- 'main'
- 'crt-onboarding' # Used for testing ONLY. Must be removed before merging
env:
PKG_NAME: "packer"
jobs:
get-product-version:
runs-on: ubuntu-latest
outputs:
product-version: ${{ steps.get-product-version.outputs.product-version }}
steps:
- uses: actions/checkout@v2
- name: Setup go
uses: actions/setup-go@v2
with:
go-version: "1.17.5"
- name: get product version
id: get-product-version
run: |
make version
echo "::set-output name=product-version::$(make version)"
generate-metadata-file:
needs: get-product-version
runs-on: ubuntu-latest
outputs:
filepath: ${{ steps.generate-metadata-file.outputs.filepath }}
steps:
- name: 'Checkout directory'
uses: actions/checkout@v2
- name: Generate metadata file
id: generate-metadata-file
uses: hashicorp/actions-generate-metadata@main
with:
version: ${{ needs.get-product-version.outputs.product-version }}
product: ${{ env.PKG_NAME }}
- uses: actions/upload-artifact@v2
with:
name: metadata.json
path: ${{ steps.generate-metadata-file.outputs.filepath }}
set-ld-flags:
needs: get-product-version
runs-on: ubuntu-latest
outputs:
ldflags: ${{ steps.generate-ld-flags.outputs.ldflags }}
steps:
- uses: actions/checkout@v2
- name: 'Generate ld flags'
id: generate-ld-flags
run: |
project="$(go list -m)"
sha="$(git rev-parse HEAD)"
echo "::set-output name=ldflags::"-s -w -X \'$project/version.GitCommit=$sha\'""
build-other:
needs:
- get-product-version
- set-ld-flags
runs-on: ubuntu-latest
strategy:
matrix:
goos: [ freebsd, windows, netbsd, openbsd, solaris ]
goarch: [ "386", "amd64", "arm" ]
go: [ "1.17.5" ]
exclude:
- goos: solaris
goarch: 386
- goos: solaris
goarch: arm
- goos: windows
goarch: arm
fail-fast: true
name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
env:
GOPRIVATE: "github.com/hashicorp"
GO111MODULE: on
LD_FLAGS: ${{ needs.set-ld-flags.outputs.ldflags }}
steps:
- uses: actions/checkout@v2
- name: Setup go
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go }}
- name: Setup Git
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- name: Go Build
env:
GOOS: ${{ matrix.goos }}
GOARCH: ${{ matrix.goarch }}
CGO_ENABLED: 0
run: |
mkdir -p dist out
unset GOPATH;
go build -v -ldflags "${{ env.LD_FLAGS }}" -o dist/ .
zip -r -j out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/
- uses: actions/upload-artifact@v2
with:
name: ${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
path: out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
build-linux:
needs:
- get-product-version
- set-ld-flags
runs-on: ubuntu-latest
strategy:
matrix:
goos: [linux]
goarch: ["arm", "arm64", "386", "amd64"]
go: [ "1.17.5" ]
fail-fast: true
name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
env:
GOPRIVATE: "github.com/hashicorp"
GO111MODULE: on
LD_FLAGS: ${{ needs.set-ld-flags.outputs.ldflags }}
steps:
- uses: actions/checkout@v2
- name: Setup Git
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- name: Setup go
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go }}
- name: Go Build
env:
GOOS: ${{ matrix.goos }}
GOARCH: ${{ matrix.goarch }}
CGO_ENABLED: 0
run: |
mkdir -p dist out
unset GOPATH;
go build -v -ldflags "${{ env.LD_FLAGS }}" -o dist/ .
zip -r -j out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/
- uses: actions/upload-artifact@v2
with:
name: ${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
path: out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
- name: Linux Packaging
uses: hashicorp/actions-packaging-linux@v1
with:
name: ${{ github.event.repository.name }}
description: "HashiCorp Packer - A tool for creating identical machine images for multiple platforms from a single source configuration"
arch: ${{ matrix.goarch }}
version: ${{ needs.get-product-version.outputs.product-version }}
maintainer: "HashiCorp"
homepage: "https://www.packer.io/docs"
license: "MPL-2.0"
binary: "dist/${{ env.PKG_NAME }}"
deb_depends: "openssl"
rpm_depends: "openssl"
config_dir: ".release/linux/package/"
preinstall: ".release/linux/preinst"
postremove: ".release/linux/postrm"
- name: Add Linux Package names to env
run: |
echo "RPM_PACKAGE=$(basename out/*.rpm)" >> $GITHUB_ENV
echo "DEB_PACKAGE=$(basename out/*.deb)" >> $GITHUB_ENV
- uses: actions/upload-artifact@v2
with:
name: ${{ env.RPM_PACKAGE }}
path: out/${{ env.RPM_PACKAGE }}
- uses: actions/upload-artifact@v2
with:
name: ${{ env.DEB_PACKAGE }}
path: out/${{ env.DEB_PACKAGE }}
build-darwin:
needs:
- get-product-version
- set-ld-flags
runs-on: macos-latest
strategy:
matrix:
goos: [ darwin ]
goarch: [ "amd64", "arm64" ]
go: [ "1.17.5" ]
fail-fast: true
name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
env:
GOPRIVATE: "github.com/hashicorp"
GO111MODULE: on
LD_FLAGS: ${{ needs.set-ld-flags.outputs.ldflags }}
steps:
- uses: actions/checkout@v2
- name: Setup go
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go }}
- name: Go Build
env:
GOOS: ${{ matrix.goos }}
GOARCH: ${{ matrix.goarch }}
CGO_ENABLED: 0
run: |
mkdir -p dist out
unset GOPATH;
go build -v -tags "netcgo" -ldflags "${{ env.LD_FLAGS }}" -o dist/ .
zip -r -j out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/
- uses: actions/upload-artifact@v2
with:
name: ${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
path: out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
build-docker:
name: Docker ${{ matrix.arch }} build
needs:
- get-product-version
- build-linux
runs-on: ubuntu-latest
strategy:
matrix:
arch: ["arm", "arm64", "386", "amd64"]
env:
repo: ${{ github.event.repository.name }}
version: ${{ needs.get-product-version.outputs.product-version }}
steps:
- uses: actions/checkout@v2
- name: Login to Artifactory
uses: docker/login-action@v1
with:
registry: docker.artifactory.hashicorp.engineering
username: ${{ secrets.ARTIFACTORY_RO_USER }}
password: ${{ secrets.ARTIFACTORY_RO_TOKEN }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
with:
image: docker.artifactory.hashicorp.engineering/prodsec-binfmt:latest
- name: Docker Build (Action)
uses: hashicorp/actions-docker-build@v1
with:
version: ${{env.version}}
target: default
arch: ${{matrix.arch}}
tags: |
docker.io/hashicorp/${{env.repo}}:${{env.version}}
public.ecr.aws/hashicorp/${{env.repo}}:${{env.version}}

40
.github/workflows/go-test.yml vendored
Unescape View File

@ -0,0 +1,40 @@
name: "Go Test"
on:
push:
# Sequence of patterns matched against refs/heads
branches:
# Push events on main branch
- 'main'
- 'crt-onboarding' # Used for testing ONLY. Must be removed before merging
pull_request:
paths:
- "**"
jobs:
linux-go-tests:
runs-on: ubuntu-latest
container:
image: ghcr.io/ghcri/golang:1.17
name: Linux go tests
steps:
- uses: actions/checkout@v2
- run: TESTARGS="-coverprofile=coverage.txt -covermode=atomic" make ci
darwin-go-tests:
runs-on: macos-latest
name: Darwin go tests
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: '1.17'
- run: go test ./... -coverprofile=coverage.txt -covermode=atomic
windows-go-tests:
runs-on: windows-latest
name: Windows go tests
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: '1.17'
- run: go test ./... -coverprofile=coverage.txt -covermode=atomic

55
.github/workflows/go-validate.yml vendored
Unescape View File

@ -0,0 +1,55 @@
name: "Go Validate"
on:
push:
# Sequence of patterns matched against refs/heads
branches:
# Push events on main branch
- 'main'
- 'crt-onboarding' # Used for testing ONLY. Must be removed before merging
pull_request:
paths:
- "**"
jobs:
check-mod-tidy:
runs-on: ubuntu-latest
name: Go Mod Tidy
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: '1.17'
- run: go mod tidy
check-lint:
runs-on: ubuntu-latest
name: Lint
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- uses: actions/setup-go@v2
with:
go-version: '1.17'
- run: echo "$GITHUB_SHA"
- run: git fetch --all
- run: echo $(git merge-base origin/master $GITHUB_SHA)
- run: make ci-lint
check-fmt:
runs-on: ubuntu-latest
name: Fmt check
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: '1.17'
- run: make fmt-check
check-generate:
runs-on: ubuntu-latest
name: Generate check
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: '1.17'
- run: make generate-check

28
.github/workflows/website-docker-image.yml vendored
Unescape View File

@ -0,0 +1,28 @@
name: "Website Docker Image"
on:
push:
# Sequence of patterns matched against refs/heads
branches:
# Push events on master branch
- 'master'
- 'crt-onboarding' # for testing only. remove before merging.
jobs:
website-docker-image:
runs-on: ubuntu-latest
name: Build Docker Image if Necessary
steps:
- uses: actions/checkout@v2
- run: |
IMAGE_TAG=$(cat website/Dockerfile website/package-lock.json | sha256sum | awk '{print $1;}')
echo "Using $IMAGE_TAG"
if curl https://hub.docker.com/v2/repositories/hashicorp/packer-website/tags/$IMAGE_TAG -fsL > /dev/null; then
echo "Dependencies have not changed, not building a new website docker image."
else
cd website/
docker login -u $WEBSITE_DOCKER_USER -p $WEBSITE_DOCKER_PASS
docker build -t hashicorp/packer-website:$IMAGE_TAG .
docker tag hashicorp/packer-website:$IMAGE_TAG hashicorp/packer-website:latest
docker push hashicorp/packer-website
fi

216
.release/ci.hcl
Unescape View File

@ -0,0 +1,216 @@
schema = "1"
project "packer" {
team = "#team-packer"
slack {
notification_channel = "C032JM64THT"
}
github {
organization = "hashicorp"
repository = "packer"
release_branches = [
"main",
"crt-onboarding"
]
}
}
event "merge" {
// "entrypoint" to use if build is not run automatically
// i.e. send "merge" complete signal to orchestrator to trigger build
}
event "build" {
depends = ["merge"]
action "build" {
organization = "hashicorp"
repository = "packer"
workflow = "build"
}
}
event "upload-dev" {
depends = ["build"]
action "upload-dev" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "upload-dev"
depends = ["build"]
}
notification {
on = "fail"
}
}
event "quality-tests" {
depends = ["upload-dev"]
action "quality-tests" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "quality-tests"
}
notification {
on = "fail"
}
}
event "security-scan-binaries" {
depends = ["upload-dev"]
action "security-scan-binaries" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "security-scan-binaries"
config = "security-scan.hcl"
}
notification {
on = "fail"
}
}
event "security-scan-containers" {
depends = ["security-scan-binaries"]
action "security-scan-containers" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "security-scan-containers"
config = "security-scan.hcl"
}
notification {
on = "fail"
}
}
event "notarize-darwin-amd64" {
depends = ["security-scan-containers"]
action "notarize-darwin-amd64" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "notarize-darwin-amd64"
}
notification {
on = "fail"
}
}
event "notarize-windows-386" {
depends = ["notarize-darwin-amd64"]
action "notarize-windows-386" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "notarize-windows-386"
}
notification {
on = "fail"
}
}
event "notarize-windows-amd64" {
depends = ["notarize-windows-386"]
action "notarize-windows-amd64" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "notarize-windows-amd64"
}
notification {
on = "fail"
}
}
event "sign" {
depends = ["notarize-windows-amd64"]
action "sign" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "sign"
}
notification {
on = "fail"
}
}
event "sign-linux-rpms" {
depends = ["sign"]
action "sign-linux-rpms" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "sign-linux-rpms"
}
notification {
on = "fail"
}
}
event "verify" {
depends = ["sign-linux-rpms"]
action "verify" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "verify"
}
notification {
on = "fail"
}
}
event "promote-staging" {
action "promote-staging" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "promote-staging"
}
notification {
on = "fail"
}
notification {
on = "success"
}
}
event "promote-production" {
action "promote-production" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "promote-production"
}
notification {
on = "fail"
}
notification {
on = "success"
}
}
event "post-publish" {
depends = ["promote-production"]
action "post-publish" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "post-publish"
}
notification {
on = "fail"
}
notification {
on = "success"
}
}

99
.release/docker/README.md
Unescape View File

@ -0,0 +1,99 @@
# Packer Docker Container
The root of this repository contains the officially supported HashiCorp Dockerfile to build the hashicorp/packer docker image. The `dev` docker image should be built for local dev and testing, while the production docker image, `default`, is built in CI and makes use of CI-built binaries. The `official` docker image is built using the official binaries from releases.hashicorp.com.
## Build
See the Makefile targets in the root of this repository for building Packer images in either
development or release modes:
- `make docker-dev` or `make docker-full`
- `make docker-multiarch-official`
- `make docker-official` or `make docker-light`
- `make docker`
### Usage
This repository automatically builds containers for using the
[`packer`](https://packer.io) command line program. It contains two distinct
varieties of build, an `official` version, aka `light`, which just contains the binary.
It also contains a `dev` version, aka `full`, which compiles the binary from source
inside the container before exposing it for use.
##### `official` aka `light` (default)
The `official` version of this container will copy the current stable version of
the binary, taken from releases.hashicorp.com, into the container. It will also
set it for use as the default entrypoint. This will be the best option for most uses,
especially if you are just looking to run the binary from a container. This image
is tagged as both `official` and `light`.
The `latest` tag on DockerHub also points to this version.
You can use this version with the following:
```shell
docker run <args> hashicorp/packer:official <command>
```
##### `dev` aka `full`
The `dev` version of this container contains all of the source code found in
the current ref of this [repository](https://github.com/hashicorp/packer). Using [Google's
official `golang` image](https://hub.docker.com/_/golang/) as a base, this
container will copy the source from the current branch, build the binary, and
expose it for running. Because all build artifacts are included, it should be quite a bit larger than
the `official` image. This version of the container is most useful for development or
debugging.
You can use this version with the following:
```shell
docker run <args> hashicorp/packer:dev <command>
```
#### Running a build:
The easiest way to run a command that references a configuration with one or more template files, is to mount a volume for the local workspace.
Running `packer init`
```shell
docker run \
-v `pwd`:/workspace -w /workspace \
-e PACKER_PLUGIN_PATH=/workspace/.packer.d/plugins \
hashicorp/packer:latest \
init .
```
~> **Note**: packer init is available from Packer v1.7.0 and later
The command will mount the working directory (`pwd`) to `workspace`, which is the working directory (`-w`) inside the container.
Any plugin installed with `packer init` will be installed under the directory specified under the `PACKER_PLUGIN_PATH` environment variable. `PACKER_PLUGIN_PATH` must be set to a path inside the volume mount so that plugins can become available at `packer build`.
Running `packer build`
```shell
docker run \
-v `pwd`:/workspace -w /workspace \
-e PACKER_PLUGIN_PATH=/workspace/.packer.d/plugins \
hashicorp/packer:latest \
build .
```
##### Building old-legacy JSON templates
For old-legacy JSON, the build command must specify the template file(s).
```shell
docker run \
-v `pwd`:/workspace -w /workspace \
hashicorp/packer:latest \
build template.json
```
For the [manual installation](https://www.packer.io/docs/plugins#installing-plugins) of third-party plugins, we recommended that plugin binaries are placed under a sub-directory under the working directory. Add `-e PACKER_PLUGIN_PATH=/workspace/<subdirectory_plugin_path>` to the command above to tell Packer where the plugins are.
To pass a var file (`var.json`) to the build command:
```shell
docker run \
-v `pwd`:/workspace -w /workspace \
hashicorp/packer:latest \
build --var-file var.json template.json
```
`var.json` is expected to be inside the local working directory (`pwd`) and in the container's workspace mount.

0
.release/linux/package/etc/packer.d/packer.env
Unescape View File

23
.release/linux/package/usr/lib/systemd/system/packer.service
Unescape View File

@ -0,0 +1,23 @@
[Unit]
Description="HashiCorp Packer - A tool for creating identical machine images for multiple platforms from a single source configuration"
Documentation=https://www.packer.io/docs
StartLimitIntervalSec=60
StartLimitBurst=3
[Service]
EnvironmentFile=-/etc/packer.d/packer.env
User=packer
Group=packer
ProtectSystem=full
ProtectHome=read-only
ExecStart=/usr/bin/packer server -config=/etc/packer.d
ExecReload=/bin/kill --signal HUP $MAINPID
KillMode=process
KillSignal=SIGINT
Restart=on-failure
RestartSec=5
TimeoutStopSec=30
LimitMEMLOCK=infinity
[Install]
WantedBy=multi-user.target

8
.release/linux/postrm
Unescape View File

@ -0,0 +1,8 @@
#!/bin/bash
if [ "$1" = "purge" ]
then
userdel packer
fi
exit 0

13
.release/linux/preinst
Unescape View File

@ -0,0 +1,13 @@
#!/bin/bash
set -eu
USER="packer"
if ! id -u $USER > /dev/null 2>&1; then
useradd \
--system \
--user-group \
--shell /bin/false \
$USER
fi

13
.release/security-scan.hcl
Unescape View File

@ -0,0 +1,13 @@
container {
dependencies = false
alpine_secdb = true
secrets = false
}
binary {
secrets = true
go_modules = true
osv = true
oss_index = true
nvd = true
}

113
Dockerfile
Unescape View File

@ -1,30 +1,97 @@
FROM docker.mirror.hashicorp.services/ubuntu:16.04
# This Dockerfile contains multiple targets.
# Use 'docker build --target=<name> .' to build one.
# e.g. `docker build --target=official-light .`
#
# All non-dev targets have a VERSION argument that must be provided
# via --build-arg=VERSION=<version> when building.
# e.g. --build-arg VERSION=1.11.2
#
# `default` is the production docker image which cannot be built locally.
# For local dev and testing purposes, please build and use the `dev` docker image.
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && apt-get install -y \
locales \
openssh-server \
sudo
# Development docker image
# This image includes all source code found in this repository.
# This is primarily used for development and debugging.
FROM docker.mirror.hashicorp.services/alpine:latest as dev
RUN locale-gen en_US.UTF-8
RUN apk add --no-cache git bash openssl ca-certificates
RUN if ! getent passwd vagrant; then useradd -d /home/vagrant -m -s /bin/bash vagrant; fi \
&& echo 'vagrant ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers \
&& mkdir -p /etc/sudoers.d \
&& echo 'vagrant ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers.d/vagrant \
&& chmod 0440 /etc/sudoers.d/vagrant
ADD bin/packer /bin/packer
RUN mkdir -p /home/vagrant/.ssh \
&& chmod 0700 /home/vagrant/.ssh \
&& wget --no-check-certificate \
https://raw.github.com/hashicorp/vagrant/master/keys/vagrant.pub \
-O /home/vagrant/.ssh/authorized_keys \
&& chmod 0600 /home/vagrant/.ssh/authorized_keys \
&& chown -R vagrant /home/vagrant/.ssh
ENTRYPOINT ["/bin/packer"]
RUN mkdir -p /run/sshd
CMD /usr/sbin/sshd -D \
-o UseDNS=no \
-o PidFile=/tmp/sshd.pid
# Official docker image that includes binaries from releases.hashicorp.com. This
# downloads the release from releases.hashicorp.com and therefore requires that
# the release is published before building the Docker image.
FROM docker.mirror.hashicorp.services/alpine:latest as official
# This is the release of Packer to pull in.
ARG VERSION
LABEL name="Packer" \
maintainer="HashiCorp Packer Team <packer@hashicorp.com>" \
vendor="HashiCorp" \
version=$VERSION \
release=$VERSION \
summary="Packer is a tool for creating identical machine images for multiple platforms from a single source configuration." \
description="Packer is a tool for creating identical machine images for multiple platforms from a single source configuration. Please submit issues to https://github.com/hashicorp/packer/issues"
# This is the location of the releases.
ENV HASHICORP_RELEASES=https://releases.hashicorp.com
RUN set -eux && \
apk add --no-cache git bash wget openssl gnupg && \
gpg --keyserver keyserver.ubuntu.com --recv-keys C874011F0AB405110D02105534365D9472D7468F && \
mkdir -p /tmp/build && \
cd /tmp/build && \
apkArch="$(apk --print-arch)" && \
case "${apkArch}" in \
aarch64) packerArch='arm64' ;; \
armhf) packerArch='arm' ;; \
x86) packerArch='386' ;; \
x86_64) packerArch='amd64' ;; \
*) echo >&2 "error: unsupported architecture: ${apkArch} (see ${HASHICORP_RELEASES}/packer/${VERSION}/)" && exit 1 ;; \
esac && \
wget ${HASHICORP_RELEASES}/packer/${VERSION}/packer_${VERSION}_linux_${packerArch}.zip && \
wget ${HASHICORP_RELEASES}/packer/${VERSION}/packer_${VERSION}_SHA256SUMS && \
wget ${HASHICORP_RELEASES}/packer/${VERSION}/packer_${VERSION}_SHA256SUMS.sig && \
gpg --batch --verify packer_${VERSION}_SHA256SUMS.sig packer_${VERSION}_SHA256SUMS && \
grep packer_${VERSION}_linux_${packerArch}.zip packer_${VERSION}_SHA256SUMS | sha256sum -c && \
unzip -d /tmp/build packer_${VERSION}_linux_${packerArch}.zip && \
cp /tmp/build/packer /bin/packer && \
cd /tmp && \
rm -rf /tmp/build && \
gpgconf --kill all && \
apk del gnupg openssl && \
rm -rf /root/.gnupg && \
# Tiny smoke test to ensure the binary we downloaded runs
packer version
ENTRYPOINT ["/bin/packer"]
# Production docker image
# Remember, this cannot be built locally
FROM docker.mirror.hashicorp.services/alpine:latest as default
ARG VERSION
ARG BIN_NAME
# TARGETARCH and TARGETOS are set automatically when --platform is provided.
ARG TARGETOS TARGETARCH
LABEL name="Packer" \
maintainer="HashiCorp Packer Team <packer@hashicorp.com>" \
vendor="HashiCorp" \
version=$VERSION \
release=$VERSION \
summary="Packer is a tool for creating identical machine images for multiple platforms from a single source configuration." \
description="Packer is a tool for creating identical machine images for multiple platforms from a single source configuration. Please submit issues to https://github.com/hashicorp/packer/issues"
RUN apk add --no-cache git bash wget openssl gnupg
COPY dist/$TARGETOS/$TARGETARCH/$BIN_NAME /bin/
ENTRYPOINT ["/bin/packer"]

45
Makefile
Unescape View File

@ -25,7 +25,7 @@ GOLDFLAGS=-X $(GIT_IMPORT).GitCommit=$(GIT_COMMIT)$(GIT_DIRTY) $(LDFLAGS)
export GOLDFLAGS
.PHONY: bin checkversion ci ci-lint default install-build-deps install-gen-deps fmt fmt-docs fmt-examples generate install-lint-deps lint \
releasebin test testacc testrace
releasebin test testacc testrace version
default: install-build-deps install-gen-deps generate dev
@ -75,6 +75,45 @@ dev: ## Build and install a development build
@cp $(GOPATH)/bin/packer bin/packer
@cp $(GOPATH)/bin/packer pkg/$(GOOS)_$(GOARCH)
# Docker build variables and targets
REGISTRY_NAME?=docker.io/hashicorp
IMAGE_NAME=packer
VERSION?=1.7.10
IMAGE_TAG=$(REGISTRY_NAME)/$(IMAGE_NAME):$(VERSION)
IMAGE_TAG_DEV=$(REGISTRY_NAME)/$(IMAGE_NAME):latest-$(shell git rev-parse --short HEAD)
docker: docker-official
docker-light: docker-official
# Builds from the releases.hashicorp.com official binary
docker-official:
docker build \
--tag $(IMAGE_TAG) \
--tag hashicorp/packer:latest \
--target=official \
--build-arg VERSION=$(VERSION) \
.
# Builds multiarch from the releases.hashicorp.com official binary
docker-multiarch-official:
docker buildx build \
--tag $(IMAGE_TAG) \
--tag hashicorp/packer:latest \
--target=official \
--build-arg VERSION=$(VERSION) \
--platform linux/amd64,linux/arm64 \
.
# Builds from the locally generated binary in ./bin/
# To generate the local binary, run `make dev`
docker-dev: export GOOS=linux
docker-dev: export GOARCH=amd64
docker-dev: dev
@docker build \
--tag $(IMAGE_TAG_DEV) \
--target=dev \
.
lint: install-lint-deps ## Lint Go code
@if [ ! -z $(PKG_NAME) ]; then \
echo "golangci-lint run ./$(PKG_NAME)/..."; \
@ -161,3 +200,7 @@ vet: ## Vet Go code
help:
@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
# This is used for release builds by .github/workflows/build.yml
version:
@$(CURDIR)/scripts/version.sh version/version.go

4
go.mod
Unescape View File

@ -17,10 +17,10 @@ require (
github.com/hako/durafmt v0.0.0-20200710122514-c0fb7b4da026
github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de
github.com/hashicorp/go-cty-funcs v0.0.0-20200930094925-2721b1e36840
github.com/hashicorp/go-getter/v2 v2.0.0
github.com/hashicorp/go-getter/v2 v2.0.1
github.com/hashicorp/go-multierror v1.1.1
github.com/hashicorp/go-uuid v1.0.2
github.com/hashicorp/go-version v1.3.0
github.com/hashicorp/go-version v1.4.0
github.com/hashicorp/hcl/v2 v2.11.1
github.com/hashicorp/hcp-sdk-go v0.15.1-0.20220112153249-f565607d7cc4
github.com/hashicorp/packer-plugin-amazon v1.0.6

6
go.sum
Unescape View File

@ -633,8 +633,9 @@ github.com/hashicorp/go-getter/gcs/v2 v2.0.0-20200604122502-a6995fa1edad/go.mod
github.com/hashicorp/go-getter/s3/v2 v2.0.0-20200604122502-a6995fa1edad h1:hwk5mQRwVvZc/f+So1kHbOhW/f7P2fEcCr2D5pSk9sI=
github.com/hashicorp/go-getter/s3/v2 v2.0.0-20200604122502-a6995fa1edad/go.mod h1:kcB6Mv+0wzYXbQjTAeD/Pb85145WcFk2EElpe02fuoE=
github.com/hashicorp/go-getter/v2 v2.0.0-20200511090339-3107ec4af37a/go.mod h1:QJ+LwRM91JBKBLyHoKBrcmi49i9Tu/ItpgTNXWSnpGM=
github.com/hashicorp/go-getter/v2 v2.0.0 h1:wamdcQazMBZK6VwUo3HAOWLkcOJBWBoXPKfmf7/S17w=
github.com/hashicorp/go-getter/v2 v2.0.0/go.mod h1:w65fE5glbccYjndAuj1kA5lnVBGZYEaH0e5qA1kpIks=
github.com/hashicorp/go-getter/v2 v2.0.1 h1:cHb4azguMwy0NRlEX5U3mT17HM7I17vd8RjBmrJ+1lY=
github.com/hashicorp/go-getter/v2 v2.0.1/go.mod h1:w65fE5glbccYjndAuj1kA5lnVBGZYEaH0e5qA1kpIks=
github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd/go.mod h1:9bjs9uLqI8l75knNv3lV1kA55veR+WUPSiKIWcQHudI=
github.com/hashicorp/go-hclog v0.8.0/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
@ -680,8 +681,9 @@ github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b
github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
github.com/hashicorp/go-version v1.2.1/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
github.com/hashicorp/go-version v1.3.0 h1:McDWVJIU/y+u1BRV06dPaLfLCaT7fUTJLp5r04x7iNw=
github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
github.com/hashicorp/go-version v1.4.0 h1:aAQzgqIrRKRa7w75CKpbBxYsmUoPjzVm1W59ca1L0J4=
github.com/hashicorp/go-version v1.4.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90=
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=

12
scripts/version.sh
Unescape View File

@ -0,0 +1,12 @@
#!/usr/bin/env bash
set -euo pipefail
version_file=$1
version=$(awk '$1 == "Version" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "${version_file}")
prerelease=$(awk '$1 == "VersionPrerelease" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "${version_file}")
if [ -n "$prerelease" ]; then
echo "${version}-${prerelease}"
else
echo "${version}"
fi

26
version/version.go
Unescape View File

@ -5,16 +5,22 @@ import (
pluginVersion "github.com/hashicorp/packer-plugin-sdk/version"
)
// The git commit that was compiled. This will be filled in by the compiler.
var GitCommit string
// The main version number that is being run at the moment.
const Version = "1.7.11"
// A pre-release marker for the version. If this is "" (empty string)
// then it means that it is a final release. Otherwise, this is a pre-release
// such as "dev" (in development), "beta", "rc1", etc.
const VersionPrerelease = "dev"
var (
// The git commit that was compiled. This will be filled in by the compiler.
GitCommit string
GitDescribe string
// Whether cgo is enabled or not; set at build time
CgoEnabled bool
// The main version number that is being run at the moment.
Version = "1.7.11"
// A pre-release marker for the version. If this is "" (empty string)
// then it means that it is a final release. Otherwise, this is a pre-release
// such as "dev" (in development), "beta", "rc1", etc.
VersionPrerelease = "dev"
VersionMetadata = ""
)
var PackerVersion *pluginVersion.PluginVersion

Write Preview
Loading…
Cancel
Save