From c6427d2257a5e321ed5dfd1e9fc680a00d4ac676 Mon Sep 17 00:00:00 2001 From: Nikolay Edigaryev Date: Fri, 22 Nov 2024 16:05:47 +0100 Subject: [PATCH 001/115] build: ensure that LC_UUID is generated for Darwin binaries --- .github/workflows/build.yml | 2 +- .go-version | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e4465fa45..11fc9f377 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -53,7 +53,7 @@ jobs: id: set-ld-flags run: | T="github.com/hashicorp/packer/version" - echo "set-ld-flags=-s -w -X ${T}.GitCommit=${GITHUB_SHA::8} -X ${T}.GitDescribe=${{ steps.set-product-version.outputs.product-version }} -X ${T}.Version=${{ steps.set-product-version.outputs.base-product-version }} -X ${T}.VersionPrerelease=${{ steps.set-product-version.outputs.prerelease-product-version }} -X ${T}.VersionMetadata=" >> $GITHUB_OUTPUT + echo "set-ld-flags=-s -w -B gobuildid -X ${T}.GitCommit=${GITHUB_SHA::8} -X ${T}.GitDescribe=${{ steps.set-product-version.outputs.product-version }} -X ${T}.Version=${{ steps.set-product-version.outputs.base-product-version }} -X ${T}.VersionPrerelease=${{ steps.set-product-version.outputs.prerelease-product-version }} -X ${T}.VersionMetadata=" >> $GITHUB_OUTPUT - name: validate outputs run: | echo "Product Version: ${{ steps.set-product-version.outputs.product-version }}" diff --git a/.go-version b/.go-version index 87b26e8b1..d28b1eb8f 100644 --- a/.go-version +++ b/.go-version @@ -1 +1 @@ -1.22.7 +1.22.9 From 0ddcbaf18fddf81c957a8fdc5236d5ff40545287 Mon Sep 17 00:00:00 2001 From: Martin Grogan Date: Tue, 26 Nov 2024 12:05:05 -0500 Subject: [PATCH 002/115] hcl2template: add strcontains function The strcontains function check if a sub string is a indeed a subset of a given string. hcl2template: add strcontains function The strcontains function check if a sub string is a indeed a subset of a given string. --- hcl2template/function/strcontains.go | 32 ++++++++++ hcl2template/function/strcontains_test.go | 76 +++++++++++++++++++++++ hcl2template/functions.go | 1 + 3 files changed, 109 insertions(+) create mode 100644 hcl2template/function/strcontains.go create mode 100644 hcl2template/function/strcontains_test.go diff --git a/hcl2template/function/strcontains.go b/hcl2template/function/strcontains.go new file mode 100644 index 000000000..7ad962c9e --- /dev/null +++ b/hcl2template/function/strcontains.go @@ -0,0 +1,32 @@ +package function + +import ( + "strings" + + "github.com/zclconf/go-cty/cty" + "github.com/zclconf/go-cty/cty/function" +) + +var StrContains = function.New(&function.Spec{ + Params: []function.Parameter{ + { + Name: "str", + Type: cty.String, + }, + { + Name: "substr", + Type: cty.String, + }, + }, + Type: function.StaticReturnType(cty.Bool), + Impl: func(args []cty.Value, retType cty.Type) (cty.Value, error) { + str := args[0].AsString() + substr := args[1].AsString() + + if strings.Contains(str, substr) { + return cty.True, nil + } + + return cty.False, nil + }, +}) diff --git a/hcl2template/function/strcontains_test.go b/hcl2template/function/strcontains_test.go new file mode 100644 index 000000000..3d1f46a20 --- /dev/null +++ b/hcl2template/function/strcontains_test.go @@ -0,0 +1,76 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package function + +import ( + "fmt" + "testing" + + "github.com/zclconf/go-cty/cty" +) + +func TestStrContains(t *testing.T) { + tests := []struct { + String cty.Value + Substr cty.Value + Want cty.Value + ExpectErr bool + }{ + { + cty.StringVal("hello"), + cty.StringVal("hel"), + cty.BoolVal(true), + false, + }, + { + cty.StringVal("hello"), + cty.StringVal("lo"), + cty.BoolVal(true), + false, + }, + { + cty.StringVal("hello1"), + cty.StringVal("1"), + cty.BoolVal(true), + false, + }, + { + cty.StringVal("hello1"), + cty.StringVal("heo"), + cty.BoolVal(false), + false, + }, + { + cty.StringVal("hello1"), + cty.NumberIntVal(1), + cty.UnknownVal(cty.Bool), + true, + }, + } + + for _, test := range tests { + t.Run(fmt.Sprintf("includes(%#v, %#v)", test.String, test.Substr), func(t *testing.T) { + got, err := StrContains.Call([]cty.Value{ + test.String, + test.Substr, + }) + + if test.ExpectErr && err == nil { + t.Fatal("succeeded; want error") + } + + if test.ExpectErr && err != nil { + return + } + + if !test.ExpectErr && err != nil { + t.Fatalf("unexpected error: %s", err) + } + + if !got.RawEquals(test.Want) { + t.Errorf("wrong result\ngot: %#v\nwant: %#v", got, test.Want) + } + }) + } +} diff --git a/hcl2template/functions.go b/hcl2template/functions.go index 3736d12f5..4e832cf93 100644 --- a/hcl2template/functions.go +++ b/hcl2template/functions.go @@ -103,6 +103,7 @@ func Functions(basedir string) map[string]function.Function { "slice": stdlib.SliceFunc, "sort": stdlib.SortFunc, "split": stdlib.SplitFunc, + "strcontains": pkrfunction.StrContains, "strrev": stdlib.ReverseFunc, "substr": stdlib.SubstrFunc, "textdecodebase64": TextDecodeBase64Func, From 35682265c4f891220109778e38ff5e1dc8aa8e97 Mon Sep 17 00:00:00 2001 From: Martin Grogan Date: Wed, 4 Dec 2024 11:13:07 -0500 Subject: [PATCH 003/115] docs: add strcontains function doc --- .../functions/string/strcontains.mdx | 25 +++++++++++++++++++ website/data/docs-nav-data.json | 4 +++ 2 files changed, 29 insertions(+) create mode 100644 website/content/docs/templates/hcl_templates/functions/string/strcontains.mdx diff --git a/website/content/docs/templates/hcl_templates/functions/string/strcontains.mdx b/website/content/docs/templates/hcl_templates/functions/string/strcontains.mdx new file mode 100644 index 000000000..ea3389c37 --- /dev/null +++ b/website/content/docs/templates/hcl_templates/functions/string/strcontains.mdx @@ -0,0 +1,25 @@ +--- +page_title: strcontains - Functions - Configuration Language +description: |- + The strcontains function checks whether a given string can be found within another string. +--- + +# `strcontains` Function + +`strcontains` function checks whether a substring is within another string. + +```hcl +strcontains(string, substr) +``` + +## Examples + +``` +> strcontains("hello world", "wor") +true +``` + +``` +> strcontains("hello world", "wod") +false +``` diff --git a/website/data/docs-nav-data.json b/website/data/docs-nav-data.json index 0a7242a98..24c55feb6 100644 --- a/website/data/docs-nav-data.json +++ b/website/data/docs-nav-data.json @@ -285,6 +285,10 @@ "title": "split", "path": "templates/hcl_templates/functions/string/split" }, + { + "title": "strcontains", + "path": "templates/hcl_templates/functions/string/strcontains" + }, { "title": "strrev", "path": "templates/hcl_templates/functions/string/strrev" From 618a48b0292732d5777cc6def193cb62875fffa9 Mon Sep 17 00:00:00 2001 From: Judith Malnick Date: Fri, 6 Dec 2024 15:28:15 -0800 Subject: [PATCH 004/115] add ipl education and web presence ability to merge PRs to relavent website files --- CODEOWNERS | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CODEOWNERS b/CODEOWNERS index b92152c73..04e4c0275 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -2,3 +2,11 @@ # release configuration +# web presence + +/website/ @hashicorp/web-presence @hashicorp/packer + +# education + +/website/content/ @hashicorp/team-docs-packer-and-terraform @hashicorp/web-presence @hashicorp/packer +/website/public/ @hashicorp/team-docs-packer-and-terraform @hashicorp/web-presence @hashicorp/packer \ No newline at end of file From 5fa87f148cf8ffd3c396e3c8586fd87a45557320 Mon Sep 17 00:00:00 2001 From: Judith Malnick Date: Mon, 9 Dec 2024 11:20:51 -0800 Subject: [PATCH 005/115] let education also edit the docs side navigation --- CODEOWNERS | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index 04e4c0275..c52d5754e 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -2,11 +2,6 @@ # release configuration -# web presence +# web presence and education -/website/ @hashicorp/web-presence @hashicorp/packer - -# education - -/website/content/ @hashicorp/team-docs-packer-and-terraform @hashicorp/web-presence @hashicorp/packer -/website/public/ @hashicorp/team-docs-packer-and-terraform @hashicorp/web-presence @hashicorp/packer \ No newline at end of file +/website/ @hashicorp/team-docs-packer-and-terraform @hashicorp/web-presence @hashicorp/packer \ No newline at end of file From ac899c44c2652403810a08e75674691aa1a5c211 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Tue, 19 Nov 2024 17:02:08 -0500 Subject: [PATCH 006/115] hcl2template: don't error on empty bucket slug When a user defines a `hcp_packer_registry` block in their `build` without a `bucket_name`, but they define it in their environment, Packer should not report the bucket_name being wrong. --- .../testdata/hcp_par/empty_bucket.pkr.hcl | 11 +++++ .../types.build.hcp_packer_registry.go | 7 +++- .../types.build.hcp_packer_registry_test.go | 41 +++++++++++++++++++ 3 files changed, 58 insertions(+), 1 deletion(-) create mode 100644 hcl2template/testdata/hcp_par/empty_bucket.pkr.hcl diff --git a/hcl2template/testdata/hcp_par/empty_bucket.pkr.hcl b/hcl2template/testdata/hcp_par/empty_bucket.pkr.hcl new file mode 100644 index 000000000..e692a39bb --- /dev/null +++ b/hcl2template/testdata/hcp_par/empty_bucket.pkr.hcl @@ -0,0 +1,11 @@ +source "null" "test" { + communicator = "none" +} + +build { + name = "bucket-slug" + hcp_packer_registry { + } + + sources = ["null.test"] +} diff --git a/hcl2template/types.build.hcp_packer_registry.go b/hcl2template/types.build.hcp_packer_registry.go index ba8935b5d..640359aa1 100644 --- a/hcl2template/types.build.hcp_packer_registry.go +++ b/hcl2template/types.build.hcp_packer_registry.go @@ -54,7 +54,12 @@ func (p *Parser) decodeHCPRegistry(block *hcl.Block, cfg *PackerConfig) (*HCPPac return nil, diags } - if !bucketNameRegexp.MatchString(b.Slug) { + // No need to check the bucket name here if it's empty, since it can + // be set through the `HCP_PACKER_BUCKET_NAME` environment var. + // + // If both are unset, creating the build on HCP Packer will fail, and + // so will the packer build command. + if b.Slug != "" && !bucketNameRegexp.MatchString(b.Slug) { diags = diags.Append(&hcl.Diagnostic{ Severity: hcl.DiagError, Summary: fmt.Sprintf("%s.bucket_name can only contain between 3 and 36 ASCII letters, numbers and hyphens", buildHCPPackerRegistryLabel), diff --git a/hcl2template/types.build.hcp_packer_registry_test.go b/hcl2template/types.build.hcp_packer_registry_test.go index b43566d3e..54103f7cb 100644 --- a/hcl2template/types.build.hcp_packer_registry_test.go +++ b/hcl2template/types.build.hcp_packer_registry_test.go @@ -20,6 +20,47 @@ func Test_ParseHCPPackerRegistryBlock(t *testing.T) { defaultParser := getBasicParser() tests := []parseTest{ + {"bucket_name left empty", + defaultParser, + parseTestArgs{"testdata/hcp_par/empty_bucket.pkr.hcl", nil, nil}, + &PackerConfig{ + CorePackerVersionString: lockedVersion, + Basedir: filepath.Join("testdata", "hcp_par"), + Sources: map[SourceRef]SourceBlock{ + refNull: { + Type: "null", + Name: "test", + block: &hcl.Block{ + Type: "source", + }, + }, + }, + Builds: Builds{ + { + Name: "bucket-slug", + HCPPackerRegistry: &HCPPackerRegistryBlock{Slug: ""}, + Sources: []SourceUseBlock{ + { + SourceRef: refNull, + }, + }, + }, + }, + }, + false, false, + []packersdk.Build{ + &packer.CoreBuild{ + BuildName: "bucket-slug", + Type: "null.test", + Builder: &null.Builder{}, + Provisioners: []packer.CoreBuildProvisioner{}, + PostProcessors: [][]packer.CoreBuildPostProcessor{}, + Prepared: true, + BuilderType: "null", + }, + }, + false, + }, {"bucket_name as variable", defaultParser, parseTestArgs{"testdata/hcp_par/variable-for-bucket_name.pkr.hcl", nil, nil}, From 44a94911da8a462f5055db9accff0ee8b0783c50 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Tue, 1 Oct 2024 10:55:32 -0400 Subject: [PATCH 007/115] packer_test: add FileExists checker Some tests will create files and directories as part of the execution path for Packer, and we need a way to check this, so this commit adds a new file gadget to do those checks after a command executes. --- packer_test/common/check/file_gadgets.go | 35 ++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 packer_test/common/check/file_gadgets.go diff --git a/packer_test/common/check/file_gadgets.go b/packer_test/common/check/file_gadgets.go new file mode 100644 index 000000000..cb15f94e0 --- /dev/null +++ b/packer_test/common/check/file_gadgets.go @@ -0,0 +1,35 @@ +package check + +import ( + "fmt" + "os" +) + +type fileExists struct { + filepath string + isDir bool +} + +func (fe fileExists) Check(_, _ string, _ error) error { + st, err := os.Stat(fe.filepath) + if err != nil { + return fmt.Errorf("failed to stat %q: %s", fe.filepath, err) + } + + if st.IsDir() && !fe.isDir { + return fmt.Errorf("file %q is a directory, wasn't supposed to be", fe.filepath) + } + + if !st.IsDir() && fe.isDir { + return fmt.Errorf("file %q is not a directory, was supposed to be", fe.filepath) + } + + return nil +} + +func FileExists(filePath string, isDir bool) Checker { + return fileExists{ + filepath: filePath, + isDir: isDir, + } +} From 11c238b9eb2f6f36777ce9ad01d1ff76e108d394 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Mon, 16 Dec 2024 11:53:14 -0500 Subject: [PATCH 008/115] packer_test: add FileGlob checker When trying to validate that a particular file exists after a run of Packer in a test suite, we can use the FileExists checker that we provide as part of the gadgets we added for the acceptance test suites. This approach works well, but only if we can extract a file name reliably from the output of Packer core, or if we know what to look for exactly beforehand. For other cases with a generated name however, the FileExists checker is not enough, and therefore to accomodate for those cases, we are introducing a new checker for this purpose: FileGlob. FileGlob, as its name suggests, runs a glob expression on the filesystem, and returns an error if no match was found regarding this glob expression. --- packer_test/common/check/file_gadgets.go | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/packer_test/common/check/file_gadgets.go b/packer_test/common/check/file_gadgets.go index cb15f94e0..83d507c4e 100644 --- a/packer_test/common/check/file_gadgets.go +++ b/packer_test/common/check/file_gadgets.go @@ -3,6 +3,7 @@ package check import ( "fmt" "os" + "path/filepath" ) type fileExists struct { @@ -33,3 +34,26 @@ func FileExists(filePath string, isDir bool) Checker { isDir: isDir, } } + +type fileGlob struct { + filepath string +} + +func (fe fileGlob) Check(_, _ string, _ error) error { + matches, err := filepath.Glob(fe.filepath) + if err != nil { + return fmt.Errorf("error evaluating file glob pattern %q: %v", fe.filepath, err) + } + + if len(matches) == 0 { + return fmt.Errorf("no matches found for file glob pattern %q", fe.filepath) + } + + return nil +} + +func FileGlob(filename string) Checker { + return fileGlob{ + filepath: filename, + } +} From b6b0a081ad366813e909e32d904da6fed016ee11 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Mon, 5 Aug 2024 17:33:00 -0400 Subject: [PATCH 009/115] packer_test: add build customisation capabilities When building a plugin, we may want some customisation capabilities beyond changing the version/pre-release/metadata, and instead run commands or change files on the filesystem. To do so, we introduce functions under the BuildCustomisation type, which have two responsabilities: changing the current state of the plugin's directory, and cleaning up afterwards. These customisations are passed as parameters to the BuildSimplePlugin function, and are called one-by-one, deferring their cleanup after the build process is finished. A first implementation of such a customisation is added with this commit, in order to change the version of a module that the plugin depends on, which we'll use to change the version of the plugin SDK in order to test how Packer behaves with different versions of the SDK for a single plugin. --- packer_test/common/plugin.go | 63 +++++++++++++++++++++++++++++++++++- 1 file changed, 62 insertions(+), 1 deletion(-) diff --git a/packer_test/common/plugin.go b/packer_test/common/plugin.go index 2e0a3b5be..90d29647a 100644 --- a/packer_test/common/plugin.go +++ b/packer_test/common/plugin.go @@ -62,6 +62,59 @@ func ExpectedInstalledName(versionStr string) string { runtime.GOOS, runtime.GOARCH, ext) } +// BuildCustomisation is a function that allows you to change things on a plugin's +// local files, with a way to rollback those changes after the fact. +// +// The function is meant to take a path parameter to the directory for the plugin, +// and returns a function that unravels those changes once the build process is done. +type BuildCustomisation func(string) (error, func()) + +const SDKModule = "github.com/hashicorp/packer-plugin-sdk" + +// UseDependency invokes go get and go mod tidy to update a package required +// by the plugin, and use it to build the plugin with that change. +func UseDependency(remoteModule, ref string) BuildCustomisation { + return func(path string) (error, func()) { + modPath := filepath.Join(path, "go.mod") + + stat, err := os.Stat(modPath) + if err != nil { + return fmt.Errorf("cannot stat mod file %q: %s", modPath, err), nil + } + + // Save old go.mod file from dir + oldGoMod, err := os.ReadFile(modPath) + if err != nil { + return fmt.Errorf("failed to read current mod file %q: %s", modPath, err), nil + } + + modSpec := fmt.Sprintf("%s@%s", remoteModule, ref) + cmd := exec.Command("go", "get", modSpec) + cmd.Dir = path + err = cmd.Run() + if err != nil { + return fmt.Errorf("failed to run go get %s: %s", modSpec, err), nil + } + + cmd = exec.Command("go", "mod", "tidy") + cmd.Dir = path + err = cmd.Run() + if err != nil { + return fmt.Errorf("failed to run go mod tidy: %s", err), nil + } + + return nil, func() { + err = os.WriteFile(modPath, oldGoMod, stat.Mode()) + if err != nil { + fmt.Fprintf(os.Stderr, "failed to reset modfile %q: %s; manual cleanup may be needed", modPath, err) + } + cmd := exec.Command("go", "mod", "tidy") + cmd.Dir = path + _ = cmd.Run() + } + } +} + // GetPluginPath gets the path for a pre-compiled plugin in the current test suite. // // The version only is needed, as the path to a compiled version of the tester @@ -93,7 +146,7 @@ func (ts *PackerTestSuite) GetPluginPath(t *testing.T, version string) string { // Note: each tester plugin may only be compiled once for a specific version in // a test suite. The version may include core (mandatory), pre-release and // metadata. Unlike Packer core, metadata does matter for the version being built. -func (ts *PackerTestSuite) CompilePlugin(t *testing.T, versionString string) { +func (ts *PackerTestSuite) CompilePlugin(t *testing.T, versionString string, customisations ...BuildCustomisation) { // Fail to build plugin if already built. // // Especially with customisations being a thing, relying on cache to get and @@ -114,6 +167,14 @@ func (ts *PackerTestSuite) CompilePlugin(t *testing.T, versionString string) { } testerPluginDir := filepath.Join(testDir, "plugin_tester") + for _, custom := range customisations { + err, cleanup := custom(testerPluginDir) + if err != nil { + t.Fatalf("failed to prepare plugin workdir: %s", err) + } + defer cleanup() + } + outBin := filepath.Join(ts.pluginsDirectory, BinaryName(v)) compileCommand := exec.Command("go", "build", "-C", testerPluginDir, "-o", outBin, "-ldflags", LDFlags(v), ".") From 5ff0f146c6aebfe6cecb856a76101a94a7629bcd Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Fri, 13 Sep 2024 10:06:08 -0400 Subject: [PATCH 010/115] packer_test: introduce global compilation queue Compiling plugins was originally intended to be an idempotent operation. This however starts to change as we introduce build customisations, which have the unfortunate side-effect of changing the state of the plugin directory, leading to conflicts between concurrent compilation jobs. Therefore to mitigate this problem, this commit changes how compilation jobs are processed, by introducing a global compilation queue, and processing plugins' compilation one-by-one from this queue. This however makes such requests asynchronous, so test suites that require plugins to be compiled will now have to wait on their completion before they can start their tests. To this effect, we introduce one more convenience function that processes those errors, and automatically fails the test should one compilation job fail for any reason. --- packer_test/common/plugin.go | 99 +++++++++++++++++++++++++++++++++--- packer_test/common/suite.go | 16 ++---- 2 files changed, 96 insertions(+), 19 deletions(-) diff --git a/packer_test/common/plugin.go b/packer_test/common/plugin.go index 90d29647a..c8adc77ae 100644 --- a/packer_test/common/plugin.go +++ b/packer_test/common/plugin.go @@ -2,6 +2,7 @@ package common import ( "fmt" + "log" "os" "os/exec" "path/filepath" @@ -130,6 +131,49 @@ func (ts *PackerTestSuite) GetPluginPath(t *testing.T, version string) string { return path.(string) } +type CompilationResult struct { + Error error + Version string +} + +// Ready processes a series of CompilationResults, as returned by CompilePlugin +// +// If any of the jobs requested failed, the test will fail also. +func Ready(t *testing.T, results []chan CompilationResult) { + for _, res := range results { + jobErr := <-res + empty := CompilationResult{} + if jobErr != empty { + t.Errorf("failed to compile plugin at version %s: %s", jobErr.Version, jobErr.Error) + } + } + + if t.Failed() { + t.Fatalf("some plugins failed to be compiled, see logs for more info") + } +} + +type compilationJob struct { + versionString string + suite *PackerTestSuite + done bool + resultCh chan CompilationResult + customisations []BuildCustomisation +} + +// CompilationJobs keeps a queue of compilation jobs for plugins +// +// This approach allows us to avoid conflicts between compilation jobs. +// Typically building the plugin with different ldflags is safe to perform +// in parallel on the same file set, however customisations tend to be more +// conflictual, as two concurrent compilation jobs may end-up compiling the +// wrong plugin, which may cause some tests to misbehave, or even compilation +// jobs to fail. +// +// The solution to this approach is to have a global queue for every plugin +// compilation to be performed safely. +var CompilationJobs = make(chan compilationJob, 10) + // CompilePlugin builds a tester plugin with the specified version. // // The plugin's code is contained in a subdirectory of this file, and lets us @@ -146,7 +190,49 @@ func (ts *PackerTestSuite) GetPluginPath(t *testing.T, version string) string { // Note: each tester plugin may only be compiled once for a specific version in // a test suite. The version may include core (mandatory), pre-release and // metadata. Unlike Packer core, metadata does matter for the version being built. -func (ts *PackerTestSuite) CompilePlugin(t *testing.T, versionString string, customisations ...BuildCustomisation) { +// +// Note: the compilation will process asynchronously, and should be waited upon +// before tests that use this plugin may proceed. Refer to the `Ready` function +// for doing that. +func (ts *PackerTestSuite) CompilePlugin(versionString string, customisations ...BuildCustomisation) chan CompilationResult { + resultCh := make(chan CompilationResult) + + CompilationJobs <- compilationJob{ + versionString: versionString, + suite: ts, + customisations: customisations, + done: false, + resultCh: resultCh, + } + + return resultCh +} + +func init() { + // Run a processor coroutine for the duration of the test. + // + // It's simpler to have this occurring on the side at all times, without + // trying to manage its lifecycle based on the current amount of queued + // tasks, since this is linked to the test lifecycle, and as it's a single + // coroutine, we can leave it run until the process exits. + go func() { + for job := range CompilationJobs { + log.Printf("compiling plugin on version %s", job.versionString) + err := compilePlugin(job.suite, job.versionString, job.customisations...) + if err != nil { + job.resultCh <- CompilationResult{ + Error: err, + Version: job.versionString, + } + } + close(job.resultCh) + } + }() +} + +// compilePlugin performs the actual compilation procedure for the plugin, and +// registers it to the test suite instance passed as a parameter. +func compilePlugin(ts *PackerTestSuite, versionString string, customisations ...BuildCustomisation) error { // Fail to build plugin if already built. // // Especially with customisations being a thing, relying on cache to get and @@ -154,23 +240,21 @@ func (ts *PackerTestSuite) CompilePlugin(t *testing.T, versionString string, cus // and therefore we cannot rely on it being called twice and producing the // same result, so we forbid it. if _, ok := ts.compiledPlugins.Load(versionString); ok { - t.Fatalf("plugin version %q was already built, use GetTestPlugin instead", versionString) + return fmt.Errorf("plugin version %q was already built, use GetTestPlugin instead", versionString) } v := version.Must(version.NewSemver(versionString)) - t.Logf("Building tester plugin in version %v", v) - testDir, err := currentDir() if err != nil { - t.Fatalf("failed to compile plugin binary: %s", err) + return fmt.Errorf("failed to compile plugin binary: %s", err) } testerPluginDir := filepath.Join(testDir, "plugin_tester") for _, custom := range customisations { err, cleanup := custom(testerPluginDir) if err != nil { - t.Fatalf("failed to prepare plugin workdir: %s", err) + return fmt.Errorf("failed to prepare plugin workdir: %s", err) } defer cleanup() } @@ -180,10 +264,11 @@ func (ts *PackerTestSuite) CompilePlugin(t *testing.T, versionString string, cus compileCommand := exec.Command("go", "build", "-C", testerPluginDir, "-o", outBin, "-ldflags", LDFlags(v), ".") logs, err := compileCommand.CombinedOutput() if err != nil { - t.Fatalf("failed to compile plugin binary: %s\ncompiler logs: %s", err, logs) + return fmt.Errorf("failed to compile plugin binary: %s\ncompiler logs: %s", err, logs) } ts.compiledPlugins.Store(v.String(), outBin) + return nil } type PluginDirSpec struct { diff --git a/packer_test/common/suite.go b/packer_test/common/suite.go index 5c7477ce3..dad9766e2 100644 --- a/packer_test/common/suite.go +++ b/packer_test/common/suite.go @@ -30,22 +30,14 @@ type PackerTestSuite struct { compiledPlugins sync.Map } -func (ts *PackerTestSuite) buildPluginVersion(waitgroup *sync.WaitGroup, versionString string, t *testing.T) { - waitgroup.Add(1) - go func() { - defer waitgroup.Done() - ts.CompilePlugin(t, versionString) - }() -} - +// CompileTestPluginVersions batch compiles a series of plugins func (ts *PackerTestSuite) CompileTestPluginVersions(t *testing.T, versions ...string) { - wg := &sync.WaitGroup{} - + results := []chan CompilationResult{} for _, ver := range versions { - ts.buildPluginVersion(wg, ver, t) + results = append(results, ts.CompilePlugin(ver)) } - wg.Wait() + Ready(t, results) } // SkipNoAcc is a pre-condition that skips the test if the PACKER_ACC environment From cd009b0f3bfc3c89018ab15d79b401d5faa342be Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Tue, 17 Dec 2024 11:35:04 -0500 Subject: [PATCH 011/115] go.mod: bump x/crypto to v0.31.0 The crypto experimental module that the SDK depends on was detected vulnerable on v0.23.0 to an authentication bypass attack through the ServerConfig for SSH. This is only used for locally proxying SSH communications, typically for use with Ansible to provide an SSH server with which to interact, in order to provision an instance of an OS that uses a communicator other than SSH, therefore the vulnerability does not necessarily impact us. However, in order to resolve the automatic report of that vulnerability, we bump the crypto module's version to 0.31.0, where that problem was addressed. --- go.mod | 14 +++++++------- go.sum | 28 ++++++++++++++-------------- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/go.mod b/go.mod index 85c93cff2..0d549143b 100644 --- a/go.mod +++ b/go.mod @@ -44,15 +44,15 @@ require ( github.com/ulikunitz/xz v0.5.10 github.com/zclconf/go-cty v1.13.3 github.com/zclconf/go-cty-yaml v1.0.1 - golang.org/x/crypto v0.23.0 // indirect - golang.org/x/mod v0.13.0 + golang.org/x/crypto v0.31.0 // indirect + golang.org/x/mod v0.17.0 golang.org/x/net v0.25.0 golang.org/x/oauth2 v0.15.0 - golang.org/x/sync v0.5.0 - golang.org/x/sys v0.20.0 // indirect - golang.org/x/term v0.20.0 // indirect - golang.org/x/text v0.15.0 - golang.org/x/tools v0.14.0 + golang.org/x/sync v0.10.0 + golang.org/x/sys v0.28.0 // indirect + golang.org/x/term v0.27.0 // indirect + golang.org/x/text v0.21.0 + golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d google.golang.org/api v0.150.0 // indirect google.golang.org/grpc v1.59.0 ) diff --git a/go.sum b/go.sum index 3d3d78c2f..ccc54480e 100644 --- a/go.sum +++ b/go.sum @@ -571,8 +571,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= -golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI= -golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= +golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= +golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= @@ -587,8 +587,8 @@ golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCc golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= -golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -622,8 +622,8 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= -golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= +golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -663,15 +663,15 @@ golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= -golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= +golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= -golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= +golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= +golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -681,8 +681,8 @@ golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= -golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= +golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -695,8 +695,8 @@ golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= -golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk= From b6141fd532e61fdf16661d98fcdff0605a368985 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Tue, 17 Dec 2024 14:59:59 -0500 Subject: [PATCH 012/115] command: copy AWS plugin structures for upgrade The hcl2_upgrade command transforms a JSON template into an HCL2 template for use with Packer. The command is quite fragile already, but given that this is the last remaining fragment that causes Packer to depend on the AWS SDK directly, we can do away with it. This commit therefore imports the definitions for AWS access config, so we can extract this information from the JSON template, and include it in the definition of the output source for AWS, since we manage this one differently from other sources. This allows us to not depend on the AWS plugin directly, which in turn makes Packer not need to link with the AWS plugin when compiling the executable. We are still depending on the AWS SDK for now since the SDK exposes a aws_secretsmanager function that can be used for interpolation (legacy JSON interpolation to be clear), so this cannot be removed from now, but we should consider some form of remediation in the future. --- command/hcl2_upgrade.go | 45 +++++++++++++++++++++++++++++++++++++++-- go.mod | 2 -- go.sum | 8 -------- 3 files changed, 43 insertions(+), 12 deletions(-) diff --git a/command/hcl2_upgrade.go b/command/hcl2_upgrade.go index 56edf175d..6bbd7928c 100644 --- a/command/hcl2_upgrade.go +++ b/command/hcl2_upgrade.go @@ -20,7 +20,6 @@ import ( "github.com/hashicorp/go-multierror" "github.com/hashicorp/hcl/v2/hclwrite" - awscommon "github.com/hashicorp/packer-plugin-amazon/builder/common" hcl2shim "github.com/hashicorp/packer-plugin-sdk/hcl2helper" "github.com/hashicorp/packer-plugin-sdk/template" "github.com/hashicorp/packer/packer" @@ -1170,10 +1169,52 @@ func (p *AmazonAmiDatasourceParser) Parse(_ *template.Template) error { return nil } +type AssumeRoleConfig struct { + AssumeRoleARN string `mapstructure:"role_arn" required:"false"` + AssumeRoleDurationSeconds int `mapstructure:"duration_seconds" required:"false"` + AssumeRoleExternalID string `mapstructure:"external_id" required:"false"` + AssumeRolePolicy string `mapstructure:"policy" required:"false"` + AssumeRolePolicyARNs []string `mapstructure:"policy_arns" required:"false"` + AssumeRoleSessionName string `mapstructure:"session_name" required:"false"` + AssumeRoleTags map[string]string `mapstructure:"tags" required:"false"` + AssumeRoleTransitiveTagKeys []string `mapstructure:"transitive_tag_keys" required:"false"` +} + +type VaultAWSEngineOptions struct { + Name string `mapstructure:"name"` + RoleARN string `mapstructure:"role_arn"` + TTL string `mapstructure:"ttl" required:"false"` + EngineName string `mapstructure:"engine_name"` +} + +type AWSPollingConfig struct { + MaxAttempts int `mapstructure:"max_attempts" required:"false"` + DelaySeconds int `mapstructure:"delay_seconds" required:"false"` +} + +type AwsAccessConfig struct { + AccessKey string `mapstructure:"access_key" required:"true"` + AssumeRole AssumeRoleConfig `mapstructure:"assume_role" required:"false"` + CustomEndpointEc2 string `mapstructure:"custom_endpoint_ec2" required:"false"` + CredsFilename string `mapstructure:"shared_credentials_file" required:"false"` + DecodeAuthZMessages bool `mapstructure:"decode_authorization_messages" required:"false"` + InsecureSkipTLSVerify bool `mapstructure:"insecure_skip_tls_verify" required:"false"` + MaxRetries int `mapstructure:"max_retries" required:"false"` + MFACode string `mapstructure:"mfa_code" required:"false"` + ProfileName string `mapstructure:"profile" required:"false"` + RawRegion string `mapstructure:"region" required:"true"` + SecretKey string `mapstructure:"secret_key" required:"true"` + SkipMetadataApiCheck bool `mapstructure:"skip_metadata_api_check"` + SkipCredsValidation bool `mapstructure:"skip_credential_validation"` + Token string `mapstructure:"token" required:"false"` + VaultAWSEngine VaultAWSEngineOptions `mapstructure:"vault_aws_engine" required:"false"` + PollingConfig *AWSPollingConfig `mapstructure:"aws_polling" required:"false"` +} + func copyAWSAccessConfig(sourceAmi map[string]interface{}, builder map[string]interface{}) (map[string]interface{}, error) { // Transform access config to a map accessConfigMap := map[string]interface{}{} - if err := mapstructure.Decode(awscommon.AccessConfig{}, &accessConfigMap); err != nil { + if err := mapstructure.Decode(AwsAccessConfig{}, &accessConfigMap); err != nil { return sourceAmi, err } diff --git a/go.mod b/go.mod index 0d549143b..c888a7532 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,6 @@ require ( github.com/hashicorp/go-version v1.6.0 github.com/hashicorp/hcl/v2 v2.19.1 github.com/hashicorp/hcp-sdk-go v0.112.0 - github.com/hashicorp/packer-plugin-amazon v1.2.1 github.com/hashicorp/packer-plugin-sdk v0.5.4 github.com/jehiah/go-strftime v0.0.0-20171201141054-1d33003b3869 github.com/klauspost/compress v1.13.6 // indirect @@ -116,7 +115,6 @@ require ( github.com/google/uuid v1.4.0 // indirect github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect github.com/googleapis/gax-go/v2 v2.12.0 // indirect - github.com/hashicorp/aws-sdk-go-base v0.7.1 // indirect github.com/hashicorp/consul/api v1.25.1 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect diff --git a/go.sum b/go.sum index ccc54480e..a92f04890 100644 --- a/go.sum +++ b/go.sum @@ -63,7 +63,6 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= -github.com/aws/aws-sdk-go v1.31.9/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= github.com/aws/aws-sdk-go v1.44.114 h1:plIkWc/RsHr3DXBj4MEw9sEW4CcL/e2ryokc+CKyq1I= github.com/aws/aws-sdk-go v1.44.114/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -168,7 +167,6 @@ github.com/go-openapi/swag v0.22.5 h1:fVS63IE3M0lsuWRzuom3RLwUMVI2peDH01s6M70ugy github.com/go-openapi/swag v0.22.5/go.mod h1:Gl91UqO+btAM0plGGxHqJcQZ1ZTy6jbmridBTsDy8A0= github.com/go-openapi/validate v0.22.4 h1:5v3jmMyIPKTR8Lv9syBAIRxG6lY0RqeBPB1LKEijzk8= github.com/go-openapi/validate v0.22.4/go.mod h1:qm6O8ZIcPVdSY5219468Jv7kBdGvkiZLPOmqnqTUZ2A= -github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= @@ -234,8 +232,6 @@ github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56 github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= github.com/hako/durafmt v0.0.0-20200710122514-c0fb7b4da026 h1:BpJ2o0OR5FV7vrkDYfXYVJQeMNWa8RhklZOpW2ITAIQ= github.com/hako/durafmt v0.0.0-20200710122514-c0fb7b4da026/go.mod h1:5Scbynm8dF1XAPwIwkGPqzkM/shndPm79Jd1003hTjE= -github.com/hashicorp/aws-sdk-go-base v0.7.1 h1:7s/aR3hFn74tYPVihzDyZe7y/+BorN70rr9ZvpV3j3o= -github.com/hashicorp/aws-sdk-go-base v0.7.1/go.mod h1:2fRjWDv3jJBeN6mVWFHV6hFTNeFBx2gpDLQaZNxUVAY= github.com/hashicorp/consul/api v1.25.1 h1:CqrdhYzc8XZuPnhIYZWH45toM0LB9ZeYr/gvpLVI3PE= github.com/hashicorp/consul/api v1.25.1/go.mod h1:iiLVwR/htV7mas/sy0O+XSuEnrdBUUydemjxcUrAt4g= github.com/hashicorp/consul/sdk v0.14.1 h1:ZiwE2bKb+zro68sWzZ1SgHF3kRMBZ94TwOCFRF4ylPs= @@ -303,8 +299,6 @@ github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO github.com/hashicorp/mdns v1.0.4/go.mod h1:mtBihi+LeNXGtG8L9dX59gAEa12BDtBQSp4v/YAJqrc= github.com/hashicorp/memberlist v0.5.0 h1:EtYPN8DpAURiapus508I4n9CzHs2W+8NZGbmmR/prTM= github.com/hashicorp/memberlist v0.5.0/go.mod h1:yvyXLpo0QaGE59Y7hDTsTzDD25JYBZ4mHgHUZ8lrOI0= -github.com/hashicorp/packer-plugin-amazon v1.2.1 h1:0Xqr8KsTJJhIo0vvjqPYrVMgyVxNRuYH4DeB5m/WAtw= -github.com/hashicorp/packer-plugin-amazon v1.2.1/go.mod h1:qlp0h5TWVGgcPzN9mSxPiEAwOUOW3XU/zep0pGd0ZsM= github.com/hashicorp/packer-plugin-sdk v0.5.4 h1:5Bl5DMEa//G4gBNcl842JopM9L4KSSsxpvB4W1lEwIA= github.com/hashicorp/packer-plugin-sdk v0.5.4/go.mod h1:ALm0ZIK3c/F4iOqPNi7xVuHTgrR5dxzOK+DhFN5DHj4= github.com/hashicorp/serf v0.10.1 h1:Z1H2J60yRKvfDYAOZLd2MU0ND4AH/WDz7xYHDWQsIPY= @@ -323,7 +317,6 @@ github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOl github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= github.com/jehiah/go-strftime v0.0.0-20171201141054-1d33003b3869 h1:IPJ3dvxmJ4uczJe5YQdrYB16oTJlGSC/OyZDqUk9xX4= github.com/jehiah/go-strftime v0.0.0-20171201141054-1d33003b3869/go.mod h1:cJ6Cj7dQo+O6GJNiMx+Pa94qKj+TG8ONdKHgMNIyyag= -github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= @@ -599,7 +592,6 @@ golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy7fQ90B1CfIiPueXVOjqfkSzI8= From 5940ab6d64baa9333dd1d6f94a11005afee8728d Mon Sep 17 00:00:00 2001 From: Martin Grogan Date: Thu, 19 Dec 2024 21:12:49 -0500 Subject: [PATCH 013/115] docs: put hcl2 example in first tab --- website/content/docs/builders/file.mdx | 22 +-- website/content/docs/builders/null.mdx | 24 +-- .../content/docs/post-processors/checksum.mdx | 20 +-- .../content/docs/post-processors/manifest.mdx | 84 +++++----- .../content/docs/provisioners/breakpoint.mdx | 48 +++--- website/content/docs/provisioners/file.mdx | 20 +-- .../packer-on-cicd/pipelineing-builds.mdx | 158 +++++++++--------- 7 files changed, 188 insertions(+), 188 deletions(-) diff --git a/website/content/docs/builders/file.mdx b/website/content/docs/builders/file.mdx index 55f73d9b6..0fa02283c 100644 --- a/website/content/docs/builders/file.mdx +++ b/website/content/docs/builders/file.mdx @@ -25,17 +25,6 @@ Below is a fully functioning example. It create a file at `target` with the specified `content`. - - -```json -{ - "type": "file", - "content": "Lorem ipsum dolor sit amet", - "target": "dummy_artifact" -} -``` - - ```hcl @@ -49,6 +38,17 @@ build { } ``` + + + +```json +{ + "type": "file", + "content": "Lorem ipsum dolor sit amet", + "target": "dummy_artifact" +} +``` + diff --git a/website/content/docs/builders/null.mdx b/website/content/docs/builders/null.mdx index 2098fec67..9a0f1542d 100644 --- a/website/content/docs/builders/null.mdx +++ b/website/content/docs/builders/null.mdx @@ -26,18 +26,6 @@ Below is a fully functioning example. It doesn't do anything useful, since no provisioners are defined, but it will connect to the specified host via ssh. - - -```json -{ - "type": "null", - "ssh_host": "127.0.0.1", - "ssh_username": "foo", - "ssh_password": "bar" -} -``` - - ```hcl @@ -52,6 +40,18 @@ build { } ``` + + + +```json +{ + "type": "null", + "ssh_host": "127.0.0.1", + "ssh_username": "foo", + "ssh_password": "bar" +} +``` + diff --git a/website/content/docs/post-processors/checksum.mdx b/website/content/docs/post-processors/checksum.mdx index 0f8056c64..b6db82253 100644 --- a/website/content/docs/post-processors/checksum.mdx +++ b/website/content/docs/post-processors/checksum.mdx @@ -33,6 +33,16 @@ a third-party post-processor. ## Basic example + + +```hcl +post-processor "checksum" { + checksum_types = ["sha1", "sha256"] + output = "packer_{{.BuildName}}_{{.ChecksumType}}.checksum" +} +``` + + ```json @@ -43,16 +53,6 @@ a third-party post-processor. } ``` - - - -```hcl -post-processor "checksum" { - checksum_types = ["sha1", "sha256"] - output = "packer_{{.BuildName}}_{{.ChecksumType}}.checksum" -} -``` - diff --git a/website/content/docs/post-processors/manifest.mdx b/website/content/docs/post-processors/manifest.mdx index 839c940cb..77a2c8838 100644 --- a/website/content/docs/post-processors/manifest.mdx +++ b/website/content/docs/post-processors/manifest.mdx @@ -48,6 +48,13 @@ is not a behavior anyone should ever expect. The minimal way to use the manifest post-processor is by just writing its definition, like: + + +```hcl +post-processor "manifest" {} +``` + + ```json @@ -61,18 +68,24 @@ The minimal way to use the manifest post-processor is by just writing its defini ``` + + +A more complete example: + + ```hcl -post-processor "manifest" {} +post-processor "manifest" { + output = "manifest.json" + strip_path = true + custom_data = { + my_custom_data = "example" + } +} ``` - - -A more complete example: - - ```json @@ -90,19 +103,6 @@ A more complete example: } ``` - - - -```hcl -post-processor "manifest" { - output = "manifest.json" - strip_path = true - custom_data = { - my_custom_data = "example" - } -} -``` - @@ -139,6 +139,29 @@ artifacts from the manifest by using `packer_run_uuid`. The above manifest was generated with the following template: + + +```hcl +source "docker" "docker"{ + image = "ubuntu:latest" + export_path = "packer_example" + run_command = ["-d", "-i", "-t", "--entrypoint=/bin/bash", "{{.Image}}"] +} + +build { + sources = ["docker.docker"] + + post-processor "manifest" { + output = "manifest.json" + strip_path = true + custom_data = { + my_custom_data = "example" + } + } +} +``` + + ```json @@ -164,29 +187,6 @@ The above manifest was generated with the following template: } ``` - - - -```hcl -source "docker" "docker"{ - image = "ubuntu:latest" - export_path = "packer_example" - run_command = ["-d", "-i", "-t", "--entrypoint=/bin/bash", "{{.Image}}"] -} - -build { - sources = ["docker.docker"] - - post-processor "manifest" { - output = "manifest.json" - strip_path = true - custom_data = { - my_custom_data = "example" - } - } -} -``` - diff --git a/website/content/docs/provisioners/breakpoint.mdx b/website/content/docs/provisioners/breakpoint.mdx index b7585fd67..97e9ffd6b 100644 --- a/website/content/docs/provisioners/breakpoint.mdx +++ b/website/content/docs/provisioners/breakpoint.mdx @@ -27,6 +27,30 @@ and between every provisioner. ## Basic Example + + +```hcl +source "null" "example" { + communicator = "none" +} + +build { + sources = ["source.null.example"] + + provisioner "shell-local" { + inline = ["echo hi"] + } + provisioner "breakpoint" { + disable = false + note = "this is a breakpoint" + } + provisioner "shell-local" { + inline = ["echo hi 2"] + } +} +``` + + ```json @@ -55,30 +79,6 @@ and between every provisioner. } ``` - - - -```hcl -source "null" "example" { - communicator = "none" -} - -build { - sources = ["source.null.example"] - - provisioner "shell-local" { - inline = ["echo hi"] - } - provisioner "breakpoint" { - disable = false - note = "this is a breakpoint" - } - provisioner "shell-local" { - inline = ["echo hi 2"] - } -} -``` - diff --git a/website/content/docs/provisioners/file.mdx b/website/content/docs/provisioners/file.mdx index e123be997..08e2f36fd 100644 --- a/website/content/docs/provisioners/file.mdx +++ b/website/content/docs/provisioners/file.mdx @@ -30,6 +30,16 @@ The file provisioner can upload both single files and complete directories. ## Basic Example + + +```hcl +provisioner "file" { + source = "app.tar.gz" + destination = "/tmp/app.tar.gz" +} +``` + + ```json @@ -40,16 +50,6 @@ The file provisioner can upload both single files and complete directories. } ``` - - - -```hcl -provisioner "file" { - source = "app.tar.gz" - destination = "/tmp/app.tar.gz" -} -``` - diff --git a/website/content/guides/packer-on-cicd/pipelineing-builds.mdx b/website/content/guides/packer-on-cicd/pipelineing-builds.mdx index 2a7e69210..e9605d434 100644 --- a/website/content/guides/packer-on-cicd/pipelineing-builds.mdx +++ b/website/content/guides/packer-on-cicd/pipelineing-builds.mdx @@ -28,6 +28,40 @@ this example can be applied to other builders as well. Here is an extremely basic virtualbox-iso template: + + +```hcl +source "virtualbox-iso" "step_1" { + boot_command = ["", "", "", + "/install/vmlinuz", " initrd=/install/initrd.gz", + " auto-install/enable=true", " debconf/priority=critical", + " preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ubuntu_preseed.cfg", + " -- ", ""] + disk_size = "40960" + guest_os_type = "Ubuntu_64" + http_directory = "./http" + iso_checksum = "sha256:946a6077af6f5f95a51f82fdc44051c7aa19f9cfc5f737954845a6050543d7c2" + iso_url = "http://old-releases.ubuntu.com/releases/14.04.1/ubuntu-14.04-server-amd64.iso" + shutdown_command = "echo 'vagrant' | sudo -S shutdown -P now" + ssh_password = "vagrant" + ssh_port = 22 + ssh_username = "vagrant" + vm_name = "vbox-example" +} +build { + sources = ["source.virtualbox-iso.step_1"] + + + provisioner "shell" { + inline = ["echo initial provisioning"] + } + post-processor "manifest" { + output = "stage-1-manifest.json" + } +} +``` + + ```json @@ -77,40 +111,6 @@ Here is an extremely basic virtualbox-iso template: } ``` - - - -```hcl -source "virtualbox-iso" "step_1" { - boot_command = ["", "", "", - "/install/vmlinuz", " initrd=/install/initrd.gz", - " auto-install/enable=true", " debconf/priority=critical", - " preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ubuntu_preseed.cfg", - " -- ", ""] - disk_size = "40960" - guest_os_type = "Ubuntu_64" - http_directory = "./http" - iso_checksum = "sha256:946a6077af6f5f95a51f82fdc44051c7aa19f9cfc5f737954845a6050543d7c2" - iso_url = "http://old-releases.ubuntu.com/releases/14.04.1/ubuntu-14.04-server-amd64.iso" - shutdown_command = "echo 'vagrant' | sudo -S shutdown -P now" - ssh_password = "vagrant" - ssh_port = 22 - ssh_username = "vagrant" - vm_name = "vbox-example" -} -build { - sources = ["source.virtualbox-iso.step_1"] - - - provisioner "shell" { - inline = ["echo initial provisioning"] - } - post-processor "manifest" { - output = "stage-1-manifest.json" - } -} -``` - @@ -138,6 +138,29 @@ That output filename generated in the first stage can be used as the for the virtualbox-ovf builder. + + +```hcl +source "virtualbox-ovf" "step_2" { + shutdown_command = "echo 'vagrant' | sudo -S shutdown -P now" + source_path = "output-virtualbox-iso/vbox-example.ovf" + ssh_password = "vagrant" + ssh_port = 22 + ssh_username = "vagrant" + vm_name = "virtualbox-example-ovf" +} + +build { + sources = ["source.virtualbox-ovf.step_2"] + + provisioner "shell" { + inline = ["echo secondary provisioning"] + } +} + +``` + + ```json @@ -164,29 +187,6 @@ for the virtualbox-ovf builder. } ``` - - - -```hcl -source "virtualbox-ovf" "step_2" { - shutdown_command = "echo 'vagrant' | sudo -S shutdown -P now" - source_path = "output-virtualbox-iso/vbox-example.ovf" - ssh_password = "vagrant" - ssh_port = 22 - ssh_username = "vagrant" - vm_name = "virtualbox-example-ovf" -} - -build { - sources = ["source.virtualbox-ovf.step_2"] - - provisioner "shell" { - inline = ["echo secondary provisioning"] - } -} - -``` - @@ -203,6 +203,28 @@ being used with a null builder, and manually sets the artifact from our stage-2 ovf build: + + +```hcl +source "null" "step_3" { + communicator = "none" +} + +build { + sources = ["source.null.step_3"] + + post-processors { + post-processor "artifice" { + files = ["output-virtualbox-ovf/virtualbox-example-ovf.ovf", "output-virtualbox-ovf/virtualbox-example-ovf-disk001.vmdk"] + } + post-processor "vagrant" { + provider_override = "virtualbox" + } + } +} +``` + + ```json @@ -231,28 +253,6 @@ stage-2 ovf build: } ``` - - - -```hcl -source "null" "step_3" { - communicator = "none" -} - -build { - sources = ["source.null.step_3"] - - post-processors { - post-processor "artifice" { - files = ["output-virtualbox-ovf/virtualbox-example-ovf.ovf", "output-virtualbox-ovf/virtualbox-example-ovf-disk001.vmdk"] - } - post-processor "vagrant" { - provider_override = "virtualbox" - } - } -} -``` - From 38f081c9ed669081aacdefce58f82d8812d4da81 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 17 Dec 2024 19:08:29 +0000 Subject: [PATCH 014/115] build(deps): bump golang.org/x/crypto Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.21.0 to 0.31.0. - [Commits](https://github.com/golang/crypto/compare/v0.21.0...v0.31.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] --- packer_test/common/plugin_tester/go.mod | 8 ++++---- packer_test/common/plugin_tester/go.sum | 17 +++++++++-------- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/packer_test/common/plugin_tester/go.mod b/packer_test/common/plugin_tester/go.mod index e938d5e8c..18ffceeb6 100644 --- a/packer_test/common/plugin_tester/go.mod +++ b/packer_test/common/plugin_tester/go.mod @@ -77,13 +77,13 @@ require ( github.com/ugorji/go/codec v1.2.6 // indirect github.com/ulikunitz/xz v0.5.10 // indirect go.opencensus.io v0.24.0 // indirect - golang.org/x/crypto v0.21.0 // indirect + golang.org/x/crypto v0.31.0 // indirect golang.org/x/exp v0.0.0-20230321023759-10a507213a29 // indirect golang.org/x/net v0.23.0 // indirect golang.org/x/oauth2 v0.7.0 // indirect - golang.org/x/sys v0.20.0 // indirect - golang.org/x/term v0.18.0 // indirect - golang.org/x/text v0.14.0 // indirect + golang.org/x/sys v0.28.0 // indirect + golang.org/x/term v0.27.0 // indirect + golang.org/x/text v0.21.0 // indirect golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect google.golang.org/api v0.114.0 // indirect diff --git a/packer_test/common/plugin_tester/go.sum b/packer_test/common/plugin_tester/go.sum index aec12fd44..5342e8ca2 100644 --- a/packer_test/common/plugin_tester/go.sum +++ b/packer_test/common/plugin_tester/go.sum @@ -325,8 +325,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= -golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= +golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= +golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20230321023759-10a507213a29 h1:ooxPy7fPvB4kwsA2h+iBNHkAbp/4JxTSwCmvdjEYmug= golang.org/x/exp v0.0.0-20230321023759-10a507213a29/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= @@ -365,7 +365,7 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= +golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -398,16 +398,16 @@ golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= -golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= +golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= -golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= +golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= +golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -416,8 +416,9 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= +golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac h1:7zkz7BUtwNFFqcowJ+RIgu2MaV/MapERkDIy+mwPyjs= golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= From 77bf0282a75b7b6d9be53620f8f9636d30868f19 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Fri, 20 Dec 2024 11:07:02 -0500 Subject: [PATCH 015/115] go.mod: bump golang.org/x/net to v0.33.0 The version of golang.org/x/net that we're using (v0.25.0) is vulnerable to GO-2024-3333, a DoS vulnerability. Packer is not particularly vulnerable to this, as we are not a hosted service, but since security scanners report this, and the fix is rather simple, we address it today. --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index c888a7532..f2884feab 100644 --- a/go.mod +++ b/go.mod @@ -45,7 +45,7 @@ require ( github.com/zclconf/go-cty-yaml v1.0.1 golang.org/x/crypto v0.31.0 // indirect golang.org/x/mod v0.17.0 - golang.org/x/net v0.25.0 + golang.org/x/net v0.33.0 golang.org/x/oauth2 v0.15.0 golang.org/x/sync v0.10.0 golang.org/x/sys v0.28.0 // indirect diff --git a/go.sum b/go.sum index a92f04890..ab8f31a18 100644 --- a/go.sum +++ b/go.sum @@ -603,6 +603,8 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ= golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM= From 024bf7259a1985c8f811412bda15da976a740866 Mon Sep 17 00:00:00 2001 From: Martin Grogan Date: Fri, 20 Dec 2024 12:38:07 -0500 Subject: [PATCH 016/115] docs: make TMPDIR clickable The option is less visible than the other one and by adding the quote, it creates an anchor that will make it easier to link. --- website/content/docs/configure.mdx | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/website/content/docs/configure.mdx b/website/content/docs/configure.mdx index 956cbefd5..5612ed64d 100644 --- a/website/content/docs/configure.mdx +++ b/website/content/docs/configure.mdx @@ -119,8 +119,8 @@ each can be found below: new versions of Packer. If you want to disable this for security or privacy reasons, you can set this environment variable to `1`. -- TMPDIR (Unix) / TMP, TEMP, USERPROFILE (Windows) - This specifies the - directory for temporary files (defaulting to /tmp on Linux/Unix and - %USERPROFILE%\AppData\Local\Temp on Windows Vista and later). Customizing +- `TMPDIR` (Unix) / `TMP`, `TEMP`, `USERPROFILE` (Windows) - This specifies the + directory for temporary files (defaulting to `/tmp` on Linux/Unix and + `%USERPROFILE%\AppData\Local\Temp` on Windows Vista and later). Customizing this setting might be necessary for systems where the default temporary directory is either non-writable or non-executable. From 783d5113baa3cf9fb27afe4c6a6025c59681ec41 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Mon, 6 Jan 2025 14:40:12 -0500 Subject: [PATCH 017/115] release: ignore AWS SDK vulnerability for release The reported AWS S3 vulnerability was inherited from the go-getter module that Packer uses for downloading files from external sources. This vulnerability only impacts S3 uploads, therefore Packer is not vulnerable itself as go-getter only downloads such blobs. Since the change required to fix this advisory would be to bump the AWS SDK to v2, this being a major change, is not something to do lightly, so we opted to ignore this advisory for now so it doesn't block upcoming releases. --- .release/security-scan.hcl | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl index 12ef1d533..c0f3a6e25 100644 --- a/.release/security-scan.hcl +++ b/.release/security-scan.hcl @@ -13,4 +13,14 @@ binary { osv = true oss_index = true nvd = false + + # Triage items that are _safe_ to ignore here. Note that this list should be + # periodically cleaned up to remove items that are no longer found by the scanner. + triage { + suppress { + vulnerabilities = [ + "GO-2022-0635", // github.com/aws/aws-sdk-go@v1.55.5 TODO(dduzgun-security): remove when deps is resolved + ] + } + } } From f24c978d46a581cb7524b5ef37e68afc82c31eda Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Mon, 6 Jan 2025 15:30:53 -0500 Subject: [PATCH 018/115] go.mod: bump go-git to v5.13.0 Version 5.11.0 of the go-git library is vulnerable to two CVEs as reported by our scanners. Both are not impacting Packer since we only use go-git to read values from a local Git repository, but still we upgrade our version to 5.13.0 so those reports don't apply to us. --- go.mod | 20 +++++++-------- go.sum | 77 +++++++++++++++++++++++----------------------------------- 2 files changed, 40 insertions(+), 57 deletions(-) diff --git a/go.mod b/go.mod index f2884feab..b45259084 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/cheggaaa/pb v1.0.27 github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e github.com/dsnet/compress v0.0.1 - github.com/go-git/go-git/v5 v5.11.0 + github.com/go-git/go-git/v5 v5.13.0 github.com/go-openapi/runtime v0.26.2 github.com/gobwas/glob v0.2.3 github.com/gofrs/flock v0.8.1 // indirect @@ -39,19 +39,19 @@ require ( github.com/packer-community/winrmcp v0.0.0-20180921211025-c76d91c1e7db // indirect github.com/pkg/sftp v1.13.2 // indirect github.com/posener/complete v1.2.3 - github.com/stretchr/testify v1.8.4 + github.com/stretchr/testify v1.10.0 github.com/ulikunitz/xz v0.5.10 github.com/zclconf/go-cty v1.13.3 github.com/zclconf/go-cty-yaml v1.0.1 golang.org/x/crypto v0.31.0 // indirect - golang.org/x/mod v0.17.0 + golang.org/x/mod v0.19.0 golang.org/x/net v0.33.0 golang.org/x/oauth2 v0.15.0 golang.org/x/sync v0.10.0 golang.org/x/sys v0.28.0 // indirect golang.org/x/term v0.27.0 // indirect golang.org/x/text v0.21.0 - golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d + golang.org/x/tools v0.23.0 google.golang.org/api v0.150.0 // indirect google.golang.org/grpc v1.59.0 ) @@ -75,7 +75,7 @@ require ( github.com/Masterminds/semver/v3 v3.1.1 // indirect github.com/Masterminds/sprig/v3 v3.2.1 // indirect github.com/Microsoft/go-winio v0.6.1 // indirect - github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 // indirect + github.com/ProtonMail/go-crypto v1.1.3 // indirect github.com/agext/levenshtein v1.2.3 // indirect github.com/apparentlymart/go-cidr v1.0.1 // indirect github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect @@ -90,13 +90,13 @@ require ( github.com/cenkalti/backoff/v3 v3.2.2 // indirect github.com/chzyer/test v1.0.0 // indirect github.com/cloudflare/circl v1.3.7 // indirect - github.com/cyphar/filepath-securejoin v0.2.4 // indirect + github.com/cyphar/filepath-securejoin v0.2.5 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dylanmei/iso8601 v0.1.0 // indirect github.com/emirpasic/gods v1.18.1 // indirect github.com/fatih/color v1.16.0 // indirect github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect - github.com/go-git/go-billy/v5 v5.5.0 // indirect + github.com/go-git/go-billy/v5 v5.6.0 // indirect github.com/go-jose/go-jose/v4 v4.0.1 // indirect github.com/go-logr/logr v1.3.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect @@ -158,10 +158,10 @@ require ( github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect github.com/rivo/uniseg v0.2.0 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect - github.com/sergi/go-diff v1.1.0 // indirect + github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect github.com/shoenig/go-m1cpu v0.1.5 // indirect github.com/shopspring/decimal v1.2.0 // indirect - github.com/skeema/knownhosts v1.2.1 // indirect + github.com/skeema/knownhosts v1.3.0 // indirect github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 // indirect github.com/spf13/cast v1.3.1 // indirect github.com/tklauser/go-sysconf v0.3.11 // indirect @@ -175,7 +175,7 @@ require ( go.opentelemetry.io/otel v1.17.0 // indirect go.opentelemetry.io/otel/metric v1.17.0 // indirect go.opentelemetry.io/otel/trace v1.17.0 // indirect - golang.org/x/exp v0.0.0-20230321023759-10a507213a29 // indirect + golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect google.golang.org/appengine v1.6.7 // indirect diff --git a/go.sum b/go.sum index ab8f31a18..3678a621b 100644 --- a/go.sum +++ b/go.sum @@ -30,8 +30,8 @@ github.com/Masterminds/sprig/v3 v3.2.1/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFP github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= -github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 h1:kkhsdkhsCvIsutKu5zLMgWtgh9YxGCNAw8Ad8hjwfYg= -github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= +github.com/ProtonMail/go-crypto v1.1.3 h1:nRBOetoydLeUb4nHajyO2bKqMLfWQ/ZPwkXqXxPxCFk= +github.com/ProtonMail/go-crypto v1.1.3/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= @@ -77,7 +77,6 @@ github.com/biogo/hts v1.4.3 h1:vir2yUTiRkPvtp6ZTpzh9lWTKQJZXJKZ563rpAQAsRM= github.com/biogo/hts v1.4.3/go.mod h1:eW40HJ1l2ExK9C+yvvoRSftInqWsf3ue+zAEjzCGWjA= github.com/bmatcuk/doublestar v1.1.5 h1:2bNwBOmhyFEFcoB3tGvTD5xanq+4kyOZlB8wFYbMjkk= github.com/bmatcuk/doublestar v1.1.5/go.mod h1:wiQtGV+rzVYxB7WIlirSN++5HPtPlXEo9MEoZQC/PmE= -github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/cenkalti/backoff/v3 v3.2.2 h1:cfUAAO3yvKMYKPrvhDuHSwQnhZNk/RMHKdZqKTxfm6M= github.com/cenkalti/backoff/v3 v3.2.2/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= @@ -93,12 +92,11 @@ github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38 github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag= github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU= github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= -github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= +github.com/cyphar/filepath-securejoin v0.2.5 h1:6iR5tXJ/e6tJZzzdMc1km3Sa7RRIVBKAK32O2s7AYfo= +github.com/cyphar/filepath-securejoin v0.2.5/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= @@ -110,8 +108,8 @@ github.com/dylanmei/iso8601 v0.1.0 h1:812NGQDBcqquTfH5Yeo7lwR0nzx/cKdsmf3qMjPURU github.com/dylanmei/iso8601 v0.1.0/go.mod h1:w9KhXSgIyROl1DefbMYIE7UVSIvELTbMrCfx+QkYnoQ= github.com/dylanmei/winrmtest v0.0.0-20210303004826-fbc9ae56efb6 h1:zWydSUQBJApHwpQ4guHi+mGyQN/8yN6xbKWdDtL3ZNM= github.com/dylanmei/winrmtest v0.0.0-20210303004826-fbc9ae56efb6/go.mod h1:6BLLhzn1VEiJ4veuAGhINBTrBlV889Wd+aU4auxKOww= -github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a h1:mATvB/9r/3gvcejNsXKSkQ6lcIaNec2nyfOdlTBR2lU= -github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= +github.com/elazarl/goproxy v1.2.1 h1:njjgvO6cRG9rIqN2ebkqy6cQz2Njkx7Fsfv/zIZqgug= +github.com/elazarl/goproxy v1.2.1/go.mod h1:YfEbZtqP4AetfO6d40vWchF3znWX7C7Vd6ZMfdL8z64= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= @@ -123,16 +121,16 @@ github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= -github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY= -github.com/gliderlabs/ssh v0.3.5/go.mod h1:8XB4KraRrX39qHhT6yxPsHedjA08I/uBVwj4xC+/+z4= +github.com/gliderlabs/ssh v0.3.8 h1:a4YXD1V7xMF9g5nTkdfnja3Sxy1PVDCj1Zg4Wb8vY6c= +github.com/gliderlabs/ssh v0.3.8/go.mod h1:xYoytBv1sV0aL3CavoDuJIQNURXkkfPA/wxQ1pL1fAU= github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI= github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= -github.com/go-git/go-billy/v5 v5.5.0 h1:yEY4yhzCDuMGSv83oGxiBotRzhwhNr8VZyphhiu+mTU= -github.com/go-git/go-billy/v5 v5.5.0/go.mod h1:hmexnoNsr2SJU1Ju67OaNz5ASJY3+sHgFRpCtpDCKow= +github.com/go-git/go-billy/v5 v5.6.0 h1:w2hPNtoehvJIxR00Vb4xX94qHQi/ApZfX+nBE2Cjio8= +github.com/go-git/go-billy/v5 v5.6.0/go.mod h1:sFDq7xD3fn3E0GOwUSZqHo9lrkmx8xJhA0ZrfvjBRGM= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII= -github.com/go-git/go-git/v5 v5.11.0 h1:XIZc1p+8YzypNr34itUfSvYJcv+eYdTnTvOZ2vD3cA4= -github.com/go-git/go-git/v5 v5.11.0/go.mod h1:6GFcX2P3NM7FPBfpePbpLd21XxsgdAt+lKqXmCUiUCY= +github.com/go-git/go-git/v5 v5.13.0 h1:vLn5wlGIh/X78El6r3Jr+30W16Blk0CTcxTYcYPWi5E= +github.com/go-git/go-git/v5 v5.13.0/go.mod h1:Wjo7/JyVKtQgUNdXYXIepzWfJQkUEIGvkvVkiXRR/zw= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-jose/go-jose/v4 v4.0.1 h1:QVEPDE3OluqXBQZDcnNvQrInro2h0e4eqNbnZSWqS6U= github.com/go-jose/go-jose/v4 v4.0.1/go.mod h1:WVf9LFMHh/QVrmqrOfqun0C45tMe3RoiKJMPvgWwLfY= @@ -424,8 +422,8 @@ github.com/nywilken/go-cty v1.13.3 h1:03U99oXf3j3g9xgqAE3YGpixCjM8Mg09KZ0Ji9LzX0 github.com/nywilken/go-cty v1.13.3/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0= github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= -github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= +github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= +github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/packer-community/winrmcp v0.0.0-20180921211025-c76d91c1e7db h1:9uViuKtx1jrlXLBW/pMnhOfzn3iSEdLase/But/IZRU= @@ -473,8 +471,8 @@ github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkB github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 h1:nn5Wsu0esKSJiIVhscUtVbo7ada43DJhG55ua/hjS5I= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= -github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0= -github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= +github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8= +github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4= github.com/shirou/gopsutil/v3 v3.23.4 h1:hZwmDxZs7Ewt75DV81r4pFMqbq+di2cbt9FsQBqLD2o= github.com/shirou/gopsutil/v3 v3.23.4/go.mod h1:ZcGxyfzAMRevhUR2+cfhXDH6gQdFYE/t8j1nsU4mPI8= github.com/shoenig/go-m1cpu v0.1.5 h1:LF57Z/Fpb/WdGLjt2HZilNnmZOxg/q2bSKTQhgbrLrQ= @@ -486,8 +484,8 @@ github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFR github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/skeema/knownhosts v1.2.1 h1:SHWdIUa82uGZz+F+47k8SY4QhhI291cXCpopT1lK2AQ= -github.com/skeema/knownhosts v1.2.1/go.mod h1:xYbVRSPxqBZFrdmDyMmsOs+uX1UZC3nTN3ThzgDxUwo= +github.com/skeema/knownhosts v1.3.0 h1:AM+y0rI04VksttfwjkSTNQorvGqmwATnvnAHpSgc0LY= +github.com/skeema/knownhosts v1.3.0/go.mod h1:sPINvnADmT/qYH1kfv+ePMmOBTH6Tbl7b5LvTDjFK7M= github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 h1:JIAuq3EEf9cgbU6AtGPK4CTG3Zf6CKMNqf0MHTggAUA= github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966/go.mod h1:sUM3LWHvSMaG192sy56D9F7CNvL7jUJVXoqM1QKLnog= github.com/spf13/cast v1.3.1 h1:nFm6S0SMdyzrzcmThSipiEubIDy8WEXKNZ0UOgiRpng= @@ -495,8 +493,9 @@ github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -508,8 +507,8 @@ github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1F github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/tklauser/go-sysconf v0.3.11 h1:89WgdJhk5SNwJfu+GKyYveZ4IaJ7xAkecBo+KdJV0CM= github.com/tklauser/go-sysconf v0.3.11/go.mod h1:GqXfhXY3kiPa0nAXPDIQIWzJbMCB7AmcWpGR8lSZfqI= github.com/tklauser/numcpus v0.6.0 h1:kebhY2Qt+3U6RNK7UqpYNA+tJ23IBEGKkB7JQBfDYms= @@ -562,15 +561,13 @@ golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= -golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20230321023759-10a507213a29 h1:ooxPy7fPvB4kwsA2h+iBNHkAbp/4JxTSwCmvdjEYmug= -golang.org/x/exp v0.0.0-20230321023759-10a507213a29/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -579,9 +576,8 @@ golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= -golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.19.0 h1:fEdghXQSo20giMthA7cd28ZC+jts4amQ3YMXiP5oMQ8= +golang.org/x/mod v0.19.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -598,11 +594,6 @@ golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= -golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -615,7 +606,6 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -653,17 +643,12 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -672,9 +657,7 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= @@ -688,9 +671,8 @@ golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.23.0 h1:SGsXPZ+2l4JsgaCKkx+FQ9YZ5XEtA1GZYuoDjenLjvg= +golang.org/x/tools v0.23.0/go.mod h1:pnu6ufv6vQkll6szChhK3C3L/ruaIv5eBeztNG8wtsI= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk= @@ -745,8 +727,9 @@ gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= From ea9d02d59682b83a58e40a3a01b3080170896550 Mon Sep 17 00:00:00 2001 From: "hashicorp-tsccr[bot]" Date: Thu, 2 Jan 2025 17:07:39 +0000 Subject: [PATCH 019/115] Result of tsccr-helper -log-level=info gha update .github/ --- .github/workflows/acceptance-test.yml | 6 +++--- .github/workflows/build.yml | 22 ++++++++++----------- .github/workflows/create-release-branch.yml | 2 +- .github/workflows/go-test.yml | 14 ++++++------- .github/workflows/go-validate.yml | 18 ++++++++--------- .github/workflows/issue-comment-created.yml | 2 +- .github/workflows/issues-opened.yml | 2 +- .github/workflows/nightly-release.yml | 2 +- 8 files changed, 34 insertions(+), 34 deletions(-) diff --git a/.github/workflows/acceptance-test.yml b/.github/workflows/acceptance-test.yml index e03f66797..baf2d45ad 100644 --- a/.github/workflows/acceptance-test.yml +++ b/.github/workflows/acceptance-test.yml @@ -19,7 +19,7 @@ jobs: outputs: go-version: ${{ steps.get-go-version.outputs.go-version }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: 'Determine Go version' id: get-go-version # We use .go-version as our source of truth for current Go @@ -40,8 +40,8 @@ jobs: # Packer GH Token for API Rate Limiting PACKER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - name: IAM Assume Role diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 11fc9f377..79df8c699 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -27,7 +27,7 @@ jobs: outputs: go-version: ${{ steps.get-go-version.outputs.go-version }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: 'Determine Go version' id: get-go-version # We use .go-version as our source of truth for current Go @@ -45,7 +45,7 @@ jobs: product-prerelease-version: ${{ steps.set-product-version.outputs.prerelease-product-version }} set-ld-flags: ${{ steps.set-ld-flags.outputs.set-ld-flags }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: set product version id: set-product-version uses: hashicorp/actions-set-product-version@v1 @@ -68,7 +68,7 @@ jobs: filepath: ${{ steps.generate-metadata-file.outputs.filepath }} steps: - name: 'Checkout directory' - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Generate metadata file id: generate-metadata-file uses: hashicorp/actions-generate-metadata@main @@ -76,7 +76,7 @@ jobs: version: ${{ needs.set-product-version.outputs.product-version }} product: ${{ env.REPO_NAME }} - - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: metadata.json path: ${{ steps.generate-metadata-file.outputs.filepath }} @@ -106,7 +106,7 @@ jobs: GOPRIVATE: "github.com/hashicorp" GO111MODULE: on steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Go Build env: PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} @@ -144,7 +144,7 @@ jobs: GO111MODULE: on steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Go Build env: PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} @@ -187,11 +187,11 @@ jobs: run: | echo "RPM_PACKAGE=$(basename out/*.rpm)" >> $GITHUB_ENV echo "DEB_PACKAGE=$(basename out/*.deb)" >> $GITHUB_ENV - - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: ${{ env.RPM_PACKAGE }} path: out/${{ env.RPM_PACKAGE }} - - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: ${{ env.DEB_PACKAGE }} path: out/${{ env.DEB_PACKAGE }} @@ -214,7 +214,7 @@ jobs: GO111MODULE: on steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Go Build env: PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} @@ -245,7 +245,7 @@ jobs: env: version: ${{ needs.set-product-version.outputs.product-version }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Docker Build (Action) uses: hashicorp/actions-docker-build@v2 with: @@ -275,7 +275,7 @@ jobs: env: version: ${{ needs.set-product-version.outputs.product-version }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Docker Build (Action) uses: hashicorp/actions-docker-build@v2 with: diff --git a/.github/workflows/create-release-branch.yml b/.github/workflows/create-release-branch.yml index 25782c82b..1428c92b6 100644 --- a/.github/workflows/create-release-branch.yml +++ b/.github/workflows/create-release-branch.yml @@ -4,7 +4,7 @@ jobs: create-branch: runs-on: ubuntu-latest steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: hashicorp/actions-create-release-branch@v1 with: token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} diff --git a/.github/workflows/go-test.yml b/.github/workflows/go-test.yml index b461ecc82..2fccd5d3a 100644 --- a/.github/workflows/go-test.yml +++ b/.github/workflows/go-test.yml @@ -25,7 +25,7 @@ jobs: outputs: go-version: ${{ steps.get-go-version.outputs.go-version }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: 'Determine Go version' id: get-go-version run: | @@ -37,8 +37,8 @@ jobs: runs-on: ubuntu-latest name: Linux go tests steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: TESTARGS="-coverprofile=coverage.txt -covermode=atomic" make ci @@ -48,8 +48,8 @@ jobs: runs-on: macos-latest name: Darwin go tests steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: go test ./... -coverprofile=coverage.txt -covermode=atomic @@ -59,8 +59,8 @@ jobs: runs-on: windows-latest name: Windows go tests steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: go test ./... -coverprofile=coverage.txt -covermode=atomic diff --git a/.github/workflows/go-validate.yml b/.github/workflows/go-validate.yml index 60440b9a4..3fee81c8a 100644 --- a/.github/workflows/go-validate.yml +++ b/.github/workflows/go-validate.yml @@ -21,7 +21,7 @@ jobs: outputs: go-version: ${{ steps.get-go-version.outputs.go-version }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: 'Determine Go version' id: get-go-version run: | @@ -33,8 +33,8 @@ jobs: runs-on: ubuntu-latest name: Go Mod Tidy steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: go mod tidy @@ -44,10 +44,10 @@ jobs: runs-on: ubuntu-latest name: Lint steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: echo "$GITHUB_SHA" @@ -60,8 +60,8 @@ jobs: runs-on: ubuntu-latest name: Fmt check steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: make fmt-check @@ -71,8 +71,8 @@ jobs: runs-on: ubuntu-latest name: Generate check steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ needs.get-go-version.outputs.go-version }} - run: make generate-check diff --git a/.github/workflows/issue-comment-created.yml b/.github/workflows/issue-comment-created.yml index 1fa8bea6b..e74be499b 100644 --- a/.github/workflows/issue-comment-created.yml +++ b/.github/workflows/issue-comment-created.yml @@ -15,7 +15,7 @@ jobs: if: ${{contains(github.event.issue.labels.*.name, 'waiting-reply') || contains(github.event.issue.labels.*.name, 'stale')}} runs-on: ubuntu-latest steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: actions-ecosystem/action-remove-labels@2ce5d41b4b6aa8503e285553f75ed56e0a40bae0 # v1.3.0 with: github_token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/issues-opened.yml b/.github/workflows/issues-opened.yml index 5829a9fb1..03587e747 100644 --- a/.github/workflows/issues-opened.yml +++ b/.github/workflows/issues-opened.yml @@ -13,7 +13,7 @@ jobs: issues: write # for github/issue-labeler to create or remove labels runs-on: ubuntu-latest steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: github/issue-labeler@c1b0f9f52a63158c4adc09425e858e87b32e9685 # v3.4 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/nightly-release.yml b/.github/workflows/nightly-release.yml index 27ff163e3..7d92111bd 100644 --- a/.github/workflows/nightly-release.yml +++ b/.github/workflows/nightly-release.yml @@ -24,7 +24,7 @@ jobs: needs: build-artifacts runs-on: ubuntu-latest steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Download built artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: From 8b2a3ccdf3d7cba6de0e6a56e3af6ca222573ffc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 15 Jan 2025 19:53:54 +0000 Subject: [PATCH 020/115] build(deps): bump github.com/hashicorp/hcp-sdk-go Bumps [github.com/hashicorp/hcp-sdk-go](https://github.com/hashicorp/hcp-sdk-go) from 0.112.0 to 0.131.0. - [Release notes](https://github.com/hashicorp/hcp-sdk-go/releases) - [Changelog](https://github.com/hashicorp/hcp-sdk-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/hcp-sdk-go/compare/v0.112.0...v0.131.0) --- updated-dependencies: - dependency-name: github.com/hashicorp/hcp-sdk-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index b45259084..364589e5d 100644 --- a/go.mod +++ b/go.mod @@ -22,7 +22,7 @@ require ( github.com/hashicorp/go-uuid v1.0.3 github.com/hashicorp/go-version v1.6.0 github.com/hashicorp/hcl/v2 v2.19.1 - github.com/hashicorp/hcp-sdk-go v0.112.0 + github.com/hashicorp/hcp-sdk-go v0.131.0 github.com/hashicorp/packer-plugin-sdk v0.5.4 github.com/jehiah/go-strftime v0.0.0-20171201141054-1d33003b3869 github.com/klauspost/compress v1.13.6 // indirect diff --git a/go.sum b/go.sum index 3678a621b..23401403b 100644 --- a/go.sum +++ b/go.sum @@ -291,8 +291,8 @@ github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/hcl/v2 v2.19.1 h1://i05Jqznmb2EXqa39Nsvyan2o5XyMowW5fnCKW5RPI= github.com/hashicorp/hcl/v2 v2.19.1/go.mod h1:ThLC89FV4p9MPW804KVbe/cEXoQ8NZEh+JtMeeGErHE= -github.com/hashicorp/hcp-sdk-go v0.112.0 h1:gKzxaPhzJj4NobFw7Sc1rGf3nMSqUKBgTtsbZ6bzd14= -github.com/hashicorp/hcp-sdk-go v0.112.0/go.mod h1:vQ4fzdL1AmhIAbCw+4zmFe5Hbpajj3NvRWkJoVuxmAk= +github.com/hashicorp/hcp-sdk-go v0.131.0 h1:2o2peovPIJ1/yj3GGcxyMn0ndiGaCML0mosnsHPsikE= +github.com/hashicorp/hcp-sdk-go v0.131.0/go.mod h1:vQ4fzdL1AmhIAbCw+4zmFe5Hbpajj3NvRWkJoVuxmAk= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/mdns v1.0.4/go.mod h1:mtBihi+LeNXGtG8L9dX59gAEa12BDtBQSp4v/YAJqrc= github.com/hashicorp/memberlist v0.5.0 h1:EtYPN8DpAURiapus508I4n9CzHs2W+8NZGbmmR/prTM= From 3826a94758fa4af14643b5ced457095a857e494c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Jan 2025 22:27:03 +0000 Subject: [PATCH 021/115] build(deps): bump golang.org/x/net in /packer_test/common/plugin_tester Bumps [golang.org/x/net](https://github.com/golang/net) from 0.23.0 to 0.33.0. - [Commits](https://github.com/golang/net/compare/v0.23.0...v0.33.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] --- packer_test/common/plugin_tester/go.mod | 2 +- packer_test/common/plugin_tester/go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packer_test/common/plugin_tester/go.mod b/packer_test/common/plugin_tester/go.mod index 18ffceeb6..de79c1f60 100644 --- a/packer_test/common/plugin_tester/go.mod +++ b/packer_test/common/plugin_tester/go.mod @@ -79,7 +79,7 @@ require ( go.opencensus.io v0.24.0 // indirect golang.org/x/crypto v0.31.0 // indirect golang.org/x/exp v0.0.0-20230321023759-10a507213a29 // indirect - golang.org/x/net v0.23.0 // indirect + golang.org/x/net v0.33.0 // indirect golang.org/x/oauth2 v0.7.0 // indirect golang.org/x/sys v0.28.0 // indirect golang.org/x/term v0.27.0 // indirect diff --git a/packer_test/common/plugin_tester/go.sum b/packer_test/common/plugin_tester/go.sum index 5342e8ca2..18fdc4668 100644 --- a/packer_test/common/plugin_tester/go.sum +++ b/packer_test/common/plugin_tester/go.sum @@ -352,8 +352,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.7.0 h1:qe6s0zUXlPX80/dITx3440hWZ7GwMwgDDyrSGTPJG/g= golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= From 7f64ca11f6f26006a4805e42b21539c7ddab0dd6 Mon Sep 17 00:00:00 2001 From: Gustavo Cruz Date: Fri, 20 Dec 2024 20:54:36 -0300 Subject: [PATCH 022/115] fix: `packer validate` unsupported type error `packer validate` would output the same error message four times per unsupported root block type found in a template (e.g., 'src' instead of 'source'). This behavior was due to a function being called four times for each file on each stage of the parsing. --- .../test-fixtures/validate/invalid_block_type.pkr.hcl | 4 ++++ command/validate_test.go | 3 +++ hcl2template/parser.go | 11 +++++++++-- hcl2template/types.packer_config.go | 6 ++---- hcl2template/types.required_plugins.go | 3 +-- 5 files changed, 19 insertions(+), 8 deletions(-) create mode 100644 command/test-fixtures/validate/invalid_block_type.pkr.hcl diff --git a/command/test-fixtures/validate/invalid_block_type.pkr.hcl b/command/test-fixtures/validate/invalid_block_type.pkr.hcl new file mode 100644 index 000000000..fdfa8e6d5 --- /dev/null +++ b/command/test-fixtures/validate/invalid_block_type.pkr.hcl @@ -0,0 +1,4 @@ +src "docker" "ubuntu" { + image = var.docker_image + commit = true +} diff --git a/command/validate_test.go b/command/validate_test.go index 5b9da04d7..56605a326 100644 --- a/command/validate_test.go +++ b/command/validate_test.go @@ -36,6 +36,9 @@ func TestValidateCommand(t *testing.T) { // wrong version field {path: filepath.Join(testFixture("version_req", "wrong_field_name")), exitCode: 1}, + // wrong packer block type + {path: filepath.Join(testFixture("validate", "invalid_block_type.pkr.hcl")), exitCode: 1}, + // wrong packer block {path: filepath.Join(testFixture("validate", "invalid_packer_block.pkr.hcl")), exitCode: 1}, diff --git a/hcl2template/parser.go b/hcl2template/parser.go index f3c51c4f8..d6ae4ecb9 100644 --- a/hcl2template/parser.go +++ b/hcl2template/parser.go @@ -165,6 +165,14 @@ func (p *Parser) Parse(filename string, varFiles []string, argVars map[string]st return cfg, diags } + // Looks for invalid arguments or unsupported block types + { + for _, file := range files { + _, moreDiags := file.Body.Content(configSchema) + diags = append(diags, moreDiags...) + } + } + // Decode required_plugins blocks. // // Note: using `latest` ( or actually an empty string ) in a config file @@ -585,8 +593,7 @@ func (p *Parser) decodeDatasources(file *hcl.File, cfg *PackerConfig) hcl.Diagno var diags hcl.Diagnostics body := file.Body - content, moreDiags := body.Content(configSchema) - diags = append(diags, moreDiags...) + content, _ := body.Content(configSchema) for _, block := range content.Blocks { switch block.Type { diff --git a/hcl2template/types.packer_config.go b/hcl2template/types.packer_config.go index 626ebdb7b..cb81441d8 100644 --- a/hcl2template/types.packer_config.go +++ b/hcl2template/types.packer_config.go @@ -156,8 +156,7 @@ func (cfg *PackerConfig) EvalContext(ctx BlockContext, variables map[string]cty. func (c *PackerConfig) decodeInputVariables(f *hcl.File) hcl.Diagnostics { var diags hcl.Diagnostics - content, moreDiags := f.Body.Content(configSchema) - diags = append(diags, moreDiags...) + content, _ := f.Body.Content(configSchema) // for input variables we allow to use env in the default value section. ectx := &hcl.EvalContext{ @@ -188,8 +187,7 @@ func (c *PackerConfig) decodeInputVariables(f *hcl.File) hcl.Diagnostics { func parseLocalVariableBlocks(f *hcl.File) ([]*LocalBlock, hcl.Diagnostics) { var diags hcl.Diagnostics - content, moreDiags := f.Body.Content(configSchema) - diags = append(diags, moreDiags...) + content, _ := f.Body.Content(configSchema) var locals []*LocalBlock diff --git a/hcl2template/types.required_plugins.go b/hcl2template/types.required_plugins.go index 08fe694b3..b5aa0328d 100644 --- a/hcl2template/types.required_plugins.go +++ b/hcl2template/types.required_plugins.go @@ -15,8 +15,7 @@ import ( func (cfg *PackerConfig) decodeRequiredPluginsBlock(f *hcl.File) hcl.Diagnostics { var diags hcl.Diagnostics - content, moreDiags := f.Body.Content(configSchema) - diags = append(diags, moreDiags...) + content, _ := f.Body.Content(configSchema) for _, block := range content.Blocks { switch block.Type { From 476ddc38102a2d6203e68d395aa4ff225ec56c4a Mon Sep 17 00:00:00 2001 From: Martin Grogan Date: Thu, 19 Dec 2024 13:47:04 -0500 Subject: [PATCH 023/115] hcl2template: add alltrue function add an hcl2 function that return true if all the value in a collection are true, this function was derived from terraform codebase --- hcl2template/function/alltrue.go | 39 ++++++++ hcl2template/function/alltrue_test.go | 89 +++++++++++++++++++ hcl2template/functions.go | 1 + .../functions/collection/alltrue.mdx | 25 ++++++ website/data/docs-nav-data.json | 4 + 5 files changed, 158 insertions(+) create mode 100644 hcl2template/function/alltrue.go create mode 100644 hcl2template/function/alltrue_test.go create mode 100644 website/content/docs/templates/hcl_templates/functions/collection/alltrue.mdx diff --git a/hcl2template/function/alltrue.go b/hcl2template/function/alltrue.go new file mode 100644 index 000000000..1b4cf2a88 --- /dev/null +++ b/hcl2template/function/alltrue.go @@ -0,0 +1,39 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package function + +import ( + "github.com/zclconf/go-cty/cty" + "github.com/zclconf/go-cty/cty/function" +) + +// AllTrue constructs a function that returns true if all elements of the +// list are true. If the list is empty, return true. +var AllTrue = function.New(&function.Spec{ + Params: []function.Parameter{ + { + Name: "list", + Type: cty.List(cty.Bool), + }, + }, + Type: function.StaticReturnType(cty.Bool), + RefineResult: refineNotNull, + Impl: func(args []cty.Value, retType cty.Type) (ret cty.Value, err error) { + result := cty.True + for it := args[0].ElementIterator(); it.Next(); { + _, v := it.Element() + if !v.IsKnown() { + return cty.UnknownVal(cty.Bool), nil + } + if v.IsNull() { + return cty.False, nil + } + result = result.And(v) + if result.False() { + return cty.False, nil + } + } + return result, nil + }, +}) diff --git a/hcl2template/function/alltrue_test.go b/hcl2template/function/alltrue_test.go new file mode 100644 index 000000000..1359de76e --- /dev/null +++ b/hcl2template/function/alltrue_test.go @@ -0,0 +1,89 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package function + +import ( + "fmt" + "testing" + + "github.com/zclconf/go-cty/cty" +) + +func TestAllTrue(t *testing.T) { + tests := []struct { + Collection cty.Value + Want cty.Value + Err bool + }{ + { + cty.ListValEmpty(cty.Bool), + cty.True, + false, + }, + { + cty.ListVal([]cty.Value{cty.True}), + cty.True, + false, + }, + { + cty.ListVal([]cty.Value{cty.False}), + cty.False, + false, + }, + { + cty.ListVal([]cty.Value{cty.True, cty.False}), + cty.False, + false, + }, + { + cty.ListVal([]cty.Value{cty.False, cty.True}), + cty.False, + false, + }, + { + cty.ListVal([]cty.Value{cty.True, cty.NullVal(cty.Bool)}), + cty.False, + false, + }, + { + cty.ListVal([]cty.Value{cty.UnknownVal(cty.Bool)}), + cty.UnknownVal(cty.Bool).RefineNotNull(), + false, + }, + { + cty.ListVal([]cty.Value{ + cty.UnknownVal(cty.Bool), + cty.UnknownVal(cty.Bool), + }), + cty.UnknownVal(cty.Bool).RefineNotNull(), + false, + }, + { + cty.UnknownVal(cty.List(cty.Bool)), + cty.UnknownVal(cty.Bool).RefineNotNull(), + false, + }, + { + cty.NullVal(cty.List(cty.Bool)), + cty.NilVal, + true, + }, + } + + for _, tc := range tests { + t.Run(fmt.Sprintf("alltrue(%#v)", tc.Collection), func(t *testing.T) { + got, err := AllTrue.Call([]cty.Value{tc.Collection}) + + if tc.Err && err == nil { + t.Fatal("succeeded; want error") + } + if !tc.Err && err != nil { + t.Fatalf("unexpected error: %s", err) + } + if !got.RawEquals(tc.Want) { + t.Errorf("wrong result\ngot: %#v\nwant: %#v", got, tc.Want) + } + }) + } +} diff --git a/hcl2template/functions.go b/hcl2template/functions.go index 4e832cf93..6a2dbc61a 100644 --- a/hcl2template/functions.go +++ b/hcl2template/functions.go @@ -34,6 +34,7 @@ func Functions(basedir string) map[string]function.Function { funcs := map[string]function.Function{ "abs": stdlib.AbsoluteFunc, "abspath": filesystem.AbsPathFunc, + "alltrue": pkrfunction.AllTrue, "aws_secretsmanager": pkrfunction.AWSSecret, "basename": filesystem.BasenameFunc, "base64decode": encoding.Base64DecodeFunc, diff --git a/website/content/docs/templates/hcl_templates/functions/collection/alltrue.mdx b/website/content/docs/templates/hcl_templates/functions/collection/alltrue.mdx new file mode 100644 index 000000000..3d5db2743 --- /dev/null +++ b/website/content/docs/templates/hcl_templates/functions/collection/alltrue.mdx @@ -0,0 +1,25 @@ +--- +page_title: alltrue - Functions - Configuration Language +description: |- + The alltrue function determines whether all elements of a collection + are true or "true". If the collection is empty, it returns true. +--- + +# `alltrue` Function + +`alltrue` returns `true` if all elements in a given collection are `true` +or `"true"`. It also returns `true` if the collection is empty. + +```hcl +alltrue(list) +``` + +## Examples + +```command +> alltrue(["true", true]) +true +> alltrue([true, false]) +false +``` + diff --git a/website/data/docs-nav-data.json b/website/data/docs-nav-data.json index 24c55feb6..55dfc244e 100644 --- a/website/data/docs-nav-data.json +++ b/website/data/docs-nav-data.json @@ -326,6 +326,10 @@ { "title": "Collection Functions", "routes": [ + { + "title": "alltrue", + "path": "templates/hcl_templates/functions/collection/alltrue" + }, { "title": "chunklist", "path": "templates/hcl_templates/functions/collection/chunklist" From cb4965d53afedc7c57680e3ab66b256ee8f817e1 Mon Sep 17 00:00:00 2001 From: Martin Grogan Date: Thu, 19 Dec 2024 15:08:17 -0500 Subject: [PATCH 024/115] hcl2template: add anytrue function this function add the hcl2 anytrue function which takes a collection and return true if any of the element is true. --- hcl2template/function/anytrue.go | 44 +++++++++ hcl2template/function/anytrue_test.go | 89 +++++++++++++++++++ hcl2template/functions.go | 1 + .../functions/collection/anytrue.mdx | 28 ++++++ website/data/docs-nav-data.json | 4 + 5 files changed, 166 insertions(+) create mode 100644 hcl2template/function/anytrue.go create mode 100644 hcl2template/function/anytrue_test.go create mode 100644 website/content/docs/templates/hcl_templates/functions/collection/anytrue.mdx diff --git a/hcl2template/function/anytrue.go b/hcl2template/function/anytrue.go new file mode 100644 index 000000000..ad5e31099 --- /dev/null +++ b/hcl2template/function/anytrue.go @@ -0,0 +1,44 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package function + +import ( + "github.com/zclconf/go-cty/cty" + "github.com/zclconf/go-cty/cty/function" +) + +// AnyTrue constructs a function that returns true if a single element of +// the list is true. If the list is empty, return false. +var AnyTrue = function.New(&function.Spec{ + Params: []function.Parameter{ + { + Name: "list", + Type: cty.List(cty.Bool), + }, + }, + Type: function.StaticReturnType(cty.Bool), + RefineResult: refineNotNull, + Impl: func(args []cty.Value, retType cty.Type) (ret cty.Value, err error) { + result := cty.False + var hasUnknown bool + for it := args[0].ElementIterator(); it.Next(); { + _, v := it.Element() + if !v.IsKnown() { + hasUnknown = true + continue + } + if v.IsNull() { + continue + } + result = result.Or(v) + if result.True() { + return cty.True, nil + } + } + if hasUnknown { + return cty.UnknownVal(cty.Bool), nil + } + return result, nil + }, +}) diff --git a/hcl2template/function/anytrue_test.go b/hcl2template/function/anytrue_test.go new file mode 100644 index 000000000..0ab830a89 --- /dev/null +++ b/hcl2template/function/anytrue_test.go @@ -0,0 +1,89 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package function + +import ( + "fmt" + "testing" + + "github.com/zclconf/go-cty/cty" +) + +func TestAnyTrue(t *testing.T) { + tests := []struct { + Collection cty.Value + Want cty.Value + Err bool + }{ + { + cty.ListValEmpty(cty.Bool), + cty.False, + false, + }, + { + cty.ListVal([]cty.Value{cty.True}), + cty.True, + false, + }, + { + cty.ListVal([]cty.Value{cty.False}), + cty.False, + false, + }, + { + cty.ListVal([]cty.Value{cty.True, cty.False}), + cty.True, + false, + }, + { + cty.ListVal([]cty.Value{cty.False, cty.True}), + cty.True, + false, + }, + { + cty.ListVal([]cty.Value{cty.True, cty.NullVal(cty.Bool)}), + cty.True, + false, + }, + { + cty.ListVal([]cty.Value{cty.UnknownVal(cty.Bool)}), + cty.UnknownVal(cty.Bool).RefineNotNull(), + false, + }, + { + cty.ListVal([]cty.Value{ + cty.UnknownVal(cty.Bool), + cty.UnknownVal(cty.Bool), + }), + cty.UnknownVal(cty.Bool).RefineNotNull(), + false, + }, + { + cty.UnknownVal(cty.List(cty.Bool)), + cty.UnknownVal(cty.Bool).RefineNotNull(), + false, + }, + { + cty.NullVal(cty.List(cty.Bool)), + cty.NilVal, + true, + }, + } + + for _, tc := range tests { + t.Run(fmt.Sprintf("anytrue(%#v)", tc.Collection), func(t *testing.T) { + got, err := AnyTrue.Call([]cty.Value{tc.Collection}) + + if tc.Err && err == nil { + t.Fatal("succeeded; want error") + } + if !tc.Err && err != nil { + t.Fatalf("unexpected error: %s", err) + } + if !got.RawEquals(tc.Want) { + t.Errorf("wrong result\ngot: %#v\nwant: %#v", got, tc.Want) + } + }) + } +} diff --git a/hcl2template/functions.go b/hcl2template/functions.go index 6a2dbc61a..4719a15a2 100644 --- a/hcl2template/functions.go +++ b/hcl2template/functions.go @@ -35,6 +35,7 @@ func Functions(basedir string) map[string]function.Function { "abs": stdlib.AbsoluteFunc, "abspath": filesystem.AbsPathFunc, "alltrue": pkrfunction.AllTrue, + "anytrue": pkrfunction.AnyTrue, "aws_secretsmanager": pkrfunction.AWSSecret, "basename": filesystem.BasenameFunc, "base64decode": encoding.Base64DecodeFunc, diff --git a/website/content/docs/templates/hcl_templates/functions/collection/anytrue.mdx b/website/content/docs/templates/hcl_templates/functions/collection/anytrue.mdx new file mode 100644 index 000000000..fb67069bd --- /dev/null +++ b/website/content/docs/templates/hcl_templates/functions/collection/anytrue.mdx @@ -0,0 +1,28 @@ +--- +page_title: anytrue - Functions - Configuration Language +description: |- + The anytrue function determines whether any element of a collection + is true or "true". If the collection is empty, it returns false. +--- + +# `anytrue` Function + +`anytrue` returns `true` if any element in a given collection is `true` +or `"true"`. It also returns `false` if the collection is empty. + +```hcl +anytrue(list) +``` + +## Examples + +```command +> anytrue(["true"]) +true +> anytrue([true]) +true +> anytrue([true, false]) +true +> anytrue([]) +false +``` diff --git a/website/data/docs-nav-data.json b/website/data/docs-nav-data.json index 55dfc244e..51b173740 100644 --- a/website/data/docs-nav-data.json +++ b/website/data/docs-nav-data.json @@ -330,6 +330,10 @@ "title": "alltrue", "path": "templates/hcl_templates/functions/collection/alltrue" }, + { + "title": "anytrue", + "path": "templates/hcl_templates/functions/collection/anytrue" + }, { "title": "chunklist", "path": "templates/hcl_templates/functions/collection/chunklist" From 2ff129cd34cccd65893b199cd88b669a2faa8f11 Mon Sep 17 00:00:00 2001 From: Joban <2983844+jobansd@users.noreply.github.com> Date: Fri, 13 Dec 2024 11:40:40 -0500 Subject: [PATCH 025/115] fix(example): make UUIDv4 example RFC compliant # Description The output of the example on [uuidv4 Function](https://developer.hashicorp.com/packer/docs/templates/hcl_templates/functions/uuid/uuidv4) is not a valid RFC compliant UUIDv4. It indicates the usage of the `uuidv4()` function and outputs `b5ee72a3-54dd-c4b8-551c-4bdc0204cedb` which is not a valid UUIDv4. I've corrected the example to output a UUIDv4 conforming to the RFC as such `xxxxxxxx-xxxx-4xxx-Nxxx-xxxxxxxxxxxx`, where: - The 13th character is always `4` (indicating version 4). - The 17th character must be either `8`, `9`, `a`, or `b` (indicating the first character of the variant). # Changes ```diff - b5ee72a3-54dd-c4b8-551c-4bdc0204cedb + 9fc99a70-7cd5-482d-bb2b-03af016e4e94 ``` Replaces the old UUID output with a valid RFC compliant UUIDv4. # References - [RFC 4122](https://datatracker.ietf.org/doc/html/rfc4122) - [RFC 9562](https://datatracker.ietf.org/doc/html/rfc9562) # Misc. To make sure this wasn't an issue with the `uuidv4()` function within Hashicorp's [packer](https://github.com/hashicorp/packer) I tested the function in the following way: ### Command executed: ```ps > .\packer.exe inspect .\uuid.pkr.hcl ``` ### Contents of the _uuid.pkr.hcl_ file: ```hcl locals { uuid_0 = uuidv4() uuid_1 = uuidv4() uuid_2 = uuidv4() uuid_3 = uuidv4() uuid_4 = uuidv4() uuid_5 = uuidv4() uuid_6 = uuidv4() uuid_7 = uuidv4() uuid_8 = uuidv4() uuid_9 = uuidv4() } ``` ### Output: ```ps Packer Inspect: HCL2 mode > input-variables: > local-variables: local.uuid_0: "90877db8-5519-46ea-ae15-7dfb92594064" local.uuid_1: "fe6a4649-97d9-4686-b981-3295175f941a" local.uuid_2: "9944d83d-dab2-4cfb-a1db-572d19271e7a" local.uuid_3: "547cddb7-c979-4b87-90d0-2bd9b68858b5" local.uuid_4: "c13dc47a-552c-4dfb-a75d-2f63bb248b41" local.uuid_5: "3db1ce29-bdde-4642-b010-1a41d47c22a3" local.uuid_6: "4a020460-edd1-471d-b8a2-5956c0c68257" local.uuid_7: "1845bf87-6908-4fc0-8f11-b5b4f36c60a7" local.uuid_8: "f5c7e552-b799-45f3-8172-46162eadfd89" local.uuid_9: "057c2eaf-6769-4a8d-90c8-775aec80496a" > builds: ``` --- .../docs/templates/hcl_templates/functions/uuid/uuidv4.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/docs/templates/hcl_templates/functions/uuid/uuidv4.mdx b/website/content/docs/templates/hcl_templates/functions/uuid/uuidv4.mdx index d3135ae22..3c0317952 100644 --- a/website/content/docs/templates/hcl_templates/functions/uuid/uuidv4.mdx +++ b/website/content/docs/templates/hcl_templates/functions/uuid/uuidv4.mdx @@ -19,7 +19,7 @@ recommend using the `uuidv4` function in resource configurations. ```shell-session > uuidv4() -b5ee72a3-54dd-c4b8-551c-4bdc0204cedb +9fc99a70-7cd5-482d-bb2b-03af016e4e94 ``` ## Related Functions From dddc1fb3562fd3a43560607981a243edaf0b0a08 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Tue, 21 Jan 2025 09:43:08 -0500 Subject: [PATCH 026/115] go.mod: bump Packer plugin SDK to v0.6.0 Since the version 0.6.0 of the plugin SDK was released yesterday, we bump packer to use this version. This change adds new functions to use within Packer regarding AWS secretsmanager, along with changes to how plugins can communicate over-the-wire (e.g. using protobuf/msgpack for serialising configurations instead of gob). --- go.mod | 8 +++++--- go.sum | 12 ++++++++---- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index 364589e5d..7ffca662a 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( github.com/hashicorp/go-version v1.6.0 github.com/hashicorp/hcl/v2 v2.19.1 github.com/hashicorp/hcp-sdk-go v0.131.0 - github.com/hashicorp/packer-plugin-sdk v0.5.4 + github.com/hashicorp/packer-plugin-sdk v0.6.0 github.com/jehiah/go-strftime v0.0.0-20171201141054-1d33003b3869 github.com/klauspost/compress v1.13.6 // indirect github.com/klauspost/pgzip v1.2.5 @@ -85,7 +85,7 @@ require ( github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect github.com/aws/aws-sdk-go v1.44.114 // indirect github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect - github.com/bgentry/speakeasy v0.1.0 // indirect + github.com/bgentry/speakeasy v0.2.0 // indirect github.com/bmatcuk/doublestar v1.1.5 // indirect github.com/cenkalti/backoff/v3 v3.2.2 // indirect github.com/chzyer/test v1.0.0 // indirect @@ -127,7 +127,7 @@ require ( github.com/hashicorp/go-safetemp v1.0.0 // indirect github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 // indirect github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect - github.com/hashicorp/go-sockaddr v1.0.2 // indirect + github.com/hashicorp/go-sockaddr v1.0.7 // indirect github.com/hashicorp/golang-lru v0.5.4 // indirect github.com/hashicorp/hcl v1.0.0 // indirect github.com/hashicorp/serf v0.10.1 // indirect @@ -167,6 +167,8 @@ require ( github.com/tklauser/go-sysconf v0.3.11 // indirect github.com/tklauser/numcpus v0.6.0 // indirect github.com/ugorji/go/codec v1.2.6 // indirect + github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect + github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/yusufpapurcu/wmi v1.2.2 // indirect diff --git a/go.sum b/go.sum index 23401403b..abafd431c 100644 --- a/go.sum +++ b/go.sum @@ -70,8 +70,9 @@ github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+Ce github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= -github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= +github.com/bgentry/speakeasy v0.2.0 h1:tgObeVOf8WAvtuAX6DhJ4xks4CFNwPDZiqzGqIHE51E= +github.com/bgentry/speakeasy v0.2.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/biogo/boom v0.0.0-20150317015657-28119bc1ffc1/go.mod h1:fwtxkutinkQcME9Zlywh66T0jZLLjgrwSLY2WxH2N3U= github.com/biogo/hts v1.4.3 h1:vir2yUTiRkPvtp6ZTpzh9lWTKQJZXJKZ563rpAQAsRM= github.com/biogo/hts v1.4.3/go.mod h1:eW40HJ1l2ExK9C+yvvoRSftInqWsf3ue+zAEjzCGWjA= @@ -275,8 +276,9 @@ github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7ml github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= -github.com/hashicorp/go-sockaddr v1.0.2 h1:ztczhD1jLxIRjVejw8gFomI1BQZOe2WoVOu0SyteCQc= github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A= +github.com/hashicorp/go-sockaddr v1.0.7 h1:G+pTkSO01HpR5qCxg7lxfsFEZaG+C0VssTy/9dbT+Fw= +github.com/hashicorp/go-sockaddr v1.0.7/go.mod h1:FZQbEYa1pxkQ7WLpyXJ6cbjpT8q0YgQaK/JakXqGyWw= github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= @@ -297,8 +299,8 @@ github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO github.com/hashicorp/mdns v1.0.4/go.mod h1:mtBihi+LeNXGtG8L9dX59gAEa12BDtBQSp4v/YAJqrc= github.com/hashicorp/memberlist v0.5.0 h1:EtYPN8DpAURiapus508I4n9CzHs2W+8NZGbmmR/prTM= github.com/hashicorp/memberlist v0.5.0/go.mod h1:yvyXLpo0QaGE59Y7hDTsTzDD25JYBZ4mHgHUZ8lrOI0= -github.com/hashicorp/packer-plugin-sdk v0.5.4 h1:5Bl5DMEa//G4gBNcl842JopM9L4KSSsxpvB4W1lEwIA= -github.com/hashicorp/packer-plugin-sdk v0.5.4/go.mod h1:ALm0ZIK3c/F4iOqPNi7xVuHTgrR5dxzOK+DhFN5DHj4= +github.com/hashicorp/packer-plugin-sdk v0.6.0 h1:v8JdmM1PkkHu3gIUs63UcsgGlD0U3m/7DWG6PxcmOPw= +github.com/hashicorp/packer-plugin-sdk v0.6.0/go.mod h1:bDCCzvZ6lUJjrY7eI+i9lYmGs9NSymdFFQiGluF8dEg= github.com/hashicorp/serf v0.10.1 h1:Z1H2J60yRKvfDYAOZLd2MU0ND4AH/WDz7xYHDWQsIPY= github.com/hashicorp/serf v0.10.1/go.mod h1:yL2t6BqATOLGc5HF7qbFkTfXoPIY0WZdWHfEvMqbG+4= github.com/hashicorp/vault/api v1.14.0 h1:Ah3CFLixD5jmjusOgm8grfN9M0d+Y8fVR2SW0K6pJLU= @@ -520,7 +522,9 @@ github.com/ugorji/go/codec v1.2.6/go.mod h1:V6TCNZ4PHqoHGFZuSG1W8nrCzzdgA2DozYxW github.com/ulikunitz/xz v0.5.6/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= +github.com/vmihailenco/msgpack/v5 v5.3.5 h1:5gO0H1iULLWGhs2H5tbAHIZTV8/cYafcFOr9znI5mJU= github.com/vmihailenco/msgpack/v5 v5.3.5/go.mod h1:7xyJ9e+0+9SaZT0Wt1RGleJXzli6Q/V5KbhBonMG9jc= +github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= From cf6a82fae8a297c25cd0b96564e3c6d5c0dfa407 Mon Sep 17 00:00:00 2001 From: Jenna Goldstrich Date: Tue, 21 Jan 2025 10:18:17 -0800 Subject: [PATCH 027/115] Make error less brittle to fix upcoming error with HCP SDK Go changing how we return 404 error --- internal/hcp/api/errors.go | 17 ++++++++-- internal/hcp/api/errors_test.go | 57 +++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+), 2 deletions(-) create mode 100644 internal/hcp/api/errors_test.go diff --git a/internal/hcp/api/errors.go b/internal/hcp/api/errors.go index cff55fc9e..9568779a1 100644 --- a/internal/hcp/api/errors.go +++ b/internal/hcp/api/errors.go @@ -5,7 +5,8 @@ package api import ( "fmt" - "strings" + "regexp" + "strconv" "google.golang.org/grpc/codes" ) @@ -26,6 +27,8 @@ func (c *ClientError) Error() string { return fmt.Sprintf("status %d: err %v", c.StatusCode, c.Err) } +var errCodeRegex = regexp.MustCompilePOSIX(`[Cc]ode"?:([0-9]+)`) + // CheckErrorCode checks the error string for err for some code and returns true // if the code is found. Ideally this function should use status.FromError // https://pkg.go.dev/google.golang.org/grpc/status#pkg-functions but that @@ -35,5 +38,15 @@ func CheckErrorCode(err error, code codes.Code) bool { return false } - return strings.Contains(err.Error(), fmt.Sprintf("Code:%d", code)) + // If the error string doesn't match the code we're looking for, we + // can ignore it and return false immediately. + matches := errCodeRegex.FindStringSubmatch(err.Error()) + if len(matches) == 0 { + return false + } + + // Safe to ignore the error here since the regex's submatch is always a + // valid integer given the format ([0-9]+) + errCode, _ := strconv.Atoi(matches[1]) + return errCode == int(code) } diff --git a/internal/hcp/api/errors_test.go b/internal/hcp/api/errors_test.go new file mode 100644 index 000000000..fbf64458d --- /dev/null +++ b/internal/hcp/api/errors_test.go @@ -0,0 +1,57 @@ +package api + +import ( + "fmt" + "testing" + + "google.golang.org/grpc/codes" +) + +func TestCheckErrorCode(t *testing.T) { + tests := []struct { + name string + codeString string + expectCode codes.Code + expectSuccess bool + }{ + { + "old format, code matches what is looked for", + `{Code:5,"details":[],"message":"Error: The bucket etc."}`, + codes.Code(5), + true, + }, + { + "old format, code doesn't match what is looked for", + `{Code:55,"details":[],"message":"Error: The bucket etc."}`, + codes.Code(5), + false, + }, + { + "new format, code matches what is looked for", + `{"code":5,"details":[],"message":"Error: The bucket etc."}`, + codes.Code(5), + true, + }, + { + "new format, code doesn't match what is looked for", + `{"code":55,"details":[],"message":"Error: The bucket etc."}`, + codes.Code(5), + false, + }, + { + "bad format, should always be false", + `"ceod":55`, + codes.Code(5), + false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + found := CheckErrorCode(fmt.Errorf(tt.codeString), tt.expectCode) + if found != tt.expectSuccess { + t.Errorf("check error code returned %t, expected %t", found, tt.expectSuccess) + } + }) + } +} From 9f3e32b9fcb8b9fd611f28ce5cb2db969e7cc0bd Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Fri, 20 Dec 2024 10:48:13 -0500 Subject: [PATCH 028/115] hcl2template: add support for raw aws secrets As the SDK now supports it in the context of legacy templating engine, we add support in HCL2 for the aws_secretsmanager_raw function, which gets the raw value of a secret from aws secrets manager. --- hcl2template/function/aws_secretetkey.go | 27 ++++ hcl2template/functions.go | 191 ++++++++++++----------- 2 files changed, 123 insertions(+), 95 deletions(-) diff --git a/hcl2template/function/aws_secretetkey.go b/hcl2template/function/aws_secretetkey.go index 4684c9bf2..37fdc988d 100644 --- a/hcl2template/function/aws_secretetkey.go +++ b/hcl2template/function/aws_secretetkey.go @@ -40,3 +40,30 @@ var AWSSecret = function.New(&function.Spec{ return cty.StringVal(val), err }, }) + +// AWSSecret constructs a function that retrieves secrets from aws secrets +// manager. +// +// Contrary to AWSSecret, it does not accept a key, and instead returns the raw +// value of the secret at all times, i.e. if it's plaintext it will return the +// value, and if it's a key/value secret, the raw JSON will be returned. +var AWSSecretRaw = function.New(&function.Spec{ + Params: []function.Parameter{ + { + Name: "name", + Description: "The name of the secret to fetch", + Type: cty.String, + AllowNull: false, + AllowUnknown: false, + }, + }, + Type: function.StaticReturnType(cty.String), + Impl: func(args []cty.Value, retType cty.Type) (cty.Value, error) { + name := args[0].AsString() + val, err := commontpl.GetRawAWSSecret(name) + if err != nil { + return cty.NullVal(cty.String), err + } + return cty.StringVal(val), nil + }, +}) diff --git a/hcl2template/functions.go b/hcl2template/functions.go index 4719a15a2..81ee6e28d 100644 --- a/hcl2template/functions.go +++ b/hcl2template/functions.go @@ -32,101 +32,102 @@ import ( func Functions(basedir string) map[string]function.Function { funcs := map[string]function.Function{ - "abs": stdlib.AbsoluteFunc, - "abspath": filesystem.AbsPathFunc, - "alltrue": pkrfunction.AllTrue, - "anytrue": pkrfunction.AnyTrue, - "aws_secretsmanager": pkrfunction.AWSSecret, - "basename": filesystem.BasenameFunc, - "base64decode": encoding.Base64DecodeFunc, - "base64encode": encoding.Base64EncodeFunc, - "base64gzip": pkrfunction.Base64GzipFunc, - "bcrypt": crypto.BcryptFunc, - "can": tryfunc.CanFunc, - "ceil": stdlib.CeilFunc, - "chomp": stdlib.ChompFunc, - "chunklist": stdlib.ChunklistFunc, - "cidrhost": cidr.HostFunc, - "cidrnetmask": cidr.NetmaskFunc, - "cidrsubnet": cidr.SubnetFunc, - "cidrsubnets": cidr.SubnetsFunc, - "coalesce": collection.CoalesceFunc, - "coalescelist": stdlib.CoalesceListFunc, - "compact": stdlib.CompactFunc, - "concat": stdlib.ConcatFunc, - "consul_key": pkrfunction.ConsulFunc, - "contains": stdlib.ContainsFunc, - "convert": typeexpr.ConvertFunc, - "csvdecode": stdlib.CSVDecodeFunc, - "dirname": filesystem.DirnameFunc, - "distinct": stdlib.DistinctFunc, - "element": stdlib.ElementFunc, - "file": filesystem.MakeFileFunc(basedir, false), - "fileexists": filesystem.MakeFileExistsFunc(basedir), - "fileset": filesystem.MakeFileSetFunc(basedir), - "flatten": stdlib.FlattenFunc, - "floor": stdlib.FloorFunc, - "format": stdlib.FormatFunc, - "formatdate": stdlib.FormatDateFunc, - "formatlist": stdlib.FormatListFunc, - "indent": stdlib.IndentFunc, - "index": pkrfunction.IndexFunc, // stdlib.IndexFunc is not compatible - "join": stdlib.JoinFunc, - "jsondecode": stdlib.JSONDecodeFunc, - "jsonencode": stdlib.JSONEncodeFunc, - "keys": stdlib.KeysFunc, - "legacy_isotime": pkrfunction.LegacyIsotimeFunc, - "legacy_strftime": pkrfunction.LegacyStrftimeFunc, - "length": pkrfunction.LengthFunc, - "log": stdlib.LogFunc, - "lookup": stdlib.LookupFunc, - "lower": stdlib.LowerFunc, - "max": stdlib.MaxFunc, - "md5": crypto.Md5Func, - "merge": stdlib.MergeFunc, - "min": stdlib.MinFunc, - "parseint": stdlib.ParseIntFunc, - "pathexpand": filesystem.PathExpandFunc, - "pow": stdlib.PowFunc, - "range": stdlib.RangeFunc, - "reverse": stdlib.ReverseListFunc, - "replace": stdlib.ReplaceFunc, - "regex": stdlib.RegexFunc, - "regexall": stdlib.RegexAllFunc, - "regex_replace": stdlib.RegexReplaceFunc, - "rsadecrypt": crypto.RsaDecryptFunc, - "setintersection": stdlib.SetIntersectionFunc, - "setproduct": stdlib.SetProductFunc, - "setunion": stdlib.SetUnionFunc, - "sha1": crypto.Sha1Func, - "sha256": crypto.Sha256Func, - "sha512": crypto.Sha512Func, - "signum": stdlib.SignumFunc, - "slice": stdlib.SliceFunc, - "sort": stdlib.SortFunc, - "split": stdlib.SplitFunc, - "strcontains": pkrfunction.StrContains, - "strrev": stdlib.ReverseFunc, - "substr": stdlib.SubstrFunc, - "textdecodebase64": TextDecodeBase64Func, - "textencodebase64": TextEncodeBase64Func, - "timestamp": pkrfunction.TimestampFunc, - "timeadd": stdlib.TimeAddFunc, - "title": stdlib.TitleFunc, - "trim": stdlib.TrimFunc, - "trimprefix": stdlib.TrimPrefixFunc, - "trimspace": stdlib.TrimSpaceFunc, - "trimsuffix": stdlib.TrimSuffixFunc, - "try": tryfunc.TryFunc, - "upper": stdlib.UpperFunc, - "urlencode": encoding.URLEncodeFunc, - "uuidv4": uuid.V4Func, - "uuidv5": uuid.V5Func, - "values": stdlib.ValuesFunc, - "vault": pkrfunction.VaultFunc, - "yamldecode": ctyyaml.YAMLDecodeFunc, - "yamlencode": ctyyaml.YAMLEncodeFunc, - "zipmap": stdlib.ZipmapFunc, + "abs": stdlib.AbsoluteFunc, + "abspath": filesystem.AbsPathFunc, + "alltrue": pkrfunction.AllTrue, + "anytrue": pkrfunction.AnyTrue, + "aws_secretsmanager": pkrfunction.AWSSecret, + "aws_secretsmanager_raw": pkrfunction.AWSSecretRaw, + "basename": filesystem.BasenameFunc, + "base64decode": encoding.Base64DecodeFunc, + "base64encode": encoding.Base64EncodeFunc, + "base64gzip": pkrfunction.Base64GzipFunc, + "bcrypt": crypto.BcryptFunc, + "can": tryfunc.CanFunc, + "ceil": stdlib.CeilFunc, + "chomp": stdlib.ChompFunc, + "chunklist": stdlib.ChunklistFunc, + "cidrhost": cidr.HostFunc, + "cidrnetmask": cidr.NetmaskFunc, + "cidrsubnet": cidr.SubnetFunc, + "cidrsubnets": cidr.SubnetsFunc, + "coalesce": collection.CoalesceFunc, + "coalescelist": stdlib.CoalesceListFunc, + "compact": stdlib.CompactFunc, + "concat": stdlib.ConcatFunc, + "consul_key": pkrfunction.ConsulFunc, + "contains": stdlib.ContainsFunc, + "convert": typeexpr.ConvertFunc, + "csvdecode": stdlib.CSVDecodeFunc, + "dirname": filesystem.DirnameFunc, + "distinct": stdlib.DistinctFunc, + "element": stdlib.ElementFunc, + "file": filesystem.MakeFileFunc(basedir, false), + "fileexists": filesystem.MakeFileExistsFunc(basedir), + "fileset": filesystem.MakeFileSetFunc(basedir), + "flatten": stdlib.FlattenFunc, + "floor": stdlib.FloorFunc, + "format": stdlib.FormatFunc, + "formatdate": stdlib.FormatDateFunc, + "formatlist": stdlib.FormatListFunc, + "indent": stdlib.IndentFunc, + "index": pkrfunction.IndexFunc, // stdlib.IndexFunc is not compatible + "join": stdlib.JoinFunc, + "jsondecode": stdlib.JSONDecodeFunc, + "jsonencode": stdlib.JSONEncodeFunc, + "keys": stdlib.KeysFunc, + "legacy_isotime": pkrfunction.LegacyIsotimeFunc, + "legacy_strftime": pkrfunction.LegacyStrftimeFunc, + "length": pkrfunction.LengthFunc, + "log": stdlib.LogFunc, + "lookup": stdlib.LookupFunc, + "lower": stdlib.LowerFunc, + "max": stdlib.MaxFunc, + "md5": crypto.Md5Func, + "merge": stdlib.MergeFunc, + "min": stdlib.MinFunc, + "parseint": stdlib.ParseIntFunc, + "pathexpand": filesystem.PathExpandFunc, + "pow": stdlib.PowFunc, + "range": stdlib.RangeFunc, + "reverse": stdlib.ReverseListFunc, + "replace": stdlib.ReplaceFunc, + "regex": stdlib.RegexFunc, + "regexall": stdlib.RegexAllFunc, + "regex_replace": stdlib.RegexReplaceFunc, + "rsadecrypt": crypto.RsaDecryptFunc, + "setintersection": stdlib.SetIntersectionFunc, + "setproduct": stdlib.SetProductFunc, + "setunion": stdlib.SetUnionFunc, + "sha1": crypto.Sha1Func, + "sha256": crypto.Sha256Func, + "sha512": crypto.Sha512Func, + "signum": stdlib.SignumFunc, + "slice": stdlib.SliceFunc, + "sort": stdlib.SortFunc, + "split": stdlib.SplitFunc, + "strcontains": pkrfunction.StrContains, + "strrev": stdlib.ReverseFunc, + "substr": stdlib.SubstrFunc, + "textdecodebase64": TextDecodeBase64Func, + "textencodebase64": TextEncodeBase64Func, + "timestamp": pkrfunction.TimestampFunc, + "timeadd": stdlib.TimeAddFunc, + "title": stdlib.TitleFunc, + "trim": stdlib.TrimFunc, + "trimprefix": stdlib.TrimPrefixFunc, + "trimspace": stdlib.TrimSpaceFunc, + "trimsuffix": stdlib.TrimSuffixFunc, + "try": tryfunc.TryFunc, + "upper": stdlib.UpperFunc, + "urlencode": encoding.URLEncodeFunc, + "uuidv4": uuid.V4Func, + "uuidv5": uuid.V5Func, + "values": stdlib.ValuesFunc, + "vault": pkrfunction.VaultFunc, + "yamldecode": ctyyaml.YAMLDecodeFunc, + "yamlencode": ctyyaml.YAMLEncodeFunc, + "zipmap": stdlib.ZipmapFunc, } funcs["templatefile"] = pkrfunction.MakeTemplateFileFunc(basedir, func() map[string]function.Function { From 9f6f0ba6a2c4ec8c6e2232097646d796a9c9340d Mon Sep 17 00:00:00 2001 From: Lucas Bajolet <105649352+lbajolet-hashicorp@users.noreply.github.com> Date: Wed, 24 Jul 2024 16:58:13 -0400 Subject: [PATCH 029/115] packer: pick protobuf/gob for serialisation (#13025) As we're trying to move away from gob for serialising data over the wire, this commit adds the capability for Packer to pick dynamically between gob or protobuf for the serialisation format to communicate with plugins. As it stands, if all the plugins discovered are compatible with protobuf, and we have not forced gob usage, protobuf will be the serialisation format picked. If any plugin is not compatible with protobuf, gob will be used for communicating with all the plugins that will be used over the course of a command. --- command/build.go | 5 +++ command/execute.go | 55 ++++++++++++++++++++++------ command/validate.go | 5 +++ config.go | 52 ++++++++++++++++++--------- go.mod | 2 +- go.sum | 10 +++--- packer/plugin.go | 71 ++++++++++++++++++++++++++++++++++--- packer/plugin_client.go | 1 + scripts/generate-plugins.go | 57 +++++++++++++++++++++++------ 9 files changed, 213 insertions(+), 45 deletions(-) diff --git a/command/build.go b/command/build.go index 58b548b00..f7be3a102 100644 --- a/command/build.go +++ b/command/build.go @@ -105,6 +105,11 @@ func (c *BuildCommand) RunContext(buildCtx context.Context, cla *BuildArgs) int diags = packerStarter.Initialize(packer.InitializeOptions{ UseSequential: cla.UseSequential, }) + + if packer.PackerUseProto { + log.Printf("[TRACE] Using protobuf for communication with plugins") + } + ret = writeDiags(c.Ui, nil, diags) if ret != 0 { return ret diff --git a/command/execute.go b/command/execute.go index 7ad74f314..ccecf28f8 100644 --- a/command/execute.go +++ b/command/execute.go @@ -5,8 +5,8 @@ package command import ( + "flag" "fmt" - "log" "regexp" "strings" @@ -75,18 +75,45 @@ var Datasources = map[string]packersdk.Datasource{ var pluginRegexp = regexp.MustCompile("packer-(builder|post-processor|provisioner|datasource)-(.+)") -func (c *ExecuteCommand) Run(args []string) int { - // This is an internal call (users should not call this directly) so we're - // not going to do much input validation. If there's a problem we'll often - // just crash. Error handling should be added to facilitate debugging. - log.Printf("args: %#v", args) +type ExecuteArgs struct { + UseProtobuf bool + CommandType string +} + +func (ea *ExecuteArgs) AddFlagSets(flags *flag.FlagSet) { + flags.BoolVar(&ea.UseProtobuf, "protobuf", false, "Use protobuf for serialising data over the wire instead of gob") +} + +func (c *ExecuteCommand) ParseArgs(args []string) (*ExecuteArgs, int) { + var cfg ExecuteArgs + flags := c.Meta.FlagSet("") + flags.Usage = func() { c.Ui.Say(c.Help()) } + cfg.AddFlagSets(flags) + if err := flags.Parse(args); err != nil { + return &cfg, 1 + } + + args = flags.Args() if len(args) != 1 { - c.Ui.Error(c.Help()) - return 1 + flags.Usage() + return &cfg, 1 } + cfg.CommandType = args[0] + return &cfg, 0 +} +func (c *ExecuteCommand) Run(args []string) int { + cfg, ret := c.ParseArgs(args) + if ret != 0 { + return ret + } + + return c.RunContext(cfg) +} + +func (c *ExecuteCommand) RunContext(args *ExecuteArgs) int { // Plugin will match something like "packer-builder-amazon-ebs" - parts := pluginRegexp.FindStringSubmatch(args[0]) + parts := pluginRegexp.FindStringSubmatch(args.CommandType) if len(parts) != 3 { c.Ui.Error(c.Help()) return 1 @@ -100,6 +127,10 @@ func (c *ExecuteCommand) Run(args []string) int { return 1 } + if args.UseProtobuf { + server.UseProto = true + } + switch pluginType { case "builder": builder, found := Builders[pluginName] @@ -138,11 +169,15 @@ func (c *ExecuteCommand) Run(args []string) int { func (*ExecuteCommand) Help() string { helpText := ` -Usage: packer execute PLUGIN +Usage: packer execute [options] PLUGIN Runs an internally-compiled version of a plugin from the packer binary. NOTE: this is an internal command and you should not call it yourself. + +Options: + + --protobuf: use protobuf for serialising data over-the-wire instead of gob. ` return strings.TrimSpace(helpText) diff --git a/command/validate.go b/command/validate.go index f3f6df378..2f774f3f0 100644 --- a/command/validate.go +++ b/command/validate.go @@ -5,6 +5,7 @@ package command import ( "context" + "log" "strings" "github.com/hashicorp/packer/packer" @@ -76,6 +77,10 @@ func (c *ValidateCommand) RunContext(ctx context.Context, cla *ValidateArgs) int return ret } + if packer.PackerUseProto { + log.Printf("[TRACE] Using protobuf for communication with plugins") + } + diags = packerStarter.Initialize(packer.InitializeOptions{ SkipDatasourcesExecution: !cla.EvaluateDatasources, UseSequential: cla.UseSequential, diff --git a/config.go b/config.go index 35ce6acd9..96327d1d2 100644 --- a/config.go +++ b/config.go @@ -16,10 +16,6 @@ import ( "github.com/hashicorp/packer/packer" ) -// PACKERSPACE is used to represent the spaces that separate args for a command -// without being confused with spaces in the path to the command itself. -const PACKERSPACE = "-PACKERSPACE-" - type config struct { DisableCheckpoint bool `json:"disable_checkpoint"` DisableCheckpointSignature bool `json:"disable_checkpoint_signature"` @@ -109,10 +105,16 @@ func (c *config) discoverInternalComponents() error { for builder := range command.Builders { builder := builder if !c.Plugins.Builders.Has(builder) { - bin := fmt.Sprintf("%s%sexecute%spacker-builder-%s", - packerPath, PACKERSPACE, PACKERSPACE, builder) c.Plugins.Builders.Set(builder, func() (packersdk.Builder, error) { - return c.Plugins.Client(bin).Builder() + args := []string{"execute"} + + if packer.PackerUseProto { + args = append(args, "--protobuf") + } + + args = append(args, fmt.Sprintf("packer-builder-%s", builder)) + + return c.Plugins.Client(packerPath, args...).Builder() }) } } @@ -120,10 +122,16 @@ func (c *config) discoverInternalComponents() error { for provisioner := range command.Provisioners { provisioner := provisioner if !c.Plugins.Provisioners.Has(provisioner) { - bin := fmt.Sprintf("%s%sexecute%spacker-provisioner-%s", - packerPath, PACKERSPACE, PACKERSPACE, provisioner) c.Plugins.Provisioners.Set(provisioner, func() (packersdk.Provisioner, error) { - return c.Plugins.Client(bin).Provisioner() + args := []string{"execute"} + + if packer.PackerUseProto { + args = append(args, "--protobuf") + } + + args = append(args, fmt.Sprintf("packer-provisioner-%s", provisioner)) + + return c.Plugins.Client(packerPath, args...).Provisioner() }) } } @@ -131,10 +139,16 @@ func (c *config) discoverInternalComponents() error { for postProcessor := range command.PostProcessors { postProcessor := postProcessor if !c.Plugins.PostProcessors.Has(postProcessor) { - bin := fmt.Sprintf("%s%sexecute%spacker-post-processor-%s", - packerPath, PACKERSPACE, PACKERSPACE, postProcessor) c.Plugins.PostProcessors.Set(postProcessor, func() (packersdk.PostProcessor, error) { - return c.Plugins.Client(bin).PostProcessor() + args := []string{"execute"} + + if packer.PackerUseProto { + args = append(args, "--protobuf") + } + + args = append(args, fmt.Sprintf("packer-post-processor-%s", postProcessor)) + + return c.Plugins.Client(packerPath, args...).PostProcessor() }) } } @@ -142,10 +156,16 @@ func (c *config) discoverInternalComponents() error { for dataSource := range command.Datasources { dataSource := dataSource if !c.Plugins.DataSources.Has(dataSource) { - bin := fmt.Sprintf("%s%sexecute%spacker-datasource-%s", - packerPath, PACKERSPACE, PACKERSPACE, dataSource) c.Plugins.DataSources.Set(dataSource, func() (packersdk.Datasource, error) { - return c.Plugins.Client(bin).Datasource() + args := []string{"execute"} + + if packer.PackerUseProto { + args = append(args, "--protobuf") + } + + args = append(args, fmt.Sprintf("packer-datasource-%s", dataSource)) + + return c.Plugins.Client(packerPath, args...).Datasource() }) } } diff --git a/go.mod b/go.mod index 7ffca662a..f3d46995f 100644 --- a/go.mod +++ b/go.mod @@ -83,7 +83,7 @@ require ( github.com/armon/go-metrics v0.4.1 // indirect github.com/armon/go-radix v1.0.0 // indirect github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect - github.com/aws/aws-sdk-go v1.44.114 // indirect + github.com/aws/aws-sdk-go v1.45.6 // indirect github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect github.com/bgentry/speakeasy v0.2.0 // indirect github.com/bmatcuk/doublestar v1.1.5 // indirect diff --git a/go.sum b/go.sum index abafd431c..ebb273a42 100644 --- a/go.sum +++ b/go.sum @@ -63,8 +63,8 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= -github.com/aws/aws-sdk-go v1.44.114 h1:plIkWc/RsHr3DXBj4MEw9sEW4CcL/e2ryokc+CKyq1I= -github.com/aws/aws-sdk-go v1.44.114/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= +github.com/aws/aws-sdk-go v1.45.6 h1:Y2isQQBZsnO15dzUQo9YQRThtHgrV200XCH05BRHVJI= +github.com/aws/aws-sdk-go v1.45.6/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= @@ -596,8 +596,8 @@ golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy7fQ90B1CfIiPueXVOjqfkSzI8= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -639,13 +639,13 @@ golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -653,6 +653,7 @@ golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -661,6 +662,7 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= diff --git a/packer/plugin.go b/packer/plugin.go index 79326f23a..15d769014 100644 --- a/packer/plugin.go +++ b/packer/plugin.go @@ -30,6 +30,9 @@ type PluginConfig struct { PostProcessors PostProcessorSet DataSources DatasourceSet ReleasesOnly bool + // UseProtobuf is set if all the plugin candidates support protobuf, and + // the user has not forced usage of gob for serialisation. + UseProtobuf bool } // PACKERSPACE is used to represent the spaces that separate args for a command @@ -118,6 +121,10 @@ func (c *PluginConfig) Discover() error { return nil } +const ForceGobEnvvar = "PACKER_FORCE_GOB" + +var PackerUseProto = true + // DiscoverMultiPlugin takes the description from a multi-component plugin // binary and makes the plugins available to use in Packer. Each plugin found in the // binary will be addressable using `${pluginName}-${builderName}` for example. @@ -131,6 +138,18 @@ func (c *PluginConfig) DiscoverMultiPlugin(pluginName, pluginPath string) error return fmt.Errorf("failed to get plugin description from executable %q: %s", pluginPath, err) } + canProto := desc.ProtocolVersion == "v2" + if os.Getenv(ForceGobEnvvar) != "" && os.Getenv(ForceGobEnvvar) != "0" { + canProto = false + } + + // Keeps track of whether or not the plugin had components registered + // + // If no components are registered, we don't need to clamp usage of + // protobuf regardless if the plugin supports it or not, as we won't + // use it at all. + registered := false + pluginPrefix := pluginName + "-" pluginDetails := PluginDetails{ Name: pluginName, @@ -147,8 +166,17 @@ func (c *PluginConfig) DiscoverMultiPlugin(pluginName, pluginPath string) error if c.Builders.Has(key) { continue } + registered = true + c.Builders.Set(key, func() (packersdk.Builder, error) { - return c.Client(pluginPath, "start", "builder", builderName).Builder() + args := []string{"start", "builder"} + + if PackerUseProto { + args = append(args, "--protobuf") + } + args = append(args, builderName) + + return c.Client(pluginPath, args...).Builder() }) GlobalPluginsDetailsStore.SetBuilder(key, pluginDetails) } @@ -166,8 +194,17 @@ func (c *PluginConfig) DiscoverMultiPlugin(pluginName, pluginPath string) error if c.PostProcessors.Has(key) { continue } + registered = true + c.PostProcessors.Set(key, func() (packersdk.PostProcessor, error) { - return c.Client(pluginPath, "start", "post-processor", postProcessorName).PostProcessor() + args := []string{"start", "post-processor"} + + if PackerUseProto { + args = append(args, "--protobuf") + } + args = append(args, postProcessorName) + + return c.Client(pluginPath, args...).PostProcessor() }) GlobalPluginsDetailsStore.SetPostProcessor(key, pluginDetails) } @@ -185,8 +222,17 @@ func (c *PluginConfig) DiscoverMultiPlugin(pluginName, pluginPath string) error if c.Provisioners.Has(key) { continue } + registered = true + c.Provisioners.Set(key, func() (packersdk.Provisioner, error) { - return c.Client(pluginPath, "start", "provisioner", provisionerName).Provisioner() + args := []string{"start", "provisioner"} + + if PackerUseProto { + args = append(args, "--protobuf") + } + args = append(args, provisionerName) + + return c.Client(pluginPath, args...).Provisioner() }) GlobalPluginsDetailsStore.SetProvisioner(key, pluginDetails) @@ -204,8 +250,17 @@ func (c *PluginConfig) DiscoverMultiPlugin(pluginName, pluginPath string) error if c.DataSources.Has(key) { continue } + registered = true + c.DataSources.Set(key, func() (packersdk.Datasource, error) { - return c.Client(pluginPath, "start", "datasource", datasourceName).Datasource() + args := []string{"start", "datasource"} + + if PackerUseProto { + args = append(args, "--protobuf") + } + args = append(args, datasourceName) + + return c.Client(pluginPath, args...).Datasource() }) GlobalPluginsDetailsStore.SetDataSource(key, pluginDetails) } @@ -213,6 +268,14 @@ func (c *PluginConfig) DiscoverMultiPlugin(pluginName, pluginPath string) error log.Printf("found external %v datasource from %s plugin", desc.Datasources, pluginName) } + // Only print the log once, for the plugin that triggers that + // limitation in functionality. Otherwise this could be a bit + // verbose to print it for each non-compatible plugin. + if registered && !canProto && PackerUseProto { + log.Printf("plugin %q does not support Protobuf, forcing use of Gob", pluginPath) + PackerUseProto = false + } + return nil } diff --git a/packer/plugin_client.go b/packer/plugin_client.go index e230edddb..dcd394bdf 100644 --- a/packer/plugin_client.go +++ b/packer/plugin_client.go @@ -417,6 +417,7 @@ func (c *PluginClient) Client() (*packerrpc.Client, error) { conn.Close() return nil, err } + client.UseProto = PackerUseProto return client, nil } diff --git a/scripts/generate-plugins.go b/scripts/generate-plugins.go index b31306ae1..09b3cb27b 100755 --- a/scripts/generate-plugins.go +++ b/scripts/generate-plugins.go @@ -266,14 +266,15 @@ const source = `// package command import ( + "flag" "fmt" - "log" "regexp" "strings" "github.com/hashicorp/packer/packer" packersdk "github.com/hashicorp/packer-plugin-sdk/packer" "github.com/hashicorp/packer-plugin-sdk/plugin" + "github.com/hashicorp/packer-plugin-sdk/rpc" IMPORTS ) @@ -292,18 +293,46 @@ DATASOURCES var pluginRegexp = regexp.MustCompile("packer-(builder|post-processor|provisioner|datasource)-(.+)") -func (c *ExecuteCommand) Run(args []string) int { - // This is an internal call (users should not call this directly) so we're - // not going to do much input validation. If there's a problem we'll often - // just crash. Error handling should be added to facilitate debugging. - log.Printf("args: %#v", args) +type ExecuteArgs struct { + UseProtobuf bool + CommandType string +} + +func (ea *ExecuteArgs) AddFlagSets(flags *flag.FlagSet) { + flags.BoolVar(&ea.UseProtobuf, "protobuf", false, "Use protobuf for serialising data over the wire instead of gob") +} + +func (c *ExecuteCommand) ParseArgs(args []string) (*ExecuteArgs, int) { + var cfg ExecuteArgs + flags := c.Meta.FlagSet("") + flags.Usage = func() { c.Ui.Say(c.Help()) } + cfg.AddFlagSets(flags) + if err := flags.Parse(args); err != nil { + return &cfg, 1 + } + + args = flags.Args() if len(args) != 1 { - c.Ui.Error(c.Help()) - return 1 + flags.Usage() + return &cfg, 1 } + cfg.CommandType = args[0] + return &cfg, 0 +} +func (c *ExecuteCommand) Run(args []string) int { + cfg, ret := c.ParseArgs(args) + if ret != 0 { + return ret + } + + return c.RunContext(cfg) +} + + +func (c *ExecuteCommand) RunContext(args *ExecuteArgs) int { // Plugin will match something like "packer-builder-amazon-ebs" - parts := pluginRegexp.FindStringSubmatch(args[0]) + parts := pluginRegexp.FindStringSubmatch(args.CommandType) if len(parts) != 3 { c.Ui.Error(c.Help()) return 1 @@ -317,6 +346,10 @@ func (c *ExecuteCommand) Run(args []string) int { return 1 } + if args.UseProtobuf { + server.UseProto = true + } + switch pluginType { case "builder": builder, found := Builders[pluginName] @@ -355,11 +388,15 @@ func (c *ExecuteCommand) Run(args []string) int { func (*ExecuteCommand) Help() string { helpText := ` + "`" + ` -Usage: packer execute PLUGIN +Usage: packer execute [options] PLUGIN Runs an internally-compiled version of a plugin from the packer binary. NOTE: this is an internal command and you should not call it yourself. + +Options: + + --protobuf: use protobuf for serialising data over-the-wire instead of gob. ` + "`" + ` return strings.TrimSpace(helpText) From 56400f27cbaf49dd1027499f8d04655a21278393 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Tue, 6 Aug 2024 11:00:08 -0400 Subject: [PATCH 030/115] packer_test: add gob/pb test suite With the draft to support both gob and protobuf as serialisation formats for Packer, along with the SDK changes that propel them, we add a series of tests that make sure the logic that picks which protocol is solid and functional. These tests rely on building several versions of the tester plugin, with and without protobuf support, to then install them in the tests as needed to test the logic of Packer using packer build with them, and templates that require multiple plugins. --- packer_test/common/plugin_tester/go.mod | 45 +++-- packer_test/common/plugin_tester/go.sum | 120 ++++++------ packer_test/plugin_tests/gob_pb_test.go | 179 ++++++++++++++++++ packer_test/plugin_tests/gob_test_suite.go | 38 ++++ .../templates/internal_only.pkr.hcl | 7 + .../templates/test_both_plugins.pkr.hcl | 22 +++ .../templates/test_one_pinned_plugin.pkr.hcl | 16 ++ .../templates/test_one_plugin.pkr.hcl | 16 ++ 8 files changed, 366 insertions(+), 77 deletions(-) create mode 100644 packer_test/plugin_tests/gob_pb_test.go create mode 100644 packer_test/plugin_tests/gob_test_suite.go create mode 100644 packer_test/plugin_tests/templates/internal_only.pkr.hcl create mode 100644 packer_test/plugin_tests/templates/test_both_plugins.pkr.hcl create mode 100644 packer_test/plugin_tests/templates/test_one_pinned_plugin.pkr.hcl create mode 100644 packer_test/plugin_tests/templates/test_one_plugin.pkr.hcl diff --git a/packer_test/common/plugin_tester/go.mod b/packer_test/common/plugin_tester/go.mod index de79c1f60..8f999b124 100644 --- a/packer_test/common/plugin_tester/go.mod +++ b/packer_test/common/plugin_tester/go.mod @@ -1,19 +1,19 @@ module github.com/hashicorp/packer-plugin-tester -go 1.20 +go 1.21.0 require ( github.com/hashicorp/hcl/v2 v2.19.1 - github.com/hashicorp/packer-plugin-sdk v0.5.3 + github.com/hashicorp/packer-plugin-sdk v0.5.4 github.com/zclconf/go-cty v1.13.3 ) require ( - cloud.google.com/go v0.110.0 // indirect - cloud.google.com/go/compute v1.19.1 // indirect + cloud.google.com/go v0.110.8 // indirect + cloud.google.com/go/compute v1.23.1 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect - cloud.google.com/go/iam v0.13.0 // indirect - cloud.google.com/go/storage v1.28.1 // indirect + cloud.google.com/go/iam v1.1.3 // indirect + cloud.google.com/go/storage v1.35.1 // indirect github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c // indirect github.com/ChrisTrenkamp/goxpath v0.0.0-20210404020558-97928f7e12b6 // indirect github.com/agext/levenshtein v1.2.3 // indirect @@ -25,21 +25,21 @@ require ( github.com/cenkalti/backoff/v3 v3.2.2 // indirect github.com/dylanmei/iso8601 v0.1.0 // indirect github.com/fatih/color v1.16.0 // indirect - github.com/go-jose/go-jose/v3 v3.0.3 // indirect + github.com/go-jose/go-jose/v4 v4.0.1 // indirect github.com/gofrs/flock v0.8.1 // indirect github.com/gofrs/uuid v4.0.0+incompatible // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect - github.com/google/go-cmp v0.5.9 // indirect - github.com/google/uuid v1.3.0 // indirect - github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect - github.com/googleapis/gax-go/v2 v2.7.1 // indirect + github.com/google/s2a-go v0.1.7 // indirect + github.com/google/uuid v1.4.0 // indirect + github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect + github.com/googleapis/gax-go/v2 v2.12.0 // indirect github.com/hashicorp/consul/api v1.25.1 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect - github.com/hashicorp/go-getter/gcs/v2 v2.2.1 // indirect - github.com/hashicorp/go-getter/s3/v2 v2.2.1 // indirect - github.com/hashicorp/go-getter/v2 v2.2.1 // indirect + github.com/hashicorp/go-getter/gcs/v2 v2.2.2 // indirect + github.com/hashicorp/go-getter/s3/v2 v2.2.2 // indirect + github.com/hashicorp/go-getter/v2 v2.2.2 // indirect github.com/hashicorp/go-hclog v1.6.3 // indirect github.com/hashicorp/go-immutable-radix v1.3.1 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect @@ -48,12 +48,12 @@ require ( github.com/hashicorp/go-safetemp v1.0.0 // indirect github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 // indirect github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect - github.com/hashicorp/go-sockaddr v1.0.2 // indirect + github.com/hashicorp/go-sockaddr v1.0.7 // indirect github.com/hashicorp/go-version v1.6.0 // indirect github.com/hashicorp/golang-lru v0.5.4 // indirect github.com/hashicorp/hcl v1.0.0 // indirect github.com/hashicorp/serf v0.10.1 // indirect - github.com/hashicorp/vault/api v1.10.0 // indirect + github.com/hashicorp/vault/api v1.14.0 // indirect github.com/hashicorp/yamux v0.1.1 // indirect github.com/jehiah/go-strftime v0.0.0-20171201141054-1d33003b3869 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect @@ -80,16 +80,19 @@ require ( golang.org/x/crypto v0.31.0 // indirect golang.org/x/exp v0.0.0-20230321023759-10a507213a29 // indirect golang.org/x/net v0.33.0 // indirect - golang.org/x/oauth2 v0.7.0 // indirect + golang.org/x/oauth2 v0.13.0 // indirect + golang.org/x/sync v0.10.0 // indirect golang.org/x/sys v0.28.0 // indirect golang.org/x/term v0.27.0 // indirect golang.org/x/text v0.21.0 // indirect - golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect + golang.org/x/time v0.3.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect - google.golang.org/api v0.114.0 // indirect + google.golang.org/api v0.150.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect - google.golang.org/grpc v1.56.3 // indirect + google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20231030173426-d783a09b4405 // indirect + google.golang.org/grpc v1.59.0 // indirect google.golang.org/protobuf v1.33.0 // indirect gopkg.in/yaml.v2 v2.3.0 // indirect ) diff --git a/packer_test/common/plugin_tester/go.sum b/packer_test/common/plugin_tester/go.sum index 18fdc4668..5bb546588 100644 --- a/packer_test/common/plugin_tester/go.sum +++ b/packer_test/common/plugin_tester/go.sum @@ -1,15 +1,14 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.110.0 h1:Zc8gqp3+a9/Eyph2KDmcGaPtbKRIoqq4YTlL4NMD0Ys= -cloud.google.com/go v0.110.0/go.mod h1:SJnCLqQ0FCFGSZMUNUf84MV3Aia54kn7pi8st7tMzaY= -cloud.google.com/go/compute v1.19.1 h1:am86mquDUgjGNWxiGn+5PGLbmgiWXlE/yNWpIpNvuXY= -cloud.google.com/go/compute v1.19.1/go.mod h1:6ylj3a05WF8leseCdIf77NK0g1ey+nj5IKd5/kvShxE= +cloud.google.com/go v0.110.8 h1:tyNdfIxjzaWctIiLYOTalaLKZ17SI44SKFW26QbOhME= +cloud.google.com/go v0.110.8/go.mod h1:Iz8AkXJf1qmxC3Oxoep8R1T36w8B92yU29PcBhHO5fk= +cloud.google.com/go/compute v1.23.1 h1:V97tBoDaZHb6leicZ1G6DLK2BAaZLJ/7+9BB/En3hR0= +cloud.google.com/go/compute v1.23.1/go.mod h1:CqB3xpmPKKt3OJpW2ndFIXnA9A4xAy/F3Xp1ixncW78= cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= -cloud.google.com/go/iam v0.13.0 h1:+CmB+K0J/33d0zSQ9SlFWUeCCEn5XJA0ZMZ3pHE9u8k= -cloud.google.com/go/iam v0.13.0/go.mod h1:ljOg+rcNfzZ5d6f1nAUJ8ZIxOaZUVoS14bKCtaLZ/D0= -cloud.google.com/go/longrunning v0.4.1 h1:v+yFJOfKC3yZdY6ZUI933pIYdhyhV8S3NpWrXWmg7jM= -cloud.google.com/go/storage v1.28.1 h1:F5QDG5ChchaAVQhINh24U99OWHURqrW8OmQcGKXcbgI= -cloud.google.com/go/storage v1.28.1/go.mod h1:Qnisd4CqDdo6BGs2AD5LLnEsmSQ80wQ5ogcBBKhU86Y= +cloud.google.com/go/iam v1.1.3 h1:18tKG7DzydKWUnLjonWcJO6wjSCAtzh4GcRKlH/Hrzc= +cloud.google.com/go/iam v1.1.3/go.mod h1:3khUlaBXfPKKe7huYgEpDn6FtgRyMEqbkvBxrQyY5SE= +cloud.google.com/go/storage v1.35.1 h1:B59ahL//eDfx2IIKFBeT5Atm9wnNmj3+8xG/W4WB//w= +cloud.google.com/go/storage v1.35.1/go.mod h1:M6M/3V/D3KpzMTJyPOR/HU6n2Si5QdaXYEsng2xgOs8= github.com/Azure/go-ntlmssp v0.0.0-20180810175552-4a21cbd618b4/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c h1:/IBSNwUN8+eKzUzbJPqhK839ygXJ82sde8x3ogr6R28= github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= @@ -25,8 +24,11 @@ github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuy github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/antchfx/xmlquery v1.3.5 h1:I7TuBRqsnfFuL11ruavGm911Awx9IqSdiU6W/ztSmVw= +github.com/antchfx/xmlquery v1.3.5/go.mod h1:64w0Xesg2sTaawIdNqMB+7qaW/bSqkQm+ssPaCMWNnc= github.com/antchfx/xpath v1.1.11 h1:WOFtK8TVAjLm3lbgqeP0arlHpvCEeTANeWZ/csPpJkQ= +github.com/antchfx/xpath v1.1.11/go.mod h1:i54GszH55fYfBmoZXapTHN8T8tkcHfRgLyVwwqzXNcs= github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3 h1:ZSTrOEhiM5J5RFxEaFvMZVEAM1KvT1YzbEOwB2EAGjA= +github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew1u1fNQOlOtuGxQY= @@ -56,9 +58,11 @@ github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGX github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dylanmei/iso8601 v0.1.0 h1:812NGQDBcqquTfH5Yeo7lwR0nzx/cKdsmf3qMjPURUI= github.com/dylanmei/iso8601 v0.1.0/go.mod h1:w9KhXSgIyROl1DefbMYIE7UVSIvELTbMrCfx+QkYnoQ= github.com/dylanmei/winrmtest v0.0.0-20210303004826-fbc9ae56efb6 h1:zWydSUQBJApHwpQ4guHi+mGyQN/8yN6xbKWdDtL3ZNM= +github.com/dylanmei/winrmtest v0.0.0-20210303004826-fbc9ae56efb6/go.mod h1:6BLLhzn1VEiJ4veuAGhINBTrBlV889Wd+aU4auxKOww= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -68,14 +72,15 @@ github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= -github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k= -github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= +github.com/go-jose/go-jose/v4 v4.0.1 h1:QVEPDE3OluqXBQZDcnNvQrInro2h0e4eqNbnZSWqS6U= +github.com/go-jose/go-jose/v4 v4.0.1/go.mod h1:WVf9LFMHh/QVrmqrOfqun0C45tMe3RoiKJMPvgWwLfY= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= +github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/gofrs/flock v0.8.1 h1:+gYjHKf32LDeiEEFhQaotPbLuUXjY5ZqxKgXy7n59aw= github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= @@ -102,6 +107,7 @@ github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4= +github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= @@ -109,32 +115,36 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian/v3 v3.3.2 h1:IqNFLAmvJOgVlpdEBiQbDc2EwKW77amAycfTuWKdfvw= +github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= +github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o= +github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/enterprise-certificate-proxy v0.2.3 h1:yk9/cqRKtT9wXZSsRH9aurXEpJX+U6FLtpYTdC3R06k= -github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= -github.com/googleapis/gax-go/v2 v2.7.1 h1:gF4c0zjUP2H/s/hEGyLA3I0fA2ZWjzYiONAD6cvPr8A= -github.com/googleapis/gax-go/v2 v2.7.1/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI= +github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= +github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/enterprise-certificate-proxy v0.3.2 h1:Vie5ybvEvT75RniqhfFxPRy3Bf7vr3h0cechB90XaQs= +github.com/googleapis/enterprise-certificate-proxy v0.3.2/go.mod h1:VLSiSSBs/ksPL8kq3OBOQ6WRI2QnaFynd1DCjZ62+V0= +github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56etFpas= +github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= github.com/hashicorp/consul/api v1.25.1 h1:CqrdhYzc8XZuPnhIYZWH45toM0LB9ZeYr/gvpLVI3PE= github.com/hashicorp/consul/api v1.25.1/go.mod h1:iiLVwR/htV7mas/sy0O+XSuEnrdBUUydemjxcUrAt4g= github.com/hashicorp/consul/sdk v0.14.1 h1:ZiwE2bKb+zro68sWzZ1SgHF3kRMBZ94TwOCFRF4ylPs= +github.com/hashicorp/consul/sdk v0.14.1/go.mod h1:vFt03juSzocLRFo59NkeQHHmQa6+g7oU0pfzdI1mUhg= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= -github.com/hashicorp/go-getter/gcs/v2 v2.2.1 h1:yZgDXYy5m4xogJV8hXzX5S/fM/rjJnBz+EzTeFrfLEM= -github.com/hashicorp/go-getter/gcs/v2 v2.2.1/go.mod h1:xzT3sNmGRipCRMpWz24fYHMvgb4MRn/smg5k2mhJ7Bo= -github.com/hashicorp/go-getter/s3/v2 v2.2.1 h1:Psuhz6iuCxJOd3kGinK46x+4BzcJgwff8BId7CuGPYU= -github.com/hashicorp/go-getter/s3/v2 v2.2.1/go.mod h1:KDqfEPgpwZIy+1sAplFX231CE+M6wdL5Q/j6OMbKSnw= -github.com/hashicorp/go-getter/v2 v2.2.1 h1:2JXqPZs1Jej67RtdTi0YZaEB2hEFB3fkBA4cPYKQwFQ= -github.com/hashicorp/go-getter/v2 v2.2.1/go.mod h1:EcJx6oZE8hmGuRR1l38QrfnyiujQbwsEAn11eHv6l2M= +github.com/hashicorp/go-getter/gcs/v2 v2.2.2 h1:KDbsz44Clh+qpsskK9EnlhWki8NMH18jlAjEseJXIco= +github.com/hashicorp/go-getter/gcs/v2 v2.2.2/go.mod h1:reRiCTBtE1ANT92nMmjwbDzoB6KMJ5azAoMOvQRGGH0= +github.com/hashicorp/go-getter/s3/v2 v2.2.2 h1:ProI1SMBNRt17gC3I8XCMdh35sXN68IUieYnWXwfwew= +github.com/hashicorp/go-getter/s3/v2 v2.2.2/go.mod h1:5MRjeGjI4DqzkRYa+g6OuNJDR0MamdE5VqDPdI42+vQ= +github.com/hashicorp/go-getter/v2 v2.2.2 h1:Al5bzCNW5DrlZMK6TumGrSue7Xz8beyLcen+4N4erwo= +github.com/hashicorp/go-getter/v2 v2.2.2/go.mod h1:hp5Yy0GMQvwWVUmwLs3ygivz1JSLI323hdIE9J9m7TY= github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= @@ -142,6 +152,7 @@ github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJ github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= github.com/hashicorp/go-msgpack v0.5.5 h1:i9R9JSrqIz0QVLz3sz+i3YJdT7TTSLcfLLzJi9aZTuI= +github.com/hashicorp/go-msgpack v0.5.5/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= @@ -159,12 +170,14 @@ github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7ml github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= -github.com/hashicorp/go-sockaddr v1.0.2 h1:ztczhD1jLxIRjVejw8gFomI1BQZOe2WoVOu0SyteCQc= github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A= +github.com/hashicorp/go-sockaddr v1.0.7 h1:G+pTkSO01HpR5qCxg7lxfsFEZaG+C0VssTy/9dbT+Fw= +github.com/hashicorp/go-sockaddr v1.0.7/go.mod h1:FZQbEYa1pxkQ7WLpyXJ6cbjpT8q0YgQaK/JakXqGyWw= github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= +github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= @@ -178,12 +191,12 @@ github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO github.com/hashicorp/mdns v1.0.4/go.mod h1:mtBihi+LeNXGtG8L9dX59gAEa12BDtBQSp4v/YAJqrc= github.com/hashicorp/memberlist v0.5.0 h1:EtYPN8DpAURiapus508I4n9CzHs2W+8NZGbmmR/prTM= github.com/hashicorp/memberlist v0.5.0/go.mod h1:yvyXLpo0QaGE59Y7hDTsTzDD25JYBZ4mHgHUZ8lrOI0= -github.com/hashicorp/packer-plugin-sdk v0.5.3 h1:rWQuRgUUnkf1O3UYymQZz/nJErLh4NFkuarOVEQK+Rs= -github.com/hashicorp/packer-plugin-sdk v0.5.3/go.mod h1:ntdZSJnc1LGGdMEXsYOxopZL1311QOTIbzVZH2EbN0U= +github.com/hashicorp/packer-plugin-sdk v0.5.4 h1:5Bl5DMEa//G4gBNcl842JopM9L4KSSsxpvB4W1lEwIA= +github.com/hashicorp/packer-plugin-sdk v0.5.4/go.mod h1:ALm0ZIK3c/F4iOqPNi7xVuHTgrR5dxzOK+DhFN5DHj4= github.com/hashicorp/serf v0.10.1 h1:Z1H2J60yRKvfDYAOZLd2MU0ND4AH/WDz7xYHDWQsIPY= github.com/hashicorp/serf v0.10.1/go.mod h1:yL2t6BqATOLGc5HF7qbFkTfXoPIY0WZdWHfEvMqbG+4= -github.com/hashicorp/vault/api v1.10.0 h1:/US7sIjWN6Imp4o/Rj1Ce2Nr5bki/AXi9vAW3p2tOJQ= -github.com/hashicorp/vault/api v1.10.0/go.mod h1:jo5Y/ET+hNyz+JnKDt8XLAdKs+AM0G5W0Vp1IrFI8N8= +github.com/hashicorp/vault/api v1.14.0 h1:Ah3CFLixD5jmjusOgm8grfN9M0d+Y8fVR2SW0K6pJLU= +github.com/hashicorp/vault/api v1.14.0/go.mod h1:pV9YLxBGSz+cItFDd8Ii4G17waWOQ32zVjMWHe/cOqk= github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/jehiah/go-strftime v0.0.0-20171201141054-1d33003b3869 h1:IPJ3dvxmJ4uczJe5YQdrYB16oTJlGSC/OyZDqUk9xX4= @@ -203,9 +216,11 @@ github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/masterzen/simplexml v0.0.0-20160608183007-4572e39b1ab9/go.mod h1:kCEbxUJlNDEBNbdQMkPSp6yaKcRXVI6f4ddk8Riv4bc= github.com/masterzen/simplexml v0.0.0-20190410153822-31eea3082786 h1:2ZKn+w/BJeL43sCxI2jhPLRv73oVVOjEKZjKkflyqxg= github.com/masterzen/simplexml v0.0.0-20190410153822-31eea3082786/go.mod h1:kCEbxUJlNDEBNbdQMkPSp6yaKcRXVI6f4ddk8Riv4bc= @@ -271,6 +286,7 @@ github.com/pkg/sftp v1.13.2 h1:taJnKntsWgU+qae21Rx52lIwndAdKrj0mfUNQsz1z4Q= github.com/pkg/sftp v1.13.2/go.mod h1:LzqnAvaD5TWeNBsZpfKxSYn1MbjWwOsCIAFFJbpIsK8= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= @@ -306,7 +322,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= github.com/ugorji/go v1.2.6/go.mod h1:anCg0y61KIhDlPZmnH+so+RQbysYVyDko0IMgJv0Nn0= github.com/ugorji/go/codec v1.2.6 h1:7kbGefxLoDBuYXOms4yD7223OpNMMPNPZxXk5TvFcyQ= @@ -315,6 +332,7 @@ github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b h1:FosyBZYxY34Wul7O/MSKey3txpPYyCqVO5ZyceuQJEI= +github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -324,7 +342,6 @@ golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -334,7 +351,6 @@ golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTk golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -350,13 +366,11 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy7fQ90B1CfIiPueXVOjqfkSzI8= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.7.0 h1:qe6s0zUXlPX80/dITx3440hWZ7GwMwgDDyrSGTPJG/g= -golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= +golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= +golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -364,8 +378,8 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= +golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -394,18 +408,12 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -414,13 +422,10 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= -golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac h1:7zkz7BUtwNFFqcowJ+RIgu2MaV/MapERkDIy+mwPyjs= -golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= +golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -429,13 +434,12 @@ golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBn golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk= golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= -google.golang.org/api v0.114.0 h1:1xQPji6cO2E2vLiI+C/XiFAnsn1WV3mjaEwGLhi3grE= -google.golang.org/api v0.114.0/go.mod h1:ifYI2ZsFK6/uGddGfAD5BMxlnkBqCmqHSDUVi45N5Yg= +google.golang.org/api v0.150.0 h1:Z9k22qD289SZ8gCJrk4DrWXkNjtfvKAUo/l1ma8eBYE= +google.golang.org/api v0.150.0/go.mod h1:ccy+MJ6nrYFgE3WgRx/AMXOxOmU8Q4hSa+jjibzhxcg= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= @@ -443,15 +447,19 @@ google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCID google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 h1:KpwkzHKEF7B9Zxg18WzOa7djJ+Ha5DzthMyZYQfEn2A= -google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1/go.mod h1:nKE/iIaLqn2bQwXBg8f1g2Ylh6r5MN5CmZvuzZCgsCU= +google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b h1:+YaDE2r2OG8t/z5qmsh7Y+XXwCbvadxxZ0YY6mTdrVA= +google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b/go.mod h1:CgAqfJo+Xmu0GwA0411Ht3OU3OntXwsGmrmjI8ioGXI= +google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b h1:CIC2YMXmIhYw6evmhPxBKJ4fmLbOFtXQN/GV3XOZR8k= +google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b/go.mod h1:IBQ646DjkDkvUIsVq/cc03FUFQ9wbZu7yE396YcL870= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231030173426-d783a09b4405 h1:AB/lmRny7e2pLhFEYIbl5qkDAUt2h0ZRO4wGPhZf+ik= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231030173426-d783a09b4405/go.mod h1:67X1fPuzjcrkymZzZV1vvkFeTn2Rvc6lYF9MYFGCcwE= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.56.3 h1:8I4C0Yq1EjstUzUJzpcRVbuYA2mODtEmpWiQoN/b2nc= -google.golang.org/grpc v1.56.3/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= +google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= +google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= diff --git a/packer_test/plugin_tests/gob_pb_test.go b/packer_test/plugin_tests/gob_pb_test.go new file mode 100644 index 000000000..28b61ae59 --- /dev/null +++ b/packer_test/plugin_tests/gob_pb_test.go @@ -0,0 +1,179 @@ +package plugin_tests + +import "github.com/hashicorp/packer/packer_test/common/check" + +const pbPluginName = "github.com/hashicorp/pbtester" + +func CheckPBUsed(expect bool) check.Checker { + const strToLookFor = "protobuf for communication with plugins" + + var opts []check.GrepOpts + if !expect { + opts = append(opts, check.GrepInvert) + } + + return check.Grep(strToLookFor, opts...) +} + +// Two different plugins installed locally, one with gob, one with protobuf. +// Both should have different sources so Packer will discover and fallback to using only gob. +func (ts *PackerGobTestSuite) TestTwoPluginsDifferentPB() { + pluginDir := ts.MakePluginDir().InstallPluginVersions("1.0.0+gob") + defer pluginDir.Cleanup() + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("plugins", "install", "--path", ts.GetPluginPath(ts.T(), "1.0.0+pb"), pbPluginName). + Assert(check.MustSucceed()) + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("build", "./templates/test_both_plugins.pkr.hcl"). + Assert(CheckPBUsed(false)) + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("build", "./templates/test_one_plugin.pkr.hcl"). + Assert(CheckPBUsed(false)) +} + +// Two plugins, both with protobuf supported +// Both installed plugins will support protobuf, so Packer will use Protobuf for all its communications. +func (ts *PackerGobTestSuite) TestTwoPluginsBothPB() { + pluginDir := ts.MakePluginDir().InstallPluginVersions("1.0.0+pb") + defer pluginDir.Cleanup() + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("plugins", "install", "--path", ts.GetPluginPath(ts.T(), "1.0.0+pb"), pbPluginName). + Assert(check.MustSucceed()) + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("build", "./templates/test_both_plugins.pkr.hcl"). + Assert(CheckPBUsed(true)) + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("build", "./templates/test_one_plugin.pkr.hcl"). + Assert(CheckPBUsed(true)) +} + +// Two plugins, both with protobuf supported, force gob +// Both installed plugins support protobuf, but the environment variable PACKER_FORCE_GOB is +// set to 1 (or on), so Packer must use gob despite protobuf being supported all around. +func (ts *PackerGobTestSuite) TestTwoPluginsBothPBForceGob() { + pluginDir := ts.MakePluginDir().InstallPluginVersions("1.0.0+pb") + defer pluginDir.Cleanup() + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("plugins", "install", "--path", ts.GetPluginPath(ts.T(), "1.0.0+pb"), pbPluginName). + Assert(check.MustSucceed()) + + ts.PackerCommand().UsePluginDir(pluginDir). + AddEnv("PACKER_FORCE_GOB", "1"). + SetArgs("build", "./templates/test_both_plugins.pkr.hcl"). + Assert(check.MustSucceed(), CheckPBUsed(false)) + + ts.PackerCommand().UsePluginDir(pluginDir). + AddEnv("PACKER_FORCE_GOB", "1"). + SetArgs("build", "./templates/test_one_plugin.pkr.hcl"). + Assert(check.MustSucceed(), CheckPBUsed(false)) +} + +// Two plugins installed, one with two versions: one version supporting pb, +// one older with gob only. The other with only protobuf. +// The template used pins the older version of the first plugin. +// In this case, gob should be the one used, as the selected version supports +// gob only, despite a newer version supporting protobuf, and the other plugin +// also being compatible. +func (ts *PackerGobTestSuite) TestTwoPluginsLatestPBOlderGob_OlderPinned() { + pluginDir := ts.MakePluginDir().InstallPluginVersions("1.0.0+gob", "1.1.0+pb") + defer pluginDir.Cleanup() + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("plugins", "install", "--path", ts.GetPluginPath(ts.T(), "1.1.0+pb"), pbPluginName). + Assert(check.MustSucceed(), check.MustSucceed()) + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("build", "./templates/test_one_pinned_plugin.pkr.hcl"). + Assert(check.MustSucceed(), CheckPBUsed(false)) +} + +// One plugin installed, one version supporting pb, one older with gob only +// The template used pins the older version. +// In this case, gob should be the one used, as the selected version supports +// gob only, despite a newer version supporting protobuf. +func (ts *PackerGobTestSuite) TestOnePluginLatestPBOlderGob_OlderPinned() { + pluginDir := ts.MakePluginDir().InstallPluginVersions("1.0.0+gob", "1.1.0+pb") + defer pluginDir.Cleanup() + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("build", "./templates/test_one_pinned_plugin.pkr.hcl"). + Assert(check.MustSucceed(), CheckPBUsed(false)) +} + +// One plugin, with latest version supporting gob, but the older supporting protobuf +// In this case, Packer will default to using the latest version, and should +// default to using gob. +func (ts *PackerGobTestSuite) TestOnePluginWithLatestOnlyGob() { + pluginDir := ts.MakePluginDir().InstallPluginVersions("1.0.0+pb", "1.1.0+gob") + defer pluginDir.Cleanup() + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("build", "./templates/test_one_plugin.pkr.hcl"). + Assert(check.MustSucceed(), CheckPBUsed(false)) +} + +// One plugin, gob only supported +// Packer will load the only plugin available there, and will use it, and use gob for comms +func (ts PackerGobTestSuite) TestOnePluginWithOnlyGob() { + pluginDir := ts.MakePluginDir().InstallPluginVersions("1.0.0+gob") + defer pluginDir.Cleanup() + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("build", "./templates/test_one_plugin.pkr.hcl"). + Assert(check.MustSucceed(), CheckPBUsed(false)) +} + +// One plugin, protobuf supported +// Packer will load the only plugin available there, and use protobuf for comms +func (ts PackerGobTestSuite) TestOnePluginWithPB() { + pluginDir := ts.MakePluginDir().InstallPluginVersions("1.0.0+pb") + defer pluginDir.Cleanup() + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("build", "./templates/test_one_plugin.pkr.hcl"). + Assert(check.MustSucceed(), CheckPBUsed(true)) +} + +// No plugin installed, only internal components +// In this test, Packer must use Protobuf for internal components as nothing installed will prevent it. +func (ts PackerGobTestSuite) TestInternalOnly() { + pluginDir := ts.MakePluginDir().InstallPluginVersions() + defer pluginDir.Cleanup() + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("build", "./templates/internal_only.pkr.hcl"). + Assert(check.MustSucceed(), CheckPBUsed(true)) +} + +// One plugin with gob only installed, use only internal components +// +// Packer in this case will fallback to Gob, even if the template uses internal +// components only, as this is determined at loading time. +func (ts PackerGobTestSuite) TestInternalOnlyWithGobPluginInstalled() { + pluginDir := ts.MakePluginDir().InstallPluginVersions("1.0.0+gob") + defer pluginDir.Cleanup() + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("build", "./templates/internal_only.pkr.hcl"). + Assert(check.MustSucceed(), CheckPBUsed(false)) +} + +// One plugin with pb support installed, use only internal components +// +// Packer in this case will fallback to Gob, even if the template uses internal +// components only, as this is determined at loading time. +func (ts PackerGobTestSuite) TestInternalOnlyWithPBPluginInstalled() { + pluginDir := ts.MakePluginDir().InstallPluginVersions("1.0.0+pb") + defer pluginDir.Cleanup() + + ts.PackerCommand().UsePluginDir(pluginDir). + SetArgs("build", "./templates/internal_only.pkr.hcl"). + Assert(check.MustSucceed(), CheckPBUsed(true)) +} diff --git a/packer_test/plugin_tests/gob_test_suite.go b/packer_test/plugin_tests/gob_test_suite.go new file mode 100644 index 000000000..7c513647e --- /dev/null +++ b/packer_test/plugin_tests/gob_test_suite.go @@ -0,0 +1,38 @@ +package plugin_tests + +import ( + "testing" + + "github.com/hashicorp/packer/packer_test/common" + "github.com/stretchr/testify/suite" +) + +type PackerGobTestSuite struct { + *common.PackerTestSuite +} + +func Test_PackerGobPBSuite(t *testing.T) { + baseSuite, cleanup := common.InitBaseSuite(t) + defer cleanup() + + ts := &PackerGobTestSuite{ + baseSuite, + } + + var compilationJobs []chan common.CompilationResult + + // Build two versions of each plugin, one with gob only, one with protobuf only + // + // We'll install them manually in tests, as they'll need to be installed as + // different plugin sources in order for discovery to trigger the + // gob-only/pb-supported behaviours we want to test. + compilationJobs = append(compilationJobs, ts.CompilePlugin("1.1.0+pb", common.UseDependency(common.SDKModule, "v0.6.0"))) + compilationJobs = append(compilationJobs, ts.CompilePlugin("1.0.0+pb", common.UseDependency(common.SDKModule, "v0.6.0"))) + + compilationJobs = append(compilationJobs, ts.CompilePlugin("1.0.0+gob")) + compilationJobs = append(compilationJobs, ts.CompilePlugin("1.1.0+gob")) + + common.Ready(t, compilationJobs) + + suite.Run(t, ts) +} diff --git a/packer_test/plugin_tests/templates/internal_only.pkr.hcl b/packer_test/plugin_tests/templates/internal_only.pkr.hcl new file mode 100644 index 000000000..e005230b4 --- /dev/null +++ b/packer_test/plugin_tests/templates/internal_only.pkr.hcl @@ -0,0 +1,7 @@ +source "null" "test" { + communicator = "none" +} + +build { + sources = ["null.test"] +} diff --git a/packer_test/plugin_tests/templates/test_both_plugins.pkr.hcl b/packer_test/plugin_tests/templates/test_both_plugins.pkr.hcl new file mode 100644 index 000000000..36c148e4b --- /dev/null +++ b/packer_test/plugin_tests/templates/test_both_plugins.pkr.hcl @@ -0,0 +1,22 @@ +packer { + required_plugins { + tester = { + source = "github.com/hashicorp/tester", + version = ">= 1.0.0" + } + pbtester = { + source = "github.com/hashicorp/pbtester", + version = ">= 1.0.0" + } + } +} + +source "tester-dynamic" "test" {} +source "pbtester-dynamic" "test" {} + +build { + sources = [ + "tester-dynamic.test", + "pbtester-dynamic.test" + ] +} diff --git a/packer_test/plugin_tests/templates/test_one_pinned_plugin.pkr.hcl b/packer_test/plugin_tests/templates/test_one_pinned_plugin.pkr.hcl new file mode 100644 index 000000000..735c0947c --- /dev/null +++ b/packer_test/plugin_tests/templates/test_one_pinned_plugin.pkr.hcl @@ -0,0 +1,16 @@ +packer { + required_plugins { + tester = { + source = "github.com/hashicorp/tester", + version = "= 1.0.0" + } + } +} + +source "tester-dynamic" "test" {} + +build { + sources = [ + "tester-dynamic.test", + ] +} diff --git a/packer_test/plugin_tests/templates/test_one_plugin.pkr.hcl b/packer_test/plugin_tests/templates/test_one_plugin.pkr.hcl new file mode 100644 index 000000000..1e063e27d --- /dev/null +++ b/packer_test/plugin_tests/templates/test_one_plugin.pkr.hcl @@ -0,0 +1,16 @@ +packer { + required_plugins { + tester = { + source = "github.com/hashicorp/tester", + version = ">= 1.0.0" + } + } +} + +source "tester-dynamic" "test" {} + +build { + sources = [ + "tester-dynamic.test", + ] +} From a353260f5de0aaf1f5437eb7596f46a70c5e7d72 Mon Sep 17 00:00:00 2001 From: Devashish Date: Wed, 18 Sep 2024 14:25:16 -0400 Subject: [PATCH 031/115] packer: add hcp-sbom provisioner The hcp-sbom provisioner is a provisioner that acts essentially like a download-only file provisioner, which also verifies the file downloaded is a SPDX/CycloneDX JSON-encoded SBOM file, and sets up its upload to HCP Packer later on. --- command/execute.go | 2 + go.mod | 5 +- go.sum | 18 ++ hcl2template/types.packer_config.go | 6 + packer/build.go | 20 ++ packer/core.go | 7 + packer/provisioner.go | 79 ++++++ provisioner/hcp-sbom/provisioner.go | 231 ++++++++++++++++++ provisioner/hcp-sbom/provisioner.hcl2spec.go | 51 ++++ provisioner/hcp-sbom/provisioner_test.go | 86 +++++++ provisioner/hcp-sbom/validate.go | 85 +++++++ provisioner/hcp-sbom/version/version.go | 16 ++ .../hcp-sbom/Config-not-required.mdx | 23 ++ .../provisioner/hcp-sbom/Config-required.mdx | 7 + 14 files changed, 635 insertions(+), 1 deletion(-) create mode 100644 provisioner/hcp-sbom/provisioner.go create mode 100644 provisioner/hcp-sbom/provisioner.hcl2spec.go create mode 100644 provisioner/hcp-sbom/provisioner_test.go create mode 100644 provisioner/hcp-sbom/validate.go create mode 100644 provisioner/hcp-sbom/version/version.go create mode 100644 website/content/partials/provisioner/hcp-sbom/Config-not-required.mdx create mode 100644 website/content/partials/provisioner/hcp-sbom/Config-required.mdx diff --git a/command/execute.go b/command/execute.go index ccecf28f8..e7c87b936 100644 --- a/command/execute.go +++ b/command/execute.go @@ -28,6 +28,7 @@ import ( shelllocalpostprocessor "github.com/hashicorp/packer/post-processor/shell-local" breakpointprovisioner "github.com/hashicorp/packer/provisioner/breakpoint" fileprovisioner "github.com/hashicorp/packer/provisioner/file" + hcpsbomprovisioner "github.com/hashicorp/packer/provisioner/hcp-sbom" powershellprovisioner "github.com/hashicorp/packer/provisioner/powershell" shellprovisioner "github.com/hashicorp/packer/provisioner/shell" shelllocalprovisioner "github.com/hashicorp/packer/provisioner/shell-local" @@ -48,6 +49,7 @@ var Builders = map[string]packersdk.Builder{ var Provisioners = map[string]packersdk.Provisioner{ "breakpoint": new(breakpointprovisioner.Provisioner), "file": new(fileprovisioner.Provisioner), + "hcp-sbom": new(hcpsbomprovisioner.Provisioner), "powershell": new(powershellprovisioner.Provisioner), "shell": new(shellprovisioner.Provisioner), "shell-local": new(shelllocalprovisioner.Provisioner), diff --git a/go.mod b/go.mod index f3d46995f..37c34ba83 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,7 @@ require ( github.com/hashicorp/hcp-sdk-go v0.131.0 github.com/hashicorp/packer-plugin-sdk v0.6.0 github.com/jehiah/go-strftime v0.0.0-20171201141054-1d33003b3869 - github.com/klauspost/compress v1.13.6 // indirect + github.com/klauspost/compress v1.13.6 github.com/klauspost/pgzip v1.2.5 github.com/masterzen/winrm v0.0.0-20210623064412-3b76017826b0 github.com/mattn/go-runewidth v0.0.13 // indirect @@ -57,10 +57,12 @@ require ( ) require ( + github.com/CycloneDX/cyclonedx-go v0.9.1 github.com/go-openapi/strfmt v0.21.10 github.com/oklog/ulid v1.3.1 github.com/pierrec/lz4/v4 v4.1.18 github.com/shirou/gopsutil/v3 v3.23.4 + github.com/spdx/tools-golang v0.5.5 ) require ( @@ -77,6 +79,7 @@ require ( github.com/Microsoft/go-winio v0.6.1 // indirect github.com/ProtonMail/go-crypto v1.1.3 // indirect github.com/agext/levenshtein v1.2.3 // indirect + github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092 // indirect github.com/apparentlymart/go-cidr v1.0.1 // indirect github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect diff --git a/go.sum b/go.sum index ebb273a42..92276d13e 100644 --- a/go.sum +++ b/go.sum @@ -20,6 +20,8 @@ github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym github.com/ChrisTrenkamp/goxpath v0.0.0-20170922090931-c385f95c6022/go.mod h1:nuWgzSkT5PnyOd+272uUmV0dnAnAn42Mk7PiQC5VzN4= github.com/ChrisTrenkamp/goxpath v0.0.0-20210404020558-97928f7e12b6 h1:w0E0fgc1YafGEh5cROhlROMWXiNoZqApk2PDN0M1+Ns= github.com/ChrisTrenkamp/goxpath v0.0.0-20210404020558-97928f7e12b6/go.mod h1:nuWgzSkT5PnyOd+272uUmV0dnAnAn42Mk7PiQC5VzN4= +github.com/CycloneDX/cyclonedx-go v0.9.1 h1:yffaWOZsv77oTJa/SdVZYdgAgFioCeycBUKkqS2qzQM= +github.com/CycloneDX/cyclonedx-go v0.9.1/go.mod h1:NE/EWvzELOFlG6+ljX/QeMlVt9VKcTwu8u0ccsACEsw= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= @@ -38,6 +40,8 @@ github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuy github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092 h1:aM1rlcoLz8y5B2r4tTLMiVTrMtpfY0O8EScKJxaSaEc= +github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092/go.mod h1:rYqSE9HbjzpHTI74vwPvae4ZVYZd1lue2ta6xHPdblA= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4= github.com/antchfx/xmlquery v1.3.5 h1:I7TuBRqsnfFuL11ruavGm911Awx9IqSdiU6W/ztSmVw= @@ -78,6 +82,8 @@ github.com/biogo/hts v1.4.3 h1:vir2yUTiRkPvtp6ZTpzh9lWTKQJZXJKZ563rpAQAsRM= github.com/biogo/hts v1.4.3/go.mod h1:eW40HJ1l2ExK9C+yvvoRSftInqWsf3ue+zAEjzCGWjA= github.com/bmatcuk/doublestar v1.1.5 h1:2bNwBOmhyFEFcoB3tGvTD5xanq+4kyOZlB8wFYbMjkk= github.com/bmatcuk/doublestar v1.1.5/go.mod h1:wiQtGV+rzVYxB7WIlirSN++5HPtPlXEo9MEoZQC/PmE= +github.com/bradleyjkemp/cupaloy/v2 v2.8.0 h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M= +github.com/bradleyjkemp/cupaloy/v2 v2.8.0/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0= github.com/cenkalti/backoff/v3 v3.2.2 h1:cfUAAO3yvKMYKPrvhDuHSwQnhZNk/RMHKdZqKTxfm6M= github.com/cenkalti/backoff/v3 v3.2.2/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= @@ -490,6 +496,9 @@ github.com/skeema/knownhosts v1.3.0 h1:AM+y0rI04VksttfwjkSTNQorvGqmwATnvnAHpSgc0 github.com/skeema/knownhosts v1.3.0/go.mod h1:sPINvnADmT/qYH1kfv+ePMmOBTH6Tbl7b5LvTDjFK7M= github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 h1:JIAuq3EEf9cgbU6AtGPK4CTG3Zf6CKMNqf0MHTggAUA= github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966/go.mod h1:sUM3LWHvSMaG192sy56D9F7CNvL7jUJVXoqM1QKLnog= +github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb/go.mod h1:uKWaldnbMnjsSAXRurWqqrdyZen1R7kxl8TkmWk2OyM= +github.com/spdx/tools-golang v0.5.5 h1:61c0KLfAcNqAjlg6UNMdkwpMernhw3zVRwDZ2x9XOmk= +github.com/spdx/tools-golang v0.5.5/go.mod h1:MVIsXx8ZZzaRWNQpUDhC4Dud34edUYJYecciXgrw5vE= github.com/spf13/cast v1.3.1 h1:nFm6S0SMdyzrzcmThSipiEubIDy8WEXKNZ0UOgiRpng= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -509,8 +518,12 @@ github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1F github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/terminalstatic/go-xsd-validate v0.1.5 h1:RqpJnf6HGE2CB/lZB1A8BYguk8uRtcvYAPLCF15qguo= +github.com/terminalstatic/go-xsd-validate v0.1.5/go.mod h1:18lsvYFofBflqCrvo1umpABZ99+GneNTw2kEEc8UPJw= github.com/tklauser/go-sysconf v0.3.11 h1:89WgdJhk5SNwJfu+GKyYveZ4IaJ7xAkecBo+KdJV0CM= github.com/tklauser/go-sysconf v0.3.11/go.mod h1:GqXfhXY3kiPa0nAXPDIQIWzJbMCB7AmcWpGR8lSZfqI= github.com/tklauser/numcpus v0.6.0 h1:kebhY2Qt+3U6RNK7UqpYNA+tJ23IBEGKkB7JQBfDYms= @@ -533,6 +546,10 @@ github.com/xdg-go/scram v1.1.2/go.mod h1:RT/sEzTbU5y00aCK8UOx6R7YryM0iF1N2MOmC3k github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= +github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= +github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/yusufpapurcu/wmi v1.2.2 h1:KBNDSne4vP5mbSWnJbO+51IMOXJB67QiYCSBrubbPRg= @@ -741,3 +758,4 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/hcl2template/types.packer_config.go b/hcl2template/types.packer_config.go index cb81441d8..bf0e9636c 100644 --- a/hcl2template/types.packer_config.go +++ b/hcl2template/types.packer_config.go @@ -573,6 +573,12 @@ func (cfg *PackerConfig) getCoreBuildProvisioner(source SourceUseBlock, pb *Prov } } + if pb.PType == "hcp-sbom" { + provisioner = &packer.SBOMInternalProvisioner{ + Provisioner: provisioner, + } + } + return packer.CoreBuildProvisioner{ PType: pb.PType, PName: pb.PName, diff --git a/packer/build.go b/packer/build.go index 8b62ec537..eade2625d 100644 --- a/packer/build.go +++ b/packer/build.go @@ -50,11 +50,19 @@ type CoreBuild struct { onError string l sync.Mutex prepareCalled bool + + SBOMs []SBOM +} + +type SBOM struct { + Format string + CompressedData []byte } type BuildMetadata struct { PackerVersion string Plugins map[string]PluginDetails + SBOMs []SBOM } func (b *CoreBuild) getPluginsMetadata() map[string]PluginDetails { @@ -88,6 +96,7 @@ func (b *CoreBuild) GetMetadata() BuildMetadata { metadata := BuildMetadata{ PackerVersion: version.FormattedVersion(), Plugins: b.getPluginsMetadata(), + SBOMs: b.SBOMs, } return metadata } @@ -300,6 +309,17 @@ func (b *CoreBuild) Run(ctx context.Context, originalUi packersdk.Ui) ([]packers return nil, err } + for _, p := range b.Provisioners { + sbomInternalProvisioner, ok := p.Provisioner.(*SBOMInternalProvisioner) + if ok { + sbom := SBOM{ + Format: sbomInternalProvisioner.SBOMFormat, + CompressedData: sbomInternalProvisioner.CompressedData, + } + b.SBOMs = append(b.SBOMs, sbom) + } + } + // If there was no result, don't worry about running post-processors // because there is nothing they can do, just return. if builderArtifact == nil { diff --git a/packer/core.go b/packer/core.go index 6bff2df06..f6724cda9 100644 --- a/packer/core.go +++ b/packer/core.go @@ -296,6 +296,13 @@ func (c *Core) generateCoreBuildProvisioner(rawP *template.Provisioner, rawName Provisioner: provisioner, } } + + if rawP.Type == "hcp-sbom" { + provisioner = &SBOMInternalProvisioner{ + Provisioner: provisioner, + } + } + cbp = CoreBuildProvisioner{ PType: rawP.Type, Provisioner: provisioner, diff --git a/packer/provisioner.go b/packer/provisioner.go index 81dce0ecf..24e20b3a2 100644 --- a/packer/provisioner.go +++ b/packer/provisioner.go @@ -5,8 +5,15 @@ package packer import ( "context" + "encoding/json" "fmt" "log" + "os" + + hcpSbomProvisioner "github.com/hashicorp/packer/provisioner/hcp-sbom" + + "github.com/klauspost/compress/zstd" + "time" "github.com/hashicorp/hcl/v2/hcldec" @@ -234,3 +241,75 @@ func (p *DebuggedProvisioner) Provision(ctx context.Context, ui packersdk.Ui, co return p.Provisioner.Provision(ctx, ui, comm, generatedData) } + +// SBOMInternalProvisioner is a wrapper provisioner for the `hcp-sbom` provisioner +// that sets the path for SBOM file download and, after the successful execution of +// the `hcp-sbom` provisioner, compresses the SBOM and prepares the data for API +// integration. +type SBOMInternalProvisioner struct { + Provisioner packersdk.Provisioner + CompressedData []byte + SBOMFormat string + SBOMName string +} + +func (p *SBOMInternalProvisioner) ConfigSpec() hcldec.ObjectSpec { return p.ConfigSpec() } +func (p *SBOMInternalProvisioner) FlatConfig() interface{} { return p.FlatConfig() } +func (p *SBOMInternalProvisioner) Prepare(raws ...interface{}) error { + return p.Provisioner.Prepare(raws...) +} + +func (p *SBOMInternalProvisioner) Provision( + ctx context.Context, ui packersdk.Ui, comm packersdk.Communicator, + generatedData map[string]interface{}, +) error { + cwd, err := os.Getwd() + if err != nil { + return fmt.Errorf("failed to get current working directory for Packer SBOM: %s", err) + } + + tmpFile, err := os.CreateTemp(cwd, "packer-sbom-*.json") + if err != nil { + return fmt.Errorf("failed to create internal temporary file for Packer SBOM: %s", err) + } + + tmpFileName := tmpFile.Name() + if err = tmpFile.Close(); err != nil { + return fmt.Errorf("failed to close temporary file for Packer SBOM %s: %s", tmpFileName, err) + } + + defer func(name string) { + fileRemoveErr := os.Remove(name) + if fileRemoveErr != nil { + log.Printf("Error removing SBOM temporary file %s: %s", name, fileRemoveErr) + } + }(tmpFile.Name()) + + generatedData["dst"] = tmpFile.Name() + + err = p.Provisioner.Provision(ctx, ui, comm, generatedData) + if err != nil { + return err + } + + packerSbom, err := os.Open(tmpFileName) + if err != nil { + return fmt.Errorf("failed to open Packer SBOM file %q: %s", tmpFileName, err) + } + + provisionerOut := &hcpSbomProvisioner.PackerSBOM{} + err = json.NewDecoder(packerSbom).Decode(provisionerOut) + if err != nil { + return fmt.Errorf("malformed packer SBOM output from file %q: %s", tmpFileName, err) + } + + encoder, err := zstd.NewWriter(nil, zstd.WithEncoderLevel(zstd.SpeedBestCompression)) + if err != nil { + return fmt.Errorf("failed to create zstd encoder: %s", err) + } + p.CompressedData = encoder.EncodeAll(provisionerOut.RawSBOM, nil) + p.SBOMFormat = provisionerOut.Format + p.SBOMName = provisionerOut.Name + + return nil +} diff --git a/provisioner/hcp-sbom/provisioner.go b/provisioner/hcp-sbom/provisioner.go new file mode 100644 index 000000000..cbc515c13 --- /dev/null +++ b/provisioner/hcp-sbom/provisioner.go @@ -0,0 +1,231 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +//go:generate packer-sdc mapstructure-to-hcl2 -type Config +//go:generate packer-sdc struct-markdown + +package hcp_sbom + +import ( + "bytes" + "context" + "encoding/json" + "errors" + "fmt" + "log" + "os" + "regexp" + "strings" + + "path/filepath" + + "github.com/hashicorp/hcl/v2/hcldec" + "github.com/hashicorp/packer-plugin-sdk/common" + packersdk "github.com/hashicorp/packer-plugin-sdk/packer" + "github.com/hashicorp/packer-plugin-sdk/template/config" + "github.com/hashicorp/packer-plugin-sdk/template/interpolate" +) + +type Config struct { + common.PackerConfig `mapstructure:",squash"` + + // Source is a required field that specifies the path to the SBOM file that + // needs to be downloaded. + // It can be a file path or a URL. + Source string `mapstructure:"source" required:"true"` + // Destination is an optional field that specifies the path where the SBOM + // file will be downloaded to for the user. + // The 'Destination' must be a writable location. If the destination is a file, + // the SBOM will be saved or overwritten at that path. If the destination is + // a directory, a file will be created within the directory to store the SBOM. + // Any parent directories for the destination must already exist and be + // writable by the provisioning user (generally not root), otherwise, + // a "Permission Denied" error will occur. If the source path is a file, + // it is recommended that the destination path be a file as well. + Destination string `mapstructure:"destination"` + // The name to give the SBOM when uploaded on HCP Packer + // + // By default this will be generated, but if you prefer to have a name + // of your choosing, you can enter it here. + // The name must match the following regexp: `[a-zA-Z0-9_-]{3,36}` + // + // Note: it must be unique for a single build, otherwise the build will + // fail when uploading the SBOMs to HCP Packer, and so will the Packer + // build command. + SbomName string `mapstructure:"sbom_name"` + ctx interpolate.Context +} + +type Provisioner struct { + config Config +} + +func (p *Provisioner) ConfigSpec() hcldec.ObjectSpec { + return p.config.FlatMapstructure().HCL2Spec() +} + +var sbomFormatRegexp = regexp.MustCompile("^[0-9A-Za-z-]{3,36}$") + +func (p *Provisioner) Prepare(raws ...interface{}) error { + err := config.Decode(&p.config, &config.DecodeOpts{ + PluginType: "hcp-sbom", + Interpolate: true, + InterpolateContext: &p.config.ctx, + InterpolateFilter: &interpolate.RenderFilter{ + Exclude: []string{}, + }, + }, raws...) + if err != nil { + return err + } + + var errs error + + if p.config.Source == "" { + errs = packersdk.MultiErrorAppend(errs, errors.New("source must be specified")) + } + + if p.config.SbomName != "" && !sbomFormatRegexp.MatchString(p.config.SbomName) { + // Ugly but a bit of a problem with interpolation since Provisioners + // are prepared twice in HCL2. + // + // If the information used for interpolating is populated in-between the + // first call to Prepare (at the start of the build), and when the + // Provisioner is actually called, the first call will fail, as + // the value won't contain the actual interpolated value, but a + // placeholder which doesn't match the regex. + // + // Since we don't have a way to discriminate between the calls + // in the context of the provisioner, we ignore them, and later the + // HCP Packer call will fail because of the broken regex. + if strings.Contains(p.config.SbomName, "") { + log.Printf("[WARN] interpolation incomplete for `sbom_name`, will possibly retry later with data populated into context, otherwise will fail when uploading to HCP Packer.") + } else { + errs = packersdk.MultiErrorAppend(errs, fmt.Errorf("`sbom_name` %q doesn't match the expected format, it must "+ + "contain between 3 and 36 characters, all from the following set: [A-Za-z0-9_-]", p.config.SbomName)) + } + } + + return errs +} + +// PackerSBOM is the type we write to the temporary JSON dump of the SBOM to +// be consumed by Packer core +type PackerSBOM struct { + // RawSBOM is the raw data from the SBOM downloaded from the guest + RawSBOM []byte `json:"raw_sbom"` + // Format is the format detected by the provisioner + // + // Supported values: `spdx` or `cyclonedx` + Format string `json:"format"` + // Name is the name of the SBOM to be set on HCP Packer + // + // If unset, HCP Packer will generate one + Name string `json:"name,omitempty"` +} + +func (p *Provisioner) Provision( + ctx context.Context, ui packersdk.Ui, comm packersdk.Communicator, + generatedData map[string]interface{}, +) error { + log.Println("Starting to provision with `hcp-sbom` provisioner") + + if generatedData == nil { + generatedData = make(map[string]interface{}) + } + p.config.ctx.Data = generatedData + + src := p.config.Source + + pkrDst := generatedData["dst"].(string) + if pkrDst == "" { + return fmt.Errorf("packer destination path missing from configs: this is an internal error, which should be reported to be fixed.") + } + + var buf bytes.Buffer + if err := comm.Download(src, &buf); err != nil { + ui.Errorf("download failed for SBOM file: %s", err) + return err + } + + format, err := validateSBOM(buf.Bytes()) + if err != nil { + return fmt.Errorf("validation failed for SBOM file: %s", err) + } + + outFile, err := os.Create(pkrDst) + if err != nil { + return fmt.Errorf("failed to open/create output file %q: %s", pkrDst, err) + } + defer outFile.Close() + + err = json.NewEncoder(outFile).Encode(PackerSBOM{ + RawSBOM: buf.Bytes(), + Format: format, + Name: p.config.SbomName, + }) + if err != nil { + return fmt.Errorf("failed to write sbom file to %q: %s", pkrDst, err) + } + + if p.config.Destination == "" { + return nil + } + + // SBOM for User + usrDst, err := p.getUserDestination() + if err != nil { + return fmt.Errorf("failed to compute destination path %q: %s", p.config.Destination, err) + } + err = os.WriteFile(usrDst, buf.Bytes(), 0644) + if err != nil { + return fmt.Errorf("failed to write SBOM to destination %q: %s", usrDst, err) + } + + return nil +} + +// getUserDestination determines and returns the destination path for the user SBOM file. +func (p *Provisioner) getUserDestination() (string, error) { + dst := p.config.Destination + + // Check if the destination exists and determine its type + info, err := os.Stat(dst) + if err == nil { + if info.IsDir() { + // If the destination is a directory, create a temporary file inside it + tmpFile, err := os.CreateTemp(dst, "packer-user-sbom-*.json") + if err != nil { + return "", fmt.Errorf("failed to create temporary file in user SBOM directory %s: %s", dst, err) + } + dst = tmpFile.Name() + tmpFile.Close() + } + return dst, nil + } + + outDir := filepath.Dir(dst) + // In case the destination does not exist, we'll get the dirpath, + // and create it if it doesn't already exist + err = os.MkdirAll(outDir, 0755) + if err != nil { + return "", fmt.Errorf("failed to create destination directory for user SBOM: %s\n", err) + } + + // Check if the destination is a directory after the previous step. + // + // This happens if the path specified ends with a `/`, in which case the + // destination is a directory, and we must create a temporary file in + // this destination directory. + destStat, statErr := os.Stat(dst) + if statErr == nil && destStat.IsDir() { + tmpFile, err := os.CreateTemp(outDir, "packer-user-sbom-*.json") + if err != nil { + return "", fmt.Errorf("failed to create temporary file in user SBOM directory %s: %s", dst, err) + } + dst = tmpFile.Name() + tmpFile.Close() + } + + return dst, nil +} diff --git a/provisioner/hcp-sbom/provisioner.hcl2spec.go b/provisioner/hcp-sbom/provisioner.hcl2spec.go new file mode 100644 index 000000000..4df5397c0 --- /dev/null +++ b/provisioner/hcp-sbom/provisioner.hcl2spec.go @@ -0,0 +1,51 @@ +// Code generated by "packer-sdc mapstructure-to-hcl2"; DO NOT EDIT. + +package hcp_sbom + +import ( + "github.com/hashicorp/hcl/v2/hcldec" + "github.com/zclconf/go-cty/cty" +) + +// FlatConfig is an auto-generated flat version of Config. +// Where the contents of a field with a `mapstructure:,squash` tag are bubbled up. +type FlatConfig struct { + PackerBuildName *string `mapstructure:"packer_build_name" cty:"packer_build_name" hcl:"packer_build_name"` + PackerBuilderType *string `mapstructure:"packer_builder_type" cty:"packer_builder_type" hcl:"packer_builder_type"` + PackerCoreVersion *string `mapstructure:"packer_core_version" cty:"packer_core_version" hcl:"packer_core_version"` + PackerDebug *bool `mapstructure:"packer_debug" cty:"packer_debug" hcl:"packer_debug"` + PackerForce *bool `mapstructure:"packer_force" cty:"packer_force" hcl:"packer_force"` + PackerOnError *string `mapstructure:"packer_on_error" cty:"packer_on_error" hcl:"packer_on_error"` + PackerUserVars map[string]string `mapstructure:"packer_user_variables" cty:"packer_user_variables" hcl:"packer_user_variables"` + PackerSensitiveVars []string `mapstructure:"packer_sensitive_variables" cty:"packer_sensitive_variables" hcl:"packer_sensitive_variables"` + Source *string `mapstructure:"source" required:"true" cty:"source" hcl:"source"` + Destination *string `mapstructure:"destination" cty:"destination" hcl:"destination"` + SbomName *string `mapstructure:"sbom_name" cty:"sbom_name" hcl:"sbom_name"` +} + +// FlatMapstructure returns a new FlatConfig. +// FlatConfig is an auto-generated flat version of Config. +// Where the contents a fields with a `mapstructure:,squash` tag are bubbled up. +func (*Config) FlatMapstructure() interface{ HCL2Spec() map[string]hcldec.Spec } { + return new(FlatConfig) +} + +// HCL2Spec returns the hcl spec of a Config. +// This spec is used by HCL to read the fields of Config. +// The decoded values from this spec will then be applied to a FlatConfig. +func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec { + s := map[string]hcldec.Spec{ + "packer_build_name": &hcldec.AttrSpec{Name: "packer_build_name", Type: cty.String, Required: false}, + "packer_builder_type": &hcldec.AttrSpec{Name: "packer_builder_type", Type: cty.String, Required: false}, + "packer_core_version": &hcldec.AttrSpec{Name: "packer_core_version", Type: cty.String, Required: false}, + "packer_debug": &hcldec.AttrSpec{Name: "packer_debug", Type: cty.Bool, Required: false}, + "packer_force": &hcldec.AttrSpec{Name: "packer_force", Type: cty.Bool, Required: false}, + "packer_on_error": &hcldec.AttrSpec{Name: "packer_on_error", Type: cty.String, Required: false}, + "packer_user_variables": &hcldec.AttrSpec{Name: "packer_user_variables", Type: cty.Map(cty.String), Required: false}, + "packer_sensitive_variables": &hcldec.AttrSpec{Name: "packer_sensitive_variables", Type: cty.List(cty.String), Required: false}, + "source": &hcldec.AttrSpec{Name: "source", Type: cty.String, Required: false}, + "destination": &hcldec.AttrSpec{Name: "destination", Type: cty.String, Required: false}, + "sbom_name": &hcldec.AttrSpec{Name: "sbom_name", Type: cty.String, Required: false}, + } + return s +} diff --git a/provisioner/hcp-sbom/provisioner_test.go b/provisioner/hcp-sbom/provisioner_test.go new file mode 100644 index 000000000..aff0323e0 --- /dev/null +++ b/provisioner/hcp-sbom/provisioner_test.go @@ -0,0 +1,86 @@ +package hcp_sbom + +import ( + "testing" + + "github.com/google/go-cmp/cmp" + "github.com/google/go-cmp/cmp/cmpopts" + "github.com/hashicorp/packer-plugin-sdk/template/interpolate" +) + +func TestConfigPrepare(t *testing.T) { + tests := []struct { + name string + inputConfig map[string]interface{} + interpolateContext interpolate.Context + expectConfig *Config + expectError bool + }{ + { + "empty config, should error without a source", + map[string]interface{}{}, + interpolate.Context{}, + nil, + true, + }, + { + "config with full context for interpolation: success", + map[string]interface{}{ + "source": "{{ .Name }}", + }, + interpolate.Context{ + Data: &struct { + Name string + }{ + Name: "testInterpolate", + }, + }, + &Config{ + Source: "testInterpolate", + }, + false, + }, + { + // Note: this will look weird to reviewers, but is actually + // expected for the moment. + // Refer to the comment in `Prepare` for context as to WHY + // this cannot be considered an error. + "config with sbom name as interpolated value, without it in context, replace with a placeholder", + map[string]interface{}{ + "source": "test", + "sbom_name": "{{ .Name }}", + }, + interpolate.Context{}, + &Config{ + Source: "test", + SbomName: "", + }, + false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + prov := &Provisioner{} + prov.config.ctx = tt.interpolateContext + err := prov.Prepare(tt.inputConfig) + if err != nil && !tt.expectError { + t.Fatalf("configuration unexpectedly failed to prepare: %s", err) + } + + if err == nil && tt.expectError { + t.Fatalf("configuration succeeded to prepare, but should have failed") + } + + if err != nil { + t.Logf("config had error %q", err) + return + } + + diff := cmp.Diff(prov.config, *tt.expectConfig, cmpopts.IgnoreUnexported(Config{})) + if diff != "" { + t.Errorf("configuration returned by `Prepare` is different from what was expected: %s", diff) + } + }) + } +} diff --git a/provisioner/hcp-sbom/validate.go b/provisioner/hcp-sbom/validate.go new file mode 100644 index 000000000..4f17a4ac0 --- /dev/null +++ b/provisioner/hcp-sbom/validate.go @@ -0,0 +1,85 @@ +package hcp_sbom + +import ( + "bytes" + "fmt" + "strings" + + "github.com/CycloneDX/cyclonedx-go" + spdxjson "github.com/spdx/tools-golang/json" +) + +// ValidationError represents an error encountered while validating an SBOM. +type ValidationError struct { + Err error +} + +func (e *ValidationError) Error() string { + return e.Err.Error() +} + +func (e *ValidationError) Unwrap() error { + return e.Err +} + +// ValidateCycloneDX is a validation for CycloneDX in JSON format. +func validateCycloneDX(content []byte) error { + decoder := cyclonedx.NewBOMDecoder(bytes.NewBuffer(content), cyclonedx.BOMFileFormatJSON) + bom := new(cyclonedx.BOM) + if err := decoder.Decode(bom); err != nil { + return fmt.Errorf("error parsing CycloneDX SBOM: %w", err) + } + + if !strings.EqualFold(bom.BOMFormat, "CycloneDX") { + return &ValidationError{ + Err: fmt.Errorf("invalid bomFormat: %q, expected CycloneDX", bom.BOMFormat), + } + } + if bom.SpecVersion.String() == "" { + return &ValidationError{ + Err: fmt.Errorf("specVersion is required"), + } + } + + return nil +} + +// validateSPDX is a validation for SPDX in JSON format. +func validateSPDX(content []byte) error { + doc, err := spdxjson.Read(bytes.NewBuffer(content)) + if err != nil { + return fmt.Errorf("error parsing SPDX JSON file: %w", err) + } + + if doc.SPDXVersion == "" { + return &ValidationError{ + Err: fmt.Errorf("missing SPDXVersion"), + } + } + + return nil +} + +// validateSBOM validates the SBOM file and returns the format of the SBOM. +func validateSBOM(content []byte) (string, error) { + // Try validating as SPDX + spdxErr := validateSPDX(content) + if spdxErr == nil { + return "spdx", nil + } + + if vErr, ok := spdxErr.(*ValidationError); ok { + return "", vErr + } + + cycloneDxErr := validateCycloneDX(content) + if cycloneDxErr == nil { + return "cyclonedx", nil + } + + if vErr, ok := cycloneDxErr.(*ValidationError); ok { + return "", vErr + } + + return "", fmt.Errorf("error validating SBOM file: invalid SBOM format") +} diff --git a/provisioner/hcp-sbom/version/version.go b/provisioner/hcp-sbom/version/version.go new file mode 100644 index 000000000..772d6d4f4 --- /dev/null +++ b/provisioner/hcp-sbom/version/version.go @@ -0,0 +1,16 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package version + +import ( + "github.com/hashicorp/packer-plugin-sdk/version" + packerVersion "github.com/hashicorp/packer/version" +) + +var HCPSBOMPluginVersion *version.PluginVersion + +func init() { + HCPSBOMPluginVersion = version.NewPluginVersion( + packerVersion.Version, packerVersion.VersionPrerelease, packerVersion.VersionMetadata) +} diff --git a/website/content/partials/provisioner/hcp-sbom/Config-not-required.mdx b/website/content/partials/provisioner/hcp-sbom/Config-not-required.mdx new file mode 100644 index 000000000..871e7a5ad --- /dev/null +++ b/website/content/partials/provisioner/hcp-sbom/Config-not-required.mdx @@ -0,0 +1,23 @@ + + +- `destination` (string) - Destination is an optional field that specifies the path where the SBOM + file will be downloaded to for the user. + The 'Destination' must be a writable location. If the destination is a file, + the SBOM will be saved or overwritten at that path. If the destination is + a directory, a file will be created within the directory to store the SBOM. + Any parent directories for the destination must already exist and be + writable by the provisioning user (generally not root), otherwise, + a "Permission Denied" error will occur. If the source path is a file, + it is recommended that the destination path be a file as well. + +- `sbom_name` (string) - The name to give the SBOM when uploaded on HCP Packer + + By default this will be generated, but if you prefer to have a name + of your choosing, you can enter it here. + The name must match the following regexp: `[a-zA-Z0-9_-]{3,36}` + + Note: it must be unique for a single build, otherwise the build will + fail when uploading the SBOMs to HCP Packer, and so will the Packer + build command. + + diff --git a/website/content/partials/provisioner/hcp-sbom/Config-required.mdx b/website/content/partials/provisioner/hcp-sbom/Config-required.mdx new file mode 100644 index 000000000..2f227c2b0 --- /dev/null +++ b/website/content/partials/provisioner/hcp-sbom/Config-required.mdx @@ -0,0 +1,7 @@ + + +- `source` (string) - Source is a required field that specifies the path to the SBOM file that + needs to be downloaded. + It can be a file path or a URL. + + From a8c9467463804dc1369aefd262c649ce18e039c6 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Fri, 25 Oct 2024 11:32:06 -0400 Subject: [PATCH 032/115] packer_test: add integration tests for hcp-sbom --- .../hcp-sbom/provisioner_test.go | 151 ++++++++++++++++++ .../provisioner_tests/hcp-sbom/suite_test.go | 23 +++ .../hcp-sbom/templates/dest_is_dir.pkr.hcl | 36 +++++ .../dest_is_dir_with_trailing_slash.pkr.hcl | 36 +++++ .../dest_is_file_no_interm_dirs.pkr.hcl | 36 +++++ .../dest_is_file_with_interm_dirs.pkr.hcl | 36 +++++ .../hcp-sbom/templates/source_is_dir.pkr.hcl | 21 +++ .../templates/source_not_existing.pkr.hcl | 21 +++ 8 files changed, 360 insertions(+) create mode 100644 packer_test/provisioner_tests/hcp-sbom/provisioner_test.go create mode 100644 packer_test/provisioner_tests/hcp-sbom/suite_test.go create mode 100644 packer_test/provisioner_tests/hcp-sbom/templates/dest_is_dir.pkr.hcl create mode 100644 packer_test/provisioner_tests/hcp-sbom/templates/dest_is_dir_with_trailing_slash.pkr.hcl create mode 100644 packer_test/provisioner_tests/hcp-sbom/templates/dest_is_file_no_interm_dirs.pkr.hcl create mode 100644 packer_test/provisioner_tests/hcp-sbom/templates/dest_is_file_with_interm_dirs.pkr.hcl create mode 100644 packer_test/provisioner_tests/hcp-sbom/templates/source_is_dir.pkr.hcl create mode 100644 packer_test/provisioner_tests/hcp-sbom/templates/source_not_existing.pkr.hcl diff --git a/packer_test/provisioner_tests/hcp-sbom/provisioner_test.go b/packer_test/provisioner_tests/hcp-sbom/provisioner_test.go new file mode 100644 index 000000000..81f5a8e06 --- /dev/null +++ b/packer_test/provisioner_tests/hcp-sbom/provisioner_test.go @@ -0,0 +1,151 @@ +package plugin_tests + +import ( + "os" + + "github.com/hashicorp/packer/packer_test/common/check" +) + +func (ts *PackerHCPSbomTestSuite) TestSourceNotExisting() { + ts.SkipNoAcc() + + dir := ts.MakePluginDir() + defer dir.Cleanup() + + ts.PackerCommand().UsePluginDir(dir). + SetArgs("plugins", "install", "github.com/hashicorp/docker"). + Assert(check.MustSucceed()) + + ts.PackerCommand().UsePluginDir(dir). + AddEnv("HOME", os.Getenv("HOME")). + AddEnv("PATH", os.Getenv("PATH")). + SetArgs("build", "templates/source_not_existing.pkr.hcl"). + Assert(check.MustFail(), check.Grep("download failed for SBOM file")) +} + +// Greayed out because the communicator for the docker plugin does not return an error +// when downloading a full directory, instead it returns a 0-byte stream without an error. +// +// So the sbom provisioner fails with a validation error instead of a file not found type +// of error. +// +// func (ts *PackerHCPSbomTestSuite) TestSourceIsDir() { +// ts.SkipNoAcc() +// +// path, cleanup := ts.MakePluginDir() +// defer cleanup() +// +// ts.PackerCommand().UsePluginDir(path). +// SetArgs("plugins", "install", "github.com/hashicorp/docker"). +// Assert(check.MustSucceed()) +// +// ts.PackerCommand().UsePluginDir(path). +// SetArgs("build", "templates/source_is_dir.pkr.hcl"). +// Assert(check.MustFail(), check.Grep("download failed for SBOM file"), check.Dump(ts.T())) +// } + +// * output file - does not exist, and intermediate dirs don't exist +func (ts *PackerHCPSbomTestSuite) TestDestFile_NoIntermediateDirs() { + ts.SkipNoAcc() + + dir := ts.MakePluginDir() + defer dir.Cleanup() + + ts.PackerCommand().UsePluginDir(dir). + SetArgs("plugins", "install", "github.com/hashicorp/docker"). + Assert(check.MustSucceed()) + + ts.PackerCommand().UsePluginDir(dir). + AddEnv("HOME", os.Getenv("HOME")). + AddEnv("PATH", os.Getenv("PATH")). + SetArgs("build", "./templates/dest_is_file_no_interm_dirs.pkr.hcl"). + Assert(check.MustSucceed(), check.FileExists("sbom/sbom_cyclonedx.json", false)) + + os.RemoveAll("sbom") +} + +// * output file - does not exist, and intermediate dirs already exist +func (ts *PackerHCPSbomTestSuite) TestDestFile_WithIntermediateDirs() { + ts.SkipNoAcc() + + dir := ts.MakePluginDir() + defer dir.Cleanup() + + os.MkdirAll("sbom", 0755) + + ts.PackerCommand().UsePluginDir(dir). + SetArgs("plugins", "install", "github.com/hashicorp/docker"). + Assert(check.MustSucceed()) + + ts.PackerCommand().UsePluginDir(dir). + AddEnv("HOME", os.Getenv("HOME")). + AddEnv("PATH", os.Getenv("PATH")). + SetArgs("build", "./templates/dest_is_file_no_interm_dirs.pkr.hcl"). + Assert(check.MustSucceed(), check.FileExists("sbom/sbom_cyclonedx.json", false)) + + os.RemoveAll("sbom") +} + +// * output directory (without trailing slash) - directory exists +func (ts *PackerHCPSbomTestSuite) TestDestDir_NoTrailingSlash() { + ts.SkipNoAcc() + + dir := ts.MakePluginDir() + defer dir.Cleanup() + + os.MkdirAll("sbom", 0755) + + ts.PackerCommand().UsePluginDir(dir). + SetArgs("plugins", "install", "github.com/hashicorp/docker"). + Assert(check.MustSucceed()) + + ts.PackerCommand().UsePluginDir(dir). + AddEnv("HOME", os.Getenv("HOME")). + AddEnv("PATH", os.Getenv("PATH")). + SetArgs("build", "./templates/dest_is_dir.pkr.hcl"). + Assert(check.MustSucceed(), check.FileGlob("./sbom/packer-user-sbom-*.json")) + + os.RemoveAll("sbom") +} + +// * output directory (with trailing slash) - directory exists +func (ts *PackerHCPSbomTestSuite) TestDestDir_WithTrailingSlash() { + ts.SkipNoAcc() + + dir := ts.MakePluginDir() + defer dir.Cleanup() + + os.MkdirAll("sbom", 0755) + + ts.PackerCommand().UsePluginDir(dir). + SetArgs("plugins", "install", "github.com/hashicorp/docker"). + Assert(check.MustSucceed()) + + ts.PackerCommand().UsePluginDir(dir). + AddEnv("HOME", os.Getenv("HOME")). + AddEnv("PATH", os.Getenv("PATH")). + SetArgs("build", "./templates/dest_is_dir_with_trailing_slash.pkr.hcl"). + Assert(check.MustSucceed(), check.FileGlob("./sbom/packer-user-sbom-*.json")) + + os.RemoveAll("sbom") +} + +// * output directory (with trailing slash) - directory doesn't exist +func (ts *PackerHCPSbomTestSuite) TestDestDir_WithTrailingSlash_NoDir() { + ts.SkipNoAcc() + + dir := ts.MakePluginDir() + defer dir.Cleanup() + + ts.PackerCommand().UsePluginDir(dir). + SetArgs("plugins", "install", "github.com/hashicorp/docker"). + Assert(check.MustSucceed()) + + ts.PackerCommand().UsePluginDir(dir). + AddEnv("HOME", os.Getenv("HOME")). + AddEnv("PATH", os.Getenv("PATH")). + SetArgs("build", "./templates/dest_is_dir_with_trailing_slash.pkr.hcl"). + Assert(check.MustSucceed(), check.FileGlob("./sbom/packer-user-sbom-*.json")) + + os.RemoveAll("sbom") +} diff --git a/packer_test/provisioner_tests/hcp-sbom/suite_test.go b/packer_test/provisioner_tests/hcp-sbom/suite_test.go new file mode 100644 index 000000000..a3855ebb6 --- /dev/null +++ b/packer_test/provisioner_tests/hcp-sbom/suite_test.go @@ -0,0 +1,23 @@ +package plugin_tests + +import ( + "testing" + + "github.com/hashicorp/packer/packer_test/common" + "github.com/stretchr/testify/suite" +) + +type PackerHCPSbomTestSuite struct { + *common.PackerTestSuite +} + +func Test_PackerPluginSuite(t *testing.T) { + baseSuite, cleanup := common.InitBaseSuite(t) + defer cleanup() + + ts := &PackerHCPSbomTestSuite{ + baseSuite, + } + + suite.Run(t, ts) +} diff --git a/packer_test/provisioner_tests/hcp-sbom/templates/dest_is_dir.pkr.hcl b/packer_test/provisioner_tests/hcp-sbom/templates/dest_is_dir.pkr.hcl new file mode 100644 index 000000000..1a405a50b --- /dev/null +++ b/packer_test/provisioner_tests/hcp-sbom/templates/dest_is_dir.pkr.hcl @@ -0,0 +1,36 @@ +packer { + required_plugins { + docker = { + version = ">= 1.0.0" + source = "github.com/hashicorp/docker" + } + } +} + +source "docker" "ubuntu" { + image = "ubuntu:20.04" + commit = true +} + +build { + sources = ["source.docker.ubuntu"] + + provisioner "shell" { + inline = [ + "apt-get update -y", + "apt-get install -y curl", + "bash -c \"$(curl -sSL https://install.mondoo.com/sh)\"" + ] + } + + provisioner "shell" { + inline = [ + "cnquery sbom --output cyclonedx-json --output-target /tmp/sbom_cyclonedx.json", + ] + } + + provisioner "hcp-sbom" { + source = "/tmp/sbom_cyclonedx.json" + destination = "./sbom" + } +} diff --git a/packer_test/provisioner_tests/hcp-sbom/templates/dest_is_dir_with_trailing_slash.pkr.hcl b/packer_test/provisioner_tests/hcp-sbom/templates/dest_is_dir_with_trailing_slash.pkr.hcl new file mode 100644 index 000000000..9d9ca4506 --- /dev/null +++ b/packer_test/provisioner_tests/hcp-sbom/templates/dest_is_dir_with_trailing_slash.pkr.hcl @@ -0,0 +1,36 @@ +packer { + required_plugins { + docker = { + version = ">= 1.0.0" + source = "github.com/hashicorp/docker" + } + } +} + +source "docker" "ubuntu" { + image = "ubuntu:20.04" + commit = true +} + +build { + sources = ["source.docker.ubuntu"] + + provisioner "shell" { + inline = [ + "apt-get update -y", + "apt-get install -y curl", + "bash -c \"$(curl -sSL https://install.mondoo.com/sh)\"" + ] + } + + provisioner "shell" { + inline = [ + "cnquery sbom --output cyclonedx-json --output-target /tmp/sbom_cyclonedx.json", + ] + } + + provisioner "hcp-sbom" { + source = "/tmp/sbom_cyclonedx.json" + destination = "./sbom/" + } +} diff --git a/packer_test/provisioner_tests/hcp-sbom/templates/dest_is_file_no_interm_dirs.pkr.hcl b/packer_test/provisioner_tests/hcp-sbom/templates/dest_is_file_no_interm_dirs.pkr.hcl new file mode 100644 index 000000000..9d4bcb2da --- /dev/null +++ b/packer_test/provisioner_tests/hcp-sbom/templates/dest_is_file_no_interm_dirs.pkr.hcl @@ -0,0 +1,36 @@ +packer { + required_plugins { + docker = { + version = ">= 1.0.0" + source = "github.com/hashicorp/docker" + } + } +} + +source "docker" "ubuntu" { + image = "ubuntu:20.04" + commit = true +} + +build { + sources = ["source.docker.ubuntu"] + + provisioner "shell" { + inline = [ + "apt-get update -y", + "apt-get install -y curl", + "bash -c \"$(curl -sSL https://install.mondoo.com/sh)\"" + ] + } + + provisioner "shell" { + inline = [ + "cnquery sbom --output cyclonedx-json --output-target /tmp/sbom_cyclonedx.json", + ] + } + + provisioner "hcp-sbom" { + source = "/tmp/sbom_cyclonedx.json" + destination = "./sbom/sbom_cyclonedx.json" + } +} diff --git a/packer_test/provisioner_tests/hcp-sbom/templates/dest_is_file_with_interm_dirs.pkr.hcl b/packer_test/provisioner_tests/hcp-sbom/templates/dest_is_file_with_interm_dirs.pkr.hcl new file mode 100644 index 000000000..37ccbcc3b --- /dev/null +++ b/packer_test/provisioner_tests/hcp-sbom/templates/dest_is_file_with_interm_dirs.pkr.hcl @@ -0,0 +1,36 @@ +packer { + required_plugins { + docker = { + version = ">= 1.0.0" + source = "github.com/hashicorp/docker" + } + } +} + +source "docker" "ubuntu" { + image = "ubuntu:20.04" + commit = true +} + +build { + sources = ["source.docker.ubuntu"] + + provisioner "shell" { + inline = [ + "apt-get update -y", + "apt-get install -y curl", + "bash -c \"$(curl -sSL https://install.mondoo.com/sh)\"" + ] + } + + provisioner "shell" { + inline = [ + "cnquery sbom --output cyclonedx-json --output-target /tmp/sbom_cyclonedx.json", + ] + } + + provisioner "hcp-sbom" { + source = "/tmp/sbom_cyclonedx.json" + destination = "./sbom/sbom_cyclonedx" + } +} diff --git a/packer_test/provisioner_tests/hcp-sbom/templates/source_is_dir.pkr.hcl b/packer_test/provisioner_tests/hcp-sbom/templates/source_is_dir.pkr.hcl new file mode 100644 index 000000000..02522488d --- /dev/null +++ b/packer_test/provisioner_tests/hcp-sbom/templates/source_is_dir.pkr.hcl @@ -0,0 +1,21 @@ +packer { + required_plugins { + docker = { + version = ">= 1.0.0" + source = "github.com/hashicorp/docker" + } + } +} + +source "docker" "ubuntu" { + image = "ubuntu:20.04" + commit = true +} + +build { + sources = ["source.docker.ubuntu"] + + provisioner "hcp-sbom" { + source = "/tmp" + } +} diff --git a/packer_test/provisioner_tests/hcp-sbom/templates/source_not_existing.pkr.hcl b/packer_test/provisioner_tests/hcp-sbom/templates/source_not_existing.pkr.hcl new file mode 100644 index 000000000..a66b99685 --- /dev/null +++ b/packer_test/provisioner_tests/hcp-sbom/templates/source_not_existing.pkr.hcl @@ -0,0 +1,21 @@ +packer { + required_plugins { + docker = { + version = ">= 1.0.0" + source = "github.com/hashicorp/docker" + } + } +} + +source "docker" "ubuntu" { + image = "ubuntu:20.04" + commit = true +} + +build { + sources = ["source.docker.ubuntu"] + + provisioner "hcp-sbom" { + source = "/tmp/sbom_cyclonedx.json" + } +} From 362c5472110b737ab3051630fe2feb872d7a6c5a Mon Sep 17 00:00:00 2001 From: Jenna Goldstrich Date: Fri, 27 Sep 2024 13:51:13 -0700 Subject: [PATCH 033/115] hcp: integrate SBOM upload to HCP code Since packer now supports keeping track of SBOMs produced during a build, we add the code to integrate those changes into the internal/hcp package, so we do upload them on build completion. --- internal/hcp/registry/types.bucket.go | 39 ++++++++++++++++++++++++++ internal/hcp/registry/types.builds.go | 4 +++ internal/hcp/registry/types.version.go | 3 ++ packer/build.go | 2 ++ 4 files changed, 48 insertions(+) diff --git a/internal/hcp/registry/types.bucket.go b/internal/hcp/registry/types.bucket.go index 17f3e34c0..ab068a308 100644 --- a/internal/hcp/registry/types.bucket.go +++ b/internal/hcp/registry/types.bucket.go @@ -12,7 +12,10 @@ import ( "sync" "time" + "github.com/hashicorp/packer/packer" + "github.com/hashicorp/go-multierror" + "github.com/hashicorp/hcp-sdk-go/clients/cloud-packer-service/stable/2023-01-01/client/packer_service" hcpPackerModels "github.com/hashicorp/hcp-sdk-go/clients/cloud-packer-service/stable/2023-01-01/models" packerSDK "github.com/hashicorp/packer-plugin-sdk/packer" packerSDKRegistry "github.com/hashicorp/packer-plugin-sdk/packer/registry/image" @@ -222,6 +225,35 @@ func (bucket *Bucket) UpdateBuildStatus( return nil } +func (bucket *Bucket) uploadSbom(ctx context.Context, buildName string, sbom packer.SBOM) error { + buildToUpdate, err := bucket.Version.Build(buildName) + if err != nil { + return err + } + + log.Println( + "[TRACE] jennajenna uploadsbom called", buildToUpdate.ID, + ) + if buildToUpdate.ID == "" { + return fmt.Errorf("the build for the component %q does not have a valid id", buildName) + } + _, err = bucket.client.Packer.PackerServiceUploadSbom( + &packer_service.PackerServiceUploadSbomParams{ + Context: ctx, + BucketName: bucket.Name, + Fingerprint: bucket.Version.Fingerprint, + BuildID: buildToUpdate.ID, + Body: &hcpPackerModels.HashicorpCloudPacker20230101UploadSbomBody{ + CompressedSbom: sbom.CompressedData, + Name: sbom.Name, + Format: sbom.Format, + }, + }, + nil, + ) + return err +} + // markBuildComplete should be called to set a build on the HCP Packer registry to DONE. // Upon a successful call markBuildComplete will publish all artifacts created by the named build, // and set the build to done. A build with no artifacts can not be set to DONE. @@ -673,6 +705,13 @@ func (bucket *Bucket) completeBuild( } } + for _, sbom := range build.CompressedSboms { + err = bucket.uploadSbom(ctx, buildName, sbom) + if err != nil { + return packerSDKArtifacts, fmt.Errorf("Failed to upload sboms %s", err) + } + } + parErr := bucket.markBuildComplete(ctx, buildName) if parErr != nil { return packerSDKArtifacts, fmt.Errorf( diff --git a/internal/hcp/registry/types.builds.go b/internal/hcp/registry/types.builds.go index dc7e13276..0ca531c2c 100644 --- a/internal/hcp/registry/types.builds.go +++ b/internal/hcp/registry/types.builds.go @@ -6,6 +6,8 @@ package registry import ( "fmt" + "github.com/hashicorp/packer/packer" + hcpPackerModels "github.com/hashicorp/hcp-sdk-go/clients/cloud-packer-service/stable/2023-01-01/models" packerSDKRegistry "github.com/hashicorp/packer-plugin-sdk/packer/registry/image" ) @@ -20,6 +22,8 @@ type Build struct { Artifacts map[string]packerSDKRegistry.Image Status hcpPackerModels.HashicorpCloudPacker20230101BuildStatus Metadata hcpPackerModels.HashicorpCloudPacker20230101BuildMetadata + + CompressedSboms []packer.SBOM } // NewBuildFromCloudPackerBuild converts a HashicorpCloudPackerBuild to a local build that can be tracked and diff --git a/internal/hcp/registry/types.version.go b/internal/hcp/registry/types.version.go index 0caf6229c..819e09e46 100644 --- a/internal/hcp/registry/types.version.go +++ b/internal/hcp/registry/types.version.go @@ -205,5 +205,8 @@ func (version *Version) AddMetadataToBuild( buildToUpdate.Metadata.Vcs = globalMetadata.Vcs buildToUpdate.Metadata.Cicd = globalMetadata.Cicd + // TODO IMO this shouldn't be metadata + buildToUpdate.CompressedSboms = buildMetadata.SBOMs + return nil } diff --git a/packer/build.go b/packer/build.go index eade2625d..d23637f67 100644 --- a/packer/build.go +++ b/packer/build.go @@ -55,6 +55,7 @@ type CoreBuild struct { } type SBOM struct { + Name string Format string CompressedData []byte } @@ -313,6 +314,7 @@ func (b *CoreBuild) Run(ctx context.Context, originalUi packersdk.Ui) ([]packers sbomInternalProvisioner, ok := p.Provisioner.(*SBOMInternalProvisioner) if ok { sbom := SBOM{ + Name: sbomInternalProvisioner.SBOMName, Format: sbomInternalProvisioner.SBOMFormat, CompressedData: sbomInternalProvisioner.CompressedData, } From 9b3f29faf95df3c4aa43662fe514be95b10675d7 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Tue, 12 Nov 2024 13:36:04 -0500 Subject: [PATCH 034/115] hcp: wrap completeBuild to mark as failed on error When a build cannot be completed without errors, the build state was left as running, unless the build explicitly failed, which meant that HCP Packer would be responsible for changing the status after the heartbeats for the build stopped being sent for two 5m periods. This commit changes this behaviour, by explicitly marking the build as failed if something did not work while trying to complete a build on HCP Packer, even if the local Packer core build succeeded before that. --- internal/hcp/registry/types.bucket.go | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/internal/hcp/registry/types.bucket.go b/internal/hcp/registry/types.bucket.go index ab068a308..b9be5fd81 100644 --- a/internal/hcp/registry/types.bucket.go +++ b/internal/hcp/registry/types.bucket.go @@ -642,7 +642,6 @@ func (bucket *Bucket) completeBuild( doneCh, ok := bucket.RunningBuilds[buildName] if !ok { log.Print("[ERROR] done build does not have an entry in the heartbeat table, state will be inconsistent.") - } else { log.Printf("[TRACE] signal stopping heartbeats") // Stop heartbeating @@ -662,6 +661,23 @@ func (bucket *Bucket) completeBuild( return packerSDKArtifacts, fmt.Errorf("build failed, not uploading artifacts") } + artifacts, err := bucket.doCompleteBuild(ctx, buildName, packerSDKArtifacts, buildErr) + if err != nil { + err := bucket.UpdateBuildStatus(ctx, buildName, hcpPackerModels.HashicorpCloudPacker20230101BuildStatusBUILDFAILED) + if err != nil { + log.Printf("[ERROR] failed to update build %q status to FAILED: %s", buildName, err) + } + } + + return artifacts, err +} + +func (bucket *Bucket) doCompleteBuild( + ctx context.Context, + buildName string, + packerSDKArtifacts []packerSDK.Artifact, + buildErr error, +) ([]packerSDK.Artifact, error) { for _, art := range packerSDKArtifacts { var sdkImages []packerSDKRegistry.Image decoder, err := mapstructure.NewDecoder(&mapstructure.DecoderConfig{ From 619c524afbbb13b1dc858b1a99105ad319c97767 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Wed, 13 Nov 2024 15:36:45 -0500 Subject: [PATCH 035/115] command: exit non-zero if uploading to HCP failed In the current state, a Packer build that succeeds but fails to push its metadata to HCP for reasons other than a lack of artifact will always succeed from the perspective of a user invoking `packer build`. This can be a bit misleading, as users may expect their artifacts to appear on HCP Packer if their build succeeded on Packer Core, so this commit changes this behaviour, instead reporting HCP errors as a real error if the build failed, so packer returns a non-zero error code if this happens. --- command/build.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/command/build.go b/command/build.go index f7be3a102..4727e195d 100644 --- a/command/build.go +++ b/command/build.go @@ -320,6 +320,15 @@ Check that you are using an HCP Ready integration before trying again: artifacts.Unlock() } } + + // If the build succeeded but uploading to HCP failed, + // Packer should exit non-zero, so we re-assign the + // error to account for this case. + if hcperr != nil && err == nil { + errs.Lock() + errs.m[name] = hcperr + errs.Unlock() + } }() if cla.Debug { From 347c57306c1b9917e4fe2435a04f70f0b7436e11 Mon Sep 17 00:00:00 2001 From: Jenna Goldstrich Date: Mon, 6 Jan 2025 18:02:08 -0800 Subject: [PATCH 036/115] hcp: use enum for HCP SBOM upload Since the protos for uploading an SBOM for a build have been changed to use an enumeration instead of a plain string with the latest revisions to the HCP Packer SBOM support feature, we update how we reference those values for the SBOM format to use that enum instead. --- internal/hcp/registry/types.bucket.go | 2 +- packer/build.go | 3 ++- packer/provisioner.go | 3 ++- provisioner/hcp-sbom/provisioner.go | 5 +++-- provisioner/hcp-sbom/validate.go | 7 ++++--- 5 files changed, 12 insertions(+), 8 deletions(-) diff --git a/internal/hcp/registry/types.bucket.go b/internal/hcp/registry/types.bucket.go index b9be5fd81..184a46e2a 100644 --- a/internal/hcp/registry/types.bucket.go +++ b/internal/hcp/registry/types.bucket.go @@ -246,7 +246,7 @@ func (bucket *Bucket) uploadSbom(ctx context.Context, buildName string, sbom pac Body: &hcpPackerModels.HashicorpCloudPacker20230101UploadSbomBody{ CompressedSbom: sbom.CompressedData, Name: sbom.Name, - Format: sbom.Format, + Format: &sbom.Format, }, }, nil, diff --git a/packer/build.go b/packer/build.go index d23637f67..4a311461e 100644 --- a/packer/build.go +++ b/packer/build.go @@ -9,6 +9,7 @@ import ( "log" "sync" + hcpPackerModels "github.com/hashicorp/hcp-sdk-go/clients/cloud-packer-service/stable/2023-01-01/models" "github.com/hashicorp/packer-plugin-sdk/common" packersdk "github.com/hashicorp/packer-plugin-sdk/packer" "github.com/hashicorp/packer-plugin-sdk/packerbuilderdata" @@ -56,7 +57,7 @@ type CoreBuild struct { type SBOM struct { Name string - Format string + Format hcpPackerModels.HashicorpCloudPacker20230101SbomFormat CompressedData []byte } diff --git a/packer/provisioner.go b/packer/provisioner.go index 24e20b3a2..4be4f99dd 100644 --- a/packer/provisioner.go +++ b/packer/provisioner.go @@ -12,6 +12,7 @@ import ( hcpSbomProvisioner "github.com/hashicorp/packer/provisioner/hcp-sbom" + hcpPackerModels "github.com/hashicorp/hcp-sdk-go/clients/cloud-packer-service/stable/2023-01-01/models" "github.com/klauspost/compress/zstd" "time" @@ -249,7 +250,7 @@ func (p *DebuggedProvisioner) Provision(ctx context.Context, ui packersdk.Ui, co type SBOMInternalProvisioner struct { Provisioner packersdk.Provisioner CompressedData []byte - SBOMFormat string + SBOMFormat hcpPackerModels.HashicorpCloudPacker20230101SbomFormat SBOMName string } diff --git a/provisioner/hcp-sbom/provisioner.go b/provisioner/hcp-sbom/provisioner.go index cbc515c13..cf03e5670 100644 --- a/provisioner/hcp-sbom/provisioner.go +++ b/provisioner/hcp-sbom/provisioner.go @@ -20,6 +20,7 @@ import ( "path/filepath" "github.com/hashicorp/hcl/v2/hcldec" + hcpPackerModels "github.com/hashicorp/hcp-sdk-go/clients/cloud-packer-service/stable/2023-01-01/models" "github.com/hashicorp/packer-plugin-sdk/common" packersdk "github.com/hashicorp/packer-plugin-sdk/packer" "github.com/hashicorp/packer-plugin-sdk/template/config" @@ -116,8 +117,8 @@ type PackerSBOM struct { RawSBOM []byte `json:"raw_sbom"` // Format is the format detected by the provisioner // - // Supported values: `spdx` or `cyclonedx` - Format string `json:"format"` + // Supported values: `SPDX` or `CYCLONEDX` + Format hcpPackerModels.HashicorpCloudPacker20230101SbomFormat `json:"format"` // Name is the name of the SBOM to be set on HCP Packer // // If unset, HCP Packer will generate one diff --git a/provisioner/hcp-sbom/validate.go b/provisioner/hcp-sbom/validate.go index 4f17a4ac0..7343dcb9b 100644 --- a/provisioner/hcp-sbom/validate.go +++ b/provisioner/hcp-sbom/validate.go @@ -6,6 +6,7 @@ import ( "strings" "github.com/CycloneDX/cyclonedx-go" + hcpPackerModels "github.com/hashicorp/hcp-sdk-go/clients/cloud-packer-service/stable/2023-01-01/models" spdxjson "github.com/spdx/tools-golang/json" ) @@ -61,11 +62,11 @@ func validateSPDX(content []byte) error { } // validateSBOM validates the SBOM file and returns the format of the SBOM. -func validateSBOM(content []byte) (string, error) { +func validateSBOM(content []byte) (hcpPackerModels.HashicorpCloudPacker20230101SbomFormat, error) { // Try validating as SPDX spdxErr := validateSPDX(content) if spdxErr == nil { - return "spdx", nil + return hcpPackerModels.HashicorpCloudPacker20230101SbomFormatSPDX, nil } if vErr, ok := spdxErr.(*ValidationError); ok { @@ -74,7 +75,7 @@ func validateSBOM(content []byte) (string, error) { cycloneDxErr := validateCycloneDX(content) if cycloneDxErr == nil { - return "cyclonedx", nil + return hcpPackerModels.HashicorpCloudPacker20230101SbomFormatCYCLONEDX, nil } if vErr, ok := cycloneDxErr.(*ValidationError); ok { From 8dcd9fe1a597a550f319924adbd6245a5032c92f Mon Sep 17 00:00:00 2001 From: Jenna Goldstrich Date: Tue, 21 Jan 2025 11:24:19 -0800 Subject: [PATCH 037/115] Ensure org ID is set and move UploadSbom to api package --- internal/hcp/api/service_build.go | 25 +++++++++++++++++++++++++ internal/hcp/registry/types.bucket.go | 20 +------------------- 2 files changed, 26 insertions(+), 19 deletions(-) diff --git a/internal/hcp/api/service_build.go b/internal/hcp/api/service_build.go index 946d8d08e..a857192c3 100644 --- a/internal/hcp/api/service_build.go +++ b/internal/hcp/api/service_build.go @@ -6,6 +6,7 @@ import ( hcpPackerAPI "github.com/hashicorp/hcp-sdk-go/clients/cloud-packer-service/stable/2023-01-01/client/packer_service" hcpPackerModels "github.com/hashicorp/hcp-sdk-go/clients/cloud-packer-service/stable/2023-01-01/models" + "github.com/hashicorp/packer/packer" ) func (c *Client) CreateBuild( @@ -93,3 +94,27 @@ func (c *Client) UpdateBuild( return resp.Payload.Build.ID, nil } + +func (c *Client) UploadSbom( + ctx context.Context, + bucketName, fingerprint string, + buildID string, + sbom packer.SBOM, +) error { + + params := hcpPackerAPI.NewPackerServiceUploadSbomParamsWithContext(ctx) + params.BuildID = buildID + params.LocationOrganizationID = c.OrganizationID + params.LocationProjectID = c.ProjectID + params.BucketName = bucketName + params.Fingerprint = fingerprint + + params.Body = &hcpPackerModels.HashicorpCloudPacker20230101UploadSbomBody{ + CompressedSbom: sbom.CompressedData, + Format: &sbom.Format, + Name: sbom.Name, + } + + _, err := c.Packer.PackerServiceUploadSbom(params, nil) + return err +} diff --git a/internal/hcp/registry/types.bucket.go b/internal/hcp/registry/types.bucket.go index 184a46e2a..1e06439c4 100644 --- a/internal/hcp/registry/types.bucket.go +++ b/internal/hcp/registry/types.bucket.go @@ -15,7 +15,6 @@ import ( "github.com/hashicorp/packer/packer" "github.com/hashicorp/go-multierror" - "github.com/hashicorp/hcp-sdk-go/clients/cloud-packer-service/stable/2023-01-01/client/packer_service" hcpPackerModels "github.com/hashicorp/hcp-sdk-go/clients/cloud-packer-service/stable/2023-01-01/models" packerSDK "github.com/hashicorp/packer-plugin-sdk/packer" packerSDKRegistry "github.com/hashicorp/packer-plugin-sdk/packer/registry/image" @@ -231,27 +230,10 @@ func (bucket *Bucket) uploadSbom(ctx context.Context, buildName string, sbom pac return err } - log.Println( - "[TRACE] jennajenna uploadsbom called", buildToUpdate.ID, - ) if buildToUpdate.ID == "" { return fmt.Errorf("the build for the component %q does not have a valid id", buildName) } - _, err = bucket.client.Packer.PackerServiceUploadSbom( - &packer_service.PackerServiceUploadSbomParams{ - Context: ctx, - BucketName: bucket.Name, - Fingerprint: bucket.Version.Fingerprint, - BuildID: buildToUpdate.ID, - Body: &hcpPackerModels.HashicorpCloudPacker20230101UploadSbomBody{ - CompressedSbom: sbom.CompressedData, - Name: sbom.Name, - Format: &sbom.Format, - }, - }, - nil, - ) - return err + return bucket.client.UploadSbom(ctx, bucket.Name, bucket.Version.Fingerprint, buildToUpdate.ID, sbom) } // markBuildComplete should be called to set a build on the HCP Packer registry to DONE. From 2e609231b43d9bbb68dffef991e16c3968d441a2 Mon Sep 17 00:00:00 2001 From: Devashish Date: Fri, 1 Nov 2024 12:34:55 -0400 Subject: [PATCH 038/115] website: add docs for the hcp-sbom provisioner --- provisioner/hcp-sbom/provisioner.go | 34 ++--- website/content/community-plugins.mdx | 1 + .../content/docs/provisioners/hcp-sbom.mdx | 137 ++++++++++++++++++ website/content/docs/provisioners/index.mdx | 2 + .../hcp-sbom/Config-not-required.mdx | 27 ++-- .../provisioner/hcp-sbom/Config-required.mdx | 5 +- website/data/docs-nav-data.json | 4 + 7 files changed, 168 insertions(+), 42 deletions(-) create mode 100644 website/content/docs/provisioners/hcp-sbom.mdx diff --git a/provisioner/hcp-sbom/provisioner.go b/provisioner/hcp-sbom/provisioner.go index cf03e5670..437139086 100644 --- a/provisioner/hcp-sbom/provisioner.go +++ b/provisioner/hcp-sbom/provisioner.go @@ -30,29 +30,21 @@ import ( type Config struct { common.PackerConfig `mapstructure:",squash"` - // Source is a required field that specifies the path to the SBOM file that - // needs to be downloaded. - // It can be a file path or a URL. + // The file path or URL to the SBOM file in the Packer artifact. + // This file must either be in the SPDX or CycloneDX format. Source string `mapstructure:"source" required:"true"` - // Destination is an optional field that specifies the path where the SBOM - // file will be downloaded to for the user. - // The 'Destination' must be a writable location. If the destination is a file, - // the SBOM will be saved or overwritten at that path. If the destination is - // a directory, a file will be created within the directory to store the SBOM. - // Any parent directories for the destination must already exist and be - // writable by the provisioning user (generally not root), otherwise, - // a "Permission Denied" error will occur. If the source path is a file, - // it is recommended that the destination path be a file as well. + + // The path on the local machine to store a copy of the SBOM file. + // You can specify an absolute or a path relative to the working directory + // when you execute the Packer build. If the file already exists on the + // local machine, Packer overwrites the file. If the destination is a + // directory, the directory must already exist. Destination string `mapstructure:"destination"` - // The name to give the SBOM when uploaded on HCP Packer - // - // By default this will be generated, but if you prefer to have a name - // of your choosing, you can enter it here. - // The name must match the following regexp: `[a-zA-Z0-9_-]{3,36}` - // - // Note: it must be unique for a single build, otherwise the build will - // fail when uploading the SBOMs to HCP Packer, and so will the Packer - // build command. + + // The name of the SBOM file stored in HCP Packer. + // If omitted, HCP Packer uses the build fingerprint as the file name. + // This value must be between three and 36 characters from the following set: `[A-Za-z0-9_-]`. + // You must specify a unique name for each build in an artifact version. SbomName string `mapstructure:"sbom_name"` ctx interpolate.Context } diff --git a/website/content/community-plugins.mdx b/website/content/community-plugins.mdx index fa245b73d..43a427c3f 100644 --- a/website/content/community-plugins.mdx +++ b/website/content/community-plugins.mdx @@ -24,6 +24,7 @@ HashiCorp maintainers for advice on how to get started contributing. ## Provisioners - File +- HCP SBOM - InSpec - PowerShell - Shell diff --git a/website/content/docs/provisioners/hcp-sbom.mdx b/website/content/docs/provisioners/hcp-sbom.mdx new file mode 100644 index 000000000..f0bd15cca --- /dev/null +++ b/website/content/docs/provisioners/hcp-sbom.mdx @@ -0,0 +1,137 @@ +--- +description: | + The hcp-sbom Packer provisioner uploads a CycloneDX or SPDX JSON-formatted software bill of materials record to HCP Packer. +page_title: HCP SBOM - Provisioners +--- + + + + + +# HCP SBOM Provisioner + +Type: `hcp-sbom` + +The `hcp-sbom` provisioner uploads software bill of materials (SBOM) files from artifacts built by Packer to HCP Packer. You must format SBOM files you want to upload as JSON and follow either the [SPDX](https://spdx.github.io/spdx-spec/latest) or [CycloneDX](https://cyclonedx.org/) specification. HCP Packer ties these SBOM files to the version of the artifact that Packer builds. + +## Example + +The following example uploads an SBOM from the local `/tmp` directory and stores a copy at `./sbom/sbom_cyclonedx.json` on the local machine. + + + + +```hcl +provisioner "hcp-sbom" { + source = "/tmp/sbom_cyclonedx.json" + destination = "./sbom/sbom_cyclonedx.json" + sbom_name = "sbom-cyclonedx" +} +``` + + + + +```json +{ + "type": "hcp-sbom", + "source": "/tmp/sbom_cyclonedx.json", + "destination": "./sbom/sbom_cyclonedx.json", + "sbom_name": "sbom-cyclonedx" +} +``` + + + + +## Configuration reference + +You can specify the following configuration options. + +Required parameters: + +@include 'provisioner/hcp-sbom/Config-required.mdx' + +Optional parameters: + +@include '/provisioner/hcp-sbom/Config-not-required.mdx' + +## Example usage + + + + +```hcl +packer { + required_plugins { + docker = { + version = ">= 1.0.0" + source = "github.com/hashicorp/docker" + } + } +} + +source "docker" "ubuntu" { + image = "ubuntu:20.04" + commit = true +} + +build { + sources = ["source.docker.ubuntu"] + + hcp_packer_registry { + bucket_name = "test-bucket" + } + + + provisioner "shell" { + inline = [ + "apt-get update -y", + "apt-get install -y curl gpg", + "bash -c \"$(curl -sSL https://install.mondoo.com/sh)\"", + "cnquery sbom --output cyclonedx-json --output-target /tmp/sbom_cyclonedx.json", + ] + } + + provisioner "hcp-sbom" { + source = "/tmp/sbom_cyclonedx.json" + destination = "./sbom" + sbom_name = "sbom-cyclonedx" + } +} +``` + + + + +```json +{ + "builders": [ + { + "type": "docker", + "image": "ubuntu:20.04", + "commit": true + } + ], + "provisioners": [ + { + "type": "shell", + "inline": [ + "apt-get update -y", + "apt-get install -y curl", + "bash -c \"$(curl -sSL https://install.mondoo.com/sh)\"", + "cnquery sbom --output cyclonedx-json --output-target /tmp/sbom_cyclonedx.json" + ] + }, + { + "type": "hcp-sbom", + "source": "/tmp/sbom_cyclonedx.json", + "destination": "./sbom", + "sbom_name": "sbom-cyclonedx" + } + ] +} +``` + + + \ No newline at end of file diff --git a/website/content/docs/provisioners/index.mdx b/website/content/docs/provisioners/index.mdx index e6144beae..da2603e80 100644 --- a/website/content/docs/provisioners/index.mdx +++ b/website/content/docs/provisioners/index.mdx @@ -20,6 +20,8 @@ The following provisioners are included with Packer: - [Breakpoint](/packer/docs/provisioners/breakpoint) - pause until the user presses `Enter` to resume a build. - [File](/packer/docs/provisioners/file) - upload files to machines image during a build. +- [HCP SBOM](/packer/docs/provisioners/hcp-sbom) - upload an SBOM and associate it with an artifact + version in the HCP Packer registry. - [Shell](/packer/docs/provisioners/shell) - run shell scripts on the machines image during a build. - [Local Shell](/packer/docs/provisioners/shell-local) - run shell scripts on the host running Packer during a build. diff --git a/website/content/partials/provisioner/hcp-sbom/Config-not-required.mdx b/website/content/partials/provisioner/hcp-sbom/Config-not-required.mdx index 871e7a5ad..fbba4f3c8 100644 --- a/website/content/partials/provisioner/hcp-sbom/Config-not-required.mdx +++ b/website/content/partials/provisioner/hcp-sbom/Config-not-required.mdx @@ -1,23 +1,14 @@ -- `destination` (string) - Destination is an optional field that specifies the path where the SBOM - file will be downloaded to for the user. - The 'Destination' must be a writable location. If the destination is a file, - the SBOM will be saved or overwritten at that path. If the destination is - a directory, a file will be created within the directory to store the SBOM. - Any parent directories for the destination must already exist and be - writable by the provisioning user (generally not root), otherwise, - a "Permission Denied" error will occur. If the source path is a file, - it is recommended that the destination path be a file as well. +- `destination` (string) - The path on the local machine to store a copy of the SBOM file. + You can specify an absolute or a path relative to the working directory + when you execute the Packer build. If the file already exists on the + local machine, Packer overwrites the file. If the destination is a + directory, the directory must already exist. -- `sbom_name` (string) - The name to give the SBOM when uploaded on HCP Packer - - By default this will be generated, but if you prefer to have a name - of your choosing, you can enter it here. - The name must match the following regexp: `[a-zA-Z0-9_-]{3,36}` - - Note: it must be unique for a single build, otherwise the build will - fail when uploading the SBOMs to HCP Packer, and so will the Packer - build command. +- `sbom_name` (string) - The name of the SBOM file stored in HCP Packer. + If omitted, HCP Packer uses the build fingerprint as the file name. + This value must be between three and 36 characters from the following set: `[A-Za-z0-9_-]`. + You must specify a unique name for each build in an artifact version. diff --git a/website/content/partials/provisioner/hcp-sbom/Config-required.mdx b/website/content/partials/provisioner/hcp-sbom/Config-required.mdx index 2f227c2b0..4df8744eb 100644 --- a/website/content/partials/provisioner/hcp-sbom/Config-required.mdx +++ b/website/content/partials/provisioner/hcp-sbom/Config-required.mdx @@ -1,7 +1,6 @@ -- `source` (string) - Source is a required field that specifies the path to the SBOM file that - needs to be downloaded. - It can be a file path or a URL. +- `source` (string) - The file path or URL to the SBOM file in the Packer artifact. + This file must either be in the SPDX or CycloneDX format. diff --git a/website/data/docs-nav-data.json b/website/data/docs-nav-data.json index 51b173740..65ed0cb2d 100644 --- a/website/data/docs-nav-data.json +++ b/website/data/docs-nav-data.json @@ -792,6 +792,10 @@ "title": "File", "path": "provisioners/file" }, + { + "title": "HCP SBOM", + "path": "provisioners/hcp-sbom" + }, { "title": "PowerShell", "path": "provisioners/powershell" From 8eb277b122e4132530f60964954d3cf2a0317108 Mon Sep 17 00:00:00 2001 From: trujillo-adam Date: Tue, 21 Jan 2025 19:30:41 -0800 Subject: [PATCH 039/115] seo improvements data sources references --- .../datasources/hcp/hcp-packer-artifact.mdx | 15 +++---- .../docs/datasources/hcp/hcp-packer-image.mdx | 15 +++---- .../datasources/hcp/hcp-packer-iteration.mdx | 14 +++---- .../datasources/hcp/hcp-packer-version.mdx | 23 +++++----- .../content/docs/datasources/hcp/index.mdx | 42 ++++++++----------- website/content/docs/datasources/http.mdx | 11 ++--- website/content/docs/datasources/index.mdx | 9 ++-- website/data/docs-nav-data.json | 26 ++++++++---- 8 files changed, 69 insertions(+), 86 deletions(-) diff --git a/website/content/docs/datasources/hcp/hcp-packer-artifact.mdx b/website/content/docs/datasources/hcp/hcp-packer-artifact.mdx index e0fc58c03..f1332f6f7 100644 --- a/website/content/docs/datasources/hcp/hcp-packer-artifact.mdx +++ b/website/content/docs/datasources/hcp/hcp-packer-artifact.mdx @@ -1,9 +1,8 @@ --- description: | - The HCP Packer Artifact Data Source retrieves information about an - artifact from the HCP Packer Registry. This information can be used to - provide a source artifact to various Packer builders. -page_title: HCP Packer Artifact - Data Sources + The `hcp-packer-artifact` data source retrieves information about an + artifact from the HCP Packer Registry. Use the information to provide a source artifact to Packer builders. +page_title: hcp-packer-artifact data source reference --- @@ -11,12 +10,10 @@ page_title: HCP Packer Artifact - Data Sources -# HCP Packer Artifact Data Source +# `hcp-packer-artifact` -Type: `hcp-packer-artifact` - -The `HCP Packer Artifact` Data Source retrieves information about an -artifact from the HCP Packer Registry. This information can be used to +The `hcp-packer-artifact` data source retrieves information about an +artifact from the HCP Packer Registry. Use this retrieved information to provide a source artifact to various Packer builders. To get started with HCP Packer, refer to the [HCP Packer documentation](/hcp/docs/packer) or try diff --git a/website/content/docs/datasources/hcp/hcp-packer-image.mdx b/website/content/docs/datasources/hcp/hcp-packer-image.mdx index d7312921c..bab62a113 100644 --- a/website/content/docs/datasources/hcp/hcp-packer-image.mdx +++ b/website/content/docs/datasources/hcp/hcp-packer-image.mdx @@ -1,23 +1,18 @@ --- description: | - This data source has been deprecated, please use HCP Packer Artifact data source instead. - The HCP Packer Image Data Source retrieves information about an - image from the HCP Packer registry. This information can be used to - provide a source image to various Packer builders. -page_title: HCP Packer Image - Data Sources + The `hcp-packer-image` data source retrieves information about an image from the HCP Packer registry. This data source has been deprecated, use the `hcp-packer-artifact` data source instead. +page_title: hcp-packer-image data source reference --- -# HCP Packer Image Data Source +# `hcp-packer-image` -~> **Note:** This data source has been deprecated, please use [HCP Packer Artifact](/packer/docs/datasources/hcp/hcp-packer-artifact) data source instead. +~> **This data source id deprecated**. Use the [`hcp-packer-artifact`](/packer/docs/datasources/hcp/hcp-packer-artifact) data source instead. -Type: `hcp-packer-image` - -The `HCP Packer Image` Data Source retrieves information about an +The `hcp-packer-image` data source retrieves information about an image from the HCP Packer registry. This information can be used to provide a source image to various Packer builders. diff --git a/website/content/docs/datasources/hcp/hcp-packer-iteration.mdx b/website/content/docs/datasources/hcp/hcp-packer-iteration.mdx index 6ad6fb3c3..a1bfc4474 100644 --- a/website/content/docs/datasources/hcp/hcp-packer-iteration.mdx +++ b/website/content/docs/datasources/hcp/hcp-packer-iteration.mdx @@ -1,21 +1,17 @@ --- description: | - This data source has been deprecated, please use HCP Packer Version data source instead. - The HCP Packer Iteration Data Source retrieves information about an - iteration from the HCP Packer registry. This information can be used to - query HCP for a source image for various Packer builders. -page_title: HCP Packer Iteration - Data Sources + The `hcp-packer-iteration` data source retrieves information about an +iteration from the HCP Packer registry. This data source is deprecated. Use the `hcpe-packer-verion` data source instead. +page_title: hcp-packer-iteration data source reference --- -# HCP Packer Iteration Data Source +# `hcp-packer-iteration` -~> **Note:** This data source has been deprecated, please use [HCP Packer Version](/packer/docs/datasources/hcp/hcp-packer-version) data source instead. - -Type: `hcp-packer-iteration` +~> **This data source is deprecated**. Use the [`hcp-packer-version`](/packer/docs/datasources/hcp/hcp-packer-version) data source instead. The `HCP Packer Iteration` Data Source retrieves information about an iteration from the HCP Packer registry. This information can be used to query diff --git a/website/content/docs/datasources/hcp/hcp-packer-version.mdx b/website/content/docs/datasources/hcp/hcp-packer-version.mdx index b84efdf40..d9a250cb7 100644 --- a/website/content/docs/datasources/hcp/hcp-packer-version.mdx +++ b/website/content/docs/datasources/hcp/hcp-packer-version.mdx @@ -1,9 +1,9 @@ --- description: | - The HCP Packer Version Data Source retrieves information about - HCP Packer Version from the HCP Packer Registry. This information can be used to - query HCP for a source external identifier for various Packer builders. -page_title: HCP Packer Version - Data Sources + The `hcp-packer-version` data source retrieves information about + the HCP Packer version from the HCP Packer registry. Use this information to + get a source's external identifier. +page_title: hcp-packer-version data source reference --- @@ -11,20 +11,17 @@ page_title: HCP Packer Version - Data Sources -# HCP Packer Version Data Source +# `hcp-packer-version` -Type: `hcp-packer-version` - -The `HCP Packer Version` Data Source retrieves information about -HCP Packer Version from the HCP Packer Registry. This information can be used to -query HCP for a source external identifier for various Packer builders. +The `hcp-packer-version` dsata source retrieves information about +the HCP Packer version from the HCP Packer registry. You can use the version information to +query HCP for a source's external identifier so that you can use it in various Packer builders. To get started with HCP Packer, refer to the [HCP Packer documentation](/hcp/docs/packer) or try the [Get Started with HCP Packer tutorials](/packer/tutorials/hcp-get-started). -~> **Note:** You will receive an error if you try to reference metadata from a deactivated or deleted registry. -An administrator can manually deactivate or delete a registry, and HCP Packer automatically deactivates registries -with billing issues. Contact [HashiCorp Support](https://support.hashicorp.com/) with questions. +Packer prints an error if you try to reference metadata from a deactivated or deleted registry. +An administrator can manually deactivate or delete a registry, and HCP Packer automatically deactivates registries with billing issues. Contact [HashiCorp Support](https://support.hashicorp.com/) with questions. ## Revoked Versions diff --git a/website/content/docs/datasources/hcp/index.mdx b/website/content/docs/datasources/hcp/index.mdx index 7f5fff761..74df7791b 100644 --- a/website/content/docs/datasources/hcp/index.mdx +++ b/website/content/docs/datasources/hcp/index.mdx @@ -1,7 +1,7 @@ --- description: | - Data sources used to data from the HCP Packer registry. -page_title: HCP - Data sources + HCP Packer data sources query data stored to the HCP Packer registry. Use the data sources when your artifact metadata is centralized in HCP. +page_title: HCP Packer Registry Data sources overview sidebar_title: Overview --- @@ -9,39 +9,31 @@ sidebar_title: Overview -# HCP Packer Registry Data sources +# HCP Packer Registry data sources overview -The HCP Packer Registry bridges the gap between artifact factories and artifact -deployments, allowing development and security teams to work together to create, +The HCP Packer Registry connects artifact factories and artifact +deployments so that development and security teams can work together to create, manage, and consume artifacts in a centralized way. +## Introduction + The HCP Packer Registry stores metadata about your artifacts, including when they -were created, where the artifacts exists in the cloud, and what (if any) git commit -is associated with your build. You can use the registry to track +were created, where the artifacts exists in the cloud, and git commit +information associated with your build. You can use the registry to track information about the artifacts your Packer builds produce, clearly designate which artifacts are appropriate for test and production environments, and query for the right artifacts to use in both Packer and Terraform configurations. -Packer has two data sources that work together to retrieve information from the +The following Packer data sources work together to determine and retrieve information from the HCP Packer registry: -- [hcp-packer-version](/packer/docs/datasources/hcp/hcp-packer-version) - -retrieves information about an HCP Packer Version in HCP Packer Registry -- [hcp-packer-artifact](/packer/docs/datasources/hcp/hcp-packer-artifact) - retrieves -information about a specific artifact created in the HCP Packer registry - -Deprecated data sources: (Please use above given data sources instead) -- [hcp-packer-iteration](/packer/docs/datasources/hcp/hcp-packer-iteration) - - retrieves information about an iteration in HCP Packer registry -- [hcp-packer-image](/packer/docs/datasources/hcp/hcp-packer-image) - retrieves - information about a specific image created in the HCP Packer registry - -These data sources are intended to be used together to determine source artifact -for pipelined Packer builds. +- [hcp-packer-version](/packer/docs/datasources/hcp/hcp-packer-version): Retrieves information about an HCP Packer version in the HCP Packer registry. +- [hcp-packer-artifact](/packer/docs/datasources/hcp/hcp-packer-artifact): Retrieves +information about a specific artifact created in the HCP Packer registry. -## How to use this plugin +The following data source types are deprecated since v1.10.1: -This plugin comes bundled with the Packer core, so you do not need to install -it separately. Please install Packer v1.7.7 or above to use the latest version -of the HCP Packer Registry data sources. +- [hcp-packer-iteration](/packer/docs/datasources/hcp/hcp-packer-iteration): Retrieves information about an iteration in HCP Packer registry. This data source type is deprecated. Use `hcp-packer-version` instead. +- [hcp-packer-image](/packer/docs/datasources/hcp/hcp-packer-image): Retrieves + information about a specific image created in the HCP Packer registry. This data source type is deprecated. Use `hcp-packer-artifact` instead. \ No newline at end of file diff --git a/website/content/docs/datasources/http.mdx b/website/content/docs/datasources/http.mdx index f11e5c64a..3357d749a 100644 --- a/website/content/docs/datasources/http.mdx +++ b/website/content/docs/datasources/http.mdx @@ -1,8 +1,7 @@ --- description: | - The HTTP Data Source retrieves information from an HTTP endpoint to be used - during Packer builds -page_title: HTTP - Data Sources + The `http` data source makes an HTTP `GET` request to the specified URL and exports information about the response. +page_title: http data source reference --- @@ -10,11 +9,9 @@ page_title: HTTP - Data Sources -# HTTP Data Source +# `http` -Type: `http` - -The `http` data source makes an HTTP GET request to the given URL and exports information about the response. +The `http` data source makes an HTTP `GET` request to the specified URL and exports information about the response. ## Basic Example diff --git a/website/content/docs/datasources/index.mdx b/website/content/docs/datasources/index.mdx index cf70bde28..1bcf1c8ff 100644 --- a/website/content/docs/datasources/index.mdx +++ b/website/content/docs/datasources/index.mdx @@ -1,15 +1,14 @@ --- +page_title: Data sources overview description: | - Data sources allow data to be fetched for use in Packer configuration. Use of data sources - allows a build to use information defined outside of Packer. -page_title: Data Sources + A data source holds data you want to use in the Packer configuration. Define a data source in your configuration so that Packer can use external data during builds. --- -# Data Sources +# Data sources Data sources let Packer fetch data to use in a template, including information defined outside of Packer. Refer to the [`data`](/packer/docs/templates/hcl_templates/datasources) block documentation to learn more about working with data sources. The documentation also contains details about each type of data source. --> **Note:** Data sources is a feature exclusively available to HCL2 templates included in Packer `v1.7.0` (and newer). +Data sources are only available in HCL2 templates and require Packer `v1.7.0` and newer. diff --git a/website/data/docs-nav-data.json b/website/data/docs-nav-data.json index 65ed0cb2d..a4d8cc732 100644 --- a/website/data/docs-nav-data.json +++ b/website/data/docs-nav-data.json @@ -740,7 +740,7 @@ ] }, { - "title": "Data Sources", + "title": "Data sources reference", "routes": [ { "title": "Overview", @@ -754,25 +754,35 @@ "path": "datasources/hcp" }, { - "title": "Version", + "title": "hcp-packer-version", "path": "datasources/hcp/hcp-packer-version" }, { - "title": "Artifact", + "title": "hcp-packer-artifact", "path": "datasources/hcp/hcp-packer-artifact" }, { - "title": "Iteration", - "path": "datasources/hcp/hcp-packer-iteration" + "title": "hcp-packer-iteration", + "path": "datasources/hcp/hcp-packer-iteration", + "badge" : { + "text": "DEPRECATED", + "type": "outlined", + "color": "neutral" + } }, { - "title": "Image", - "path": "datasources/hcp/hcp-packer-image" + "title": "hcp-packer-image", + "path": "datasources/hcp/hcp-packer-image", + "badge" : { + "text": "DEPRECATED", + "type": "outlined", + "color": "neutral" + } } ] }, { - "title": "HTTP", + "title": "http", "path": "datasources/http" } ] From f1442be54ffa48d28b34c68d48b7c7620f600ce4 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Tue, 21 Jan 2025 11:11:00 -0500 Subject: [PATCH 040/115] CHANGELOG: add changes for v1.12.0 --- CHANGELOG.md | 128 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 128 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4d94cfbba..6bce9b094 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,131 @@ +## 1.12.0 (January 22, 2025) + +### FEATURES: + +* core: add support for a DAG-based evaluation on locals and datasources. + A long-standing odditiy of Packer has been the order of evaluation for + locals and data sources. In previous versions of Packer, the + data sources were evaluated first, then the local variables were, making + it impossible to have a datasource that referenced a local variable as + part of its configuration. + This change introduces a Directed Acyclic Graph (DAG) to evaluate those + resources, instead of the phased approach of old, which makes the order + of evaluation not dependent on the type of resource, but instead of the + detected dependencies between them. + **Note**: While we are confident this should be robust enough for general + use, we do recognise that it is possible some users might encounter issues. + To give those users a way to continue using the old evaluation method, we + introduced a `-use-sequential-evaluation` command-line flag to the build, + validate, console and inspect subcommands, to force using the sequential + evaluation approach for those entities. + [GH-13155](https://github.com/hashicorp/packer/pull/13155) + +* core/hcp: support for uploading SBOMs to HCP Packer. + Software Bill of Materials (SBOM) are a standardised way to export the various + software packages linked to an artifact. As some users have expressed a + need to produce and access those for images they build, we now add the + feature to Packer itself. + While the generation of the SBOM itself is not done directly by + Packer, instead we recommend using known scanners to produce them, we add + the capacity to upload this SBOM file to HCP Packer, and link it to a + build artifact. + [GH-13171](https://github.com/hashicorp/packer/pull/13171) + +* core: support for alternate serialisation formats for plugin communication. + Packer relies on plugins to do most of the actual workload related to + building and provisioing artifacts, while Packer is mostly an orchestrator + for those plugins to perform their work. + This separation of concerns implies that both entities have to + communicate on multiple occasions during the course of a build. + Before v1.12.0 of Packer, and v0.6.0 of the plugin SDK, we used Gob to + do most of the serialisation for those steps. + This is however a bit of a problem recently, as go-cty, the library we + use for dynamic objects lifted from HCL templates, dropped support for + this a while back. + Therefore now, we introduce an alternative: protobuf/msgpack, which are + both usable and maintained by the projects around Packer, so we can begin + our transition away from gob with this change. + **Note**: as with the introduction of the DAG for locals/datasources, this + is a feature that we are reasonably confident you will not encounter bugs + with, however we cannot rule-out this possibility, therefore we introduce + a new environment variable: `PACKER_FORCE_GOB`, which if set to '1', forces + the use of Gob instead of protobuf/msgpack. + [GH-13120](https://github.com/hashicorp/packer/pull/13120) + +### IMPROVEMENTS: + +* hcl2/json: add `aws_secretsmanager_raw` funcion. + When using the AWS secretsmanager function with a non-text secret, one could + only get a secret once at a time. + This could get cumbersome if wanting to get multiple through one request, + which led people to encode their JSON/Object secrets as a big base64 + encoded string that they could get once, and then manipulate through JSON + functions. + While the workaround works, it is one extra layer of manipulations to do so, + therefore a new function to always get the raw textual version of a secret + is now added to Packer. + [GH-13242](https://github.com/hashicorp/packer/pull/13242) +* hcl2: add `alltrue` and `anytrue` functions. + As with Terraform, Packer now supports the HCL functions `alltrue` and + `anytrue`, which returns whether or not a collection only consists of + `true` values, or if any is. + [GH-13237](https://github.com/hashicorp/packer/pull/13237) +* hcl2: add `strcontains` function. + As with Terraform, Packer now supports the HCL function `strcontains`, + which returns whether or not a string contains a substring within it. + [GH-13217](https://github.com/hashicorp/packer/pull/13217) + [GH-13222](https://github.com/hashicorp/packer/pull/13222) +* datasource/http: Support other methods than GET. + The HTTP datasource used to always use GET requests for getting data + from a remote HTTP server, which was not always enough since some endpoints + may only support other methods. This change allows for most of the HTTP + methods to perform those requests. + [GH-13190](https://github.com/hashicorp/packer/pull/13190) +* hcl2: add `base64gzip` function. + In some cases, small blobs may need to be kept in memory, and injected in + a template somewhere else, but if the blob needs to be minimised, the + base64gzip function can be invoked to compress the blob and expose it + as a valid HCL2 string for use later. + [GH-13142](https://github.com/hashicorp/packer/pull/13142) + +### BUG FIXES: + +* hcl2: Fix duplicate error messages on top-level HCL violations. + A parsing quirk for HCL templates caused Packer to produce the same parsing + error multiple times if the error was caused by a top-level violation. + [GH-13245](https://github.com/hashicorp/packer/pull/13245) +* build: Include LC_UUID in Darwin binaries. + A change in how Apple authorises a plugin to access the network caused + Packer to break on recent (14.7 and above) macOS versions, as Packer uses + the local network to communicate with plugins. + The fix is to include an additional UUID into the metadata of the produced + binary, so it is authorised by macOS to use the local network, which prompts + an update to the version of Go used for building Packer (1.22.9), as it is + when this addition is supported by an LDFLAG. + [GH-13214](https://github.com/hashicorp/packer/pull/13214) +* hcl2: Don't error on empty bucker slug. + As reported by members of our community, using a hcp_packer_registry + block without a bucket slug, even if provided by external means, would cause + Packer to fail with an invalid bucket slug error. This is most definitely + a bug, which is addressed in this release. + [GH-13210](https://github.com/hashicorp/packer/pull/13210) +* hcp: fix bug when trying to extract HEAD SHA from empty Git repo. + [GH-13165](https://github.com/hashicorp/packer/pull/13165) + +### SECURITY: + +* Bump to go-crypto v0.31.0 + [GH-13233](https://github.com/hashicorp/packer/pull/13233) + +### NOTES: + +* docs: fix UUIDv4 example. A community user has found discrepancies in the + UUIDv4 examples which were used in our docs, as they do not match the + standard. + [GH-13229](https://github.com/hashicorp/packer/pull/13229) +* hcl2: fix slice initialisation method during variable evaluation phase. + [GH-13175](https://github.com/hashicorp/packer/pull/13175) + ## 1.11.2 (July 30, 2024) ### FEATURES From 711a38bdd447f83176444ab8fca8d61dffc186fa Mon Sep 17 00:00:00 2001 From: trujillo-adam Date: Thu, 23 Jan 2025 11:02:12 -0800 Subject: [PATCH 041/115] intro articles --- website/content/docs/debugging.mdx | 6 ++--- website/content/docs/intro/index.mdx | 22 +++++++--------- website/content/docs/intro/use-cases.mdx | 32 +++++++++--------------- website/content/docs/intro/why.mdx | 30 ++++++++-------------- 4 files changed, 34 insertions(+), 56 deletions(-) diff --git a/website/content/docs/debugging.mdx b/website/content/docs/debugging.mdx index 0adad6c9d..88b92ca63 100644 --- a/website/content/docs/debugging.mdx +++ b/website/content/docs/debugging.mdx @@ -1,9 +1,7 @@ --- description: | - Packer strives to be stable and bug-free, but issues inevitably arise where - certain things may not work entirely correctly, or may not appear to work - correctly. -page_title: Debugging - Other + Learn how to debug issues with Packer builds and plugins using `packer build`, logs, and other troubleshooting tools. +page_title: Debugging Packer --- # Debugging Packer Builds diff --git a/website/content/docs/intro/index.mdx b/website/content/docs/intro/index.mdx index d6fb56902..81d1e0f50 100644 --- a/website/content/docs/intro/index.mdx +++ b/website/content/docs/intro/index.mdx @@ -1,19 +1,11 @@ --- -page_title: Introduction -description: |- - Welcome to the world of Packer! This introduction guide will show you what - Packer is, explain why it exists, the benefits it has to offer, and how you - can get started with it. If you're already familiar with Packer, the - documentation provides more of a reference for all available features. +page_title: Introduction to Packer +description: Packer is a community tool for creating identical machine images for multiple platforms from a single source configuration. Learn about Packer benefits and how to get started. --- # Introduction to Packer -Welcome to the world of Packer! This introduction guide will show you what -Packer is, explain why it exists, the benefits it has to offer, and how you can -get started with it. If you're already familiar with Packer, the -[documentation](/packer/docs) provides more of a reference for all available -features. +This introduction describes Packer benefits and how you can get started with it. ## What is Packer? @@ -27,5 +19,9 @@ use tools like Chef or Puppet to install software onto the image. A _machine image_ is a single static unit that contains a pre-configured operating system and installed software which is used to quickly create new running machines. Machine image formats change for each platform. Some examples -include [AMIs](https://en.wikipedia.org/wiki/Amazon_Machine_Image) for EC2, -VMDK/VMX files for VMware, OVF exports for VirtualBox, etc. +include AMIs for EC2, VMDK and VMX files for VMware, and OVF exports for VirtualBox. + +## HCP Packer + +For information about using HCP Packer to store metadata about build artifacts, refer to the +[HCP Packer documentation](/hcp/docs/packer) or [sign into HCP](https://portal.cloud.hashicorp.com/sign-in) to explore HCP Packer features. diff --git a/website/content/docs/intro/use-cases.mdx b/website/content/docs/intro/use-cases.mdx index e6e3c63c6..6b4a22cc1 100644 --- a/website/content/docs/intro/use-cases.mdx +++ b/website/content/docs/intro/use-cases.mdx @@ -1,22 +1,14 @@ --- -page_title: Use Cases - Introduction +page_title: Packer use cases description: |- - By now you should know what Packer does and what the benefits of image - creation are. In this section, we'll enumerate *some* of the use cases for - Packer. Note that this is not an exhaustive list by any means. There are - definitely use cases for Packer not listed here. This list is just meant to - give you an idea of how Packer may improve your processes. + Learn about use cases for Packer, such as continuous delivery, dev/prod parity, and appliance and demo creation. --- -# Use Cases +# Packer use cases -By now you should know what Packer does and what the benefits of image creation -are. In this section, we'll enumerate _some_ of the use cases for Packer. Note -that this is not an exhaustive list by any means. There are definitely use cases -for Packer not listed here. This list is just meant to give you an idea of how -Packer may improve your processes. +In this topic describes some of the use cases for Packer. This is a partial list of use cases intended to give you an idea of how Packer may improve your processes. -### Continuous Delivery +## Continuous delivery Packer is lightweight, portable, and command-line driven. This makes it the perfect tool to put in the middle of your continuous delivery pipeline. Packer @@ -28,12 +20,12 @@ tested, verifying the infrastructure changes work. If the tests pass, you can be confident that the image will work when deployed. This brings a new level of stability and testability to infrastructure changes. -### Dev/Prod Parity +## Environment parity -Packer helps [keep development, staging, and production as similar as -possible](http://www.12factor.net/dev-prod-parity). Packer can be used to -generate images for multiple platforms at the same time. So if you use AWS for -production and VMware (perhaps with [Vagrant](https://www.vagrantup.com/)) for +Packer helps keep development, staging, and production as similar as +possible. Refer to the following external article to learn more about parity between environments: ["X. Dev/prod parity"](http://www.12factor.net/dev-prod-parity). + +You can use Packer to generate images for multiple platforms at the same time. So if you use AWS for production and VMware, perhaps with [Vagrant](https://www.vagrantup.com/), for development, you can generate both an AMI and a VMware machine using Packer at the same time from the same template. @@ -41,9 +33,9 @@ Mix this in with the continuous delivery use case above, and you have a pretty slick system for consistent work environments from development all the way through to production. -### Appliance/Demo Creation +## Appliance and demo creation -Since Packer creates consistent images for multiple platforms in parallel, it is +Because Packer creates consistent images for multiple platforms in parallel, it is perfect for creating [appliances](https://en.wikipedia.org/wiki/Software_appliance) and disposable product demos. As your software changes, you can automatically create appliances diff --git a/website/content/docs/intro/why.mdx b/website/content/docs/intro/why.mdx index ff8a31756..39ddf78fc 100644 --- a/website/content/docs/intro/why.mdx +++ b/website/content/docs/intro/why.mdx @@ -1,19 +1,18 @@ --- -page_title: Why Packer - Introduction +page_title: Why use Packer description: |- - Pre-baked machine images have a lot of advantages, but most have been unable - to benefit from them because images have been too tedious to create and - manage. There were either no existing tools to automate the creation of - machine images or they had too high of a learning curve. The result is that, - prior to Packer, creating machine images threatened the agility of operations - teams, and therefore aren't used, despite the massive benefits. + Learn about the advantages of using Packer to automate the creation of machine images and artifacts. --- -# Why Use Packer? +# Why use Packer -Pre-baked machine images have a lot of advantages, but most have been unable to +This topic describes why you should use Packer to automate the creation of machine images over traditional _pre-baked_ images, which are pre-configured digital images that include the necessary software, settings, and data. + +## Pre-baked images + +Pre-baked machine images have a lot of advantages, but most people have been unable to benefit from them because images have been too tedious to create and manage. -There were either no existing tools to automate the creation of machine images +There are either no existing tools to automate the creation of machine images or they had too high of a learning curve. The result is that, prior to Packer, creating machine images threatened the agility of operations teams, and therefore aren't used, despite the massive benefits. @@ -23,10 +22,7 @@ any type of machine image. It embraces modern configuration management by encouraging you to use a framework such as Chef or Puppet to install and configure the software within your Packer-made images. -In other words: Packer brings pre-baked images into the modern age, unlocking -untapped potential and opening new opportunities. - -## Advantages of Using Packer +## Advantages of using Packer **_Super fast infrastructure deployment_**. Packer images allow you to launch completely provisioned and configured machines in seconds, rather than several @@ -48,8 +44,4 @@ launched. **_Greater testability_**. After a machine image is built, that machine image can be quickly launched and smoke tested to verify that things appear to be working. If they are, you can be confident that any other machines launched from -that image will function properly. - -Packer makes it extremely easy to take advantage of all these benefits. - -What are you waiting for? Let's get started! +that image will function properly. \ No newline at end of file From 298be01fb67ac78e5220b02a17fd0a0e3f139c4e Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Thu, 23 Jan 2025 11:21:09 -0500 Subject: [PATCH 042/115] docs: add upgrade/release notes for 1.12.0 --- website/content/docs/release-notes/v1_12.mdx | 71 ++++++++++++++++++++ website/content/docs/upgrade/v1_12.mdx | 47 +++++++++++++ website/data/docs-nav-data.json | 8 +++ 3 files changed, 126 insertions(+) create mode 100644 website/content/docs/release-notes/v1_12.mdx create mode 100644 website/content/docs/upgrade/v1_12.mdx diff --git a/website/content/docs/release-notes/v1_12.mdx b/website/content/docs/release-notes/v1_12.mdx new file mode 100644 index 000000000..475b75a1d --- /dev/null +++ b/website/content/docs/release-notes/v1_12.mdx @@ -0,0 +1,71 @@ +--- +page_title: Packer v1.12 release notes +description: Learn about the changes in Packer v 1.12 +--- + +# Packer v1.12 release notes + +This page describes changes to Packer in v1.12. Refer to the [Packer repository](https://github.com/hashicorp/packer/releases) for information about all releases. + +## New features + +This release includes the following updates. + +### HCP Packer SBOM Support + +In Packer 1.12, you can upload software bill of materials (SBOMs) to HCP Packer and associate it with an artifact version. +SBOMs are a standardized way to export information about a system. +In Packer's case, the generally useful information that you may find in a SBOM for an artifact is the list of installed packages, along with extra information on the system built: OS, version, kernel, architecture, etc. + +While we support uploading SBOMs to HCP Packer as part of a build, we do not offer a special-purpose provisioner or tooling to produce them. +Instead we encourage you to use a third-party scanner to produce the SBOM on the VM you are provisioning, and then you can use the [`hcp-sbom` provisioner](https://developer.hashicorp.com/packer/docs/provisioners/hcp-sbom) to upload it when your Packer build completes. + +### Data source and Locals evaluation order changes + +Older versions of Packer used a phase-based approach, where it evaluated data sources first, then local variables. +This made it impossible for a data source to reference a local variable. + +Packer 1.12 introduces a Directed Acyclic Graph (DAG) approach to evaluating data sources and locals. +This loosens the dependency order between those components, and now you can reference them from both contexts. + +This change is a step in the direction of a complete pivot to using a DAG for evaluating everything in a Packer build, along with the other improvements this can yield in future releases. + +### Serialisation format upgrades for Packer-Plugin communication + +More than one year ago, a dependency of ours (`go-cty`) dropped support for `gob` encoding. +This made it impossible for plugin developers to upgrade to more recent versions of the HCL2 libraries, because otherwise their plugin became incapable to commuinicate with Packer. +We temporarily addressed this issue by forking the `go-cty` repository, and introduced replacement directives to every Packer plugin. +While this fix was functional, it was not desirable as a long-term solution, and instead we were looking for a more permanent fix. + +Now, when Packer communicates with plugins, it swaps to using a protobuf/msgpack hybrid approach instead of relying on `gob`. +We are introducing this change now in a non-breaking way: all the currently supported plugins are expected to continue working with Packer for the time being, and changing to using this new serialization approach will be transparent to you. + +### New HCL2 functions + +As part of Packer 1.12, we have introduced more functions that can be used in HCL2 templates, and one (`aws_secretsmanager_raw`) that can be used both in legacy JSON and HCL2 templates. + +* `anytrue`: check that a collection contains at least one `true` value. +* `alltrue`: check that a collection contains only `true` values. +* `aws_secretsmanager_raw`: get a raw secret from AWS Secrets Manager. Unlike `aws_secretsmanager`, this works with all types. +* `base64gzip`: gzip compress a binary blob and expose it as a base64-encoded `string` to be used elsewhere in a template. +* `strcontains`: checks that a string contains another. + +### `HTTP` data source support methods other than `GET` + +The HTTP data source, embedded with Packer, lets you retrieve data over HTTP from a remote server. +Previous versions of Packer only supported `GET` to do so. Packer 1.12 loosens this by allowing for: `HEAD`, `GET`, `POST`, `PUT`, `DELETE`, `OPTIONS` and `PATCH`. + +## Bug fixes + +### Include LC_UUID in macOS binaries + +Users of macOS started having permission-related problems when using Packer, after upgrading their OS versions. +This problem was caused by an update to macOS's network-usage policies, where binaries that want to use the local loop interface to communicate over the network must now include a valid UUID. +Starting with Packer 1.12, all macOS binaries include a valid LC_UUID, fixing this. + +### Less duplication of error messages in HCL2 templates + +If a template has an error in its top-level HCL2 template, Packer produces a parsing error. +This is expected behavior when you write a Packer template: the tool helps you by pointing out grammar violations so you can remediate them. +However, for a subset of HCL-related errors, older versions of Packer displayed the same message up to five times. +Thanks to a community contribution, starting with Packer 1.12 we now no longer experience this. diff --git a/website/content/docs/upgrade/v1_12.mdx b/website/content/docs/upgrade/v1_12.mdx new file mode 100644 index 000000000..fc19fe880 --- /dev/null +++ b/website/content/docs/upgrade/v1_12.mdx @@ -0,0 +1,47 @@ +--- +page_title: Upgrade to v1.12 +description: Learn how to upgrade your Packer installation to v1.12 +--- + +# Upgrade to v1.12 + +The topic describes upgrade considerations for Packer v1.12. Refer to the [v1.12 release notes](/packer/docs/release-notes/v1_12) for details about changes in v1.12. + +## Overview + +You can use the upgrade command for the package manager you installed Packer with or download and replace the existing binary to upgrade Packer. Refer to [Install Packer](https://developer.hashicorp.com/packer/install) for instructions. + +## Upgrade from 1.11 + +Packer 1.12's notable changes can be summarised by the following points: + +1. Protocol changes for Packer/plugin communication +2. Introduction of a Directed Acyclic Graph (DAG) for Data Sources and Locals + +**Note**: These are not breaking changes, and your templates should continue working as-is. + +## Protocol changes + +When initialising, Packer is now able to pick between two different protocols for communication with plugins: gob (legacy), and protobuf/msgpack. + +The protobuf/msgpack protocol will become the standard approach after this release, but in order to avoid breaking retro-compatibility, Packer only chooses this protocol if the following conditions are true: + +1. All the plugin candidates for a build support the new protocol +2. Packer supports the protocol + +This is an internal Packer change and should be completely transparent to you. +However, if you start seeing errors with Packer/plugin communication like serialization errors, please [report it to us](https://github.com/hashicorp/packer/issues) so we can fix it in a later version. +You can set the `PACKER_FORCE_GOB` environment variable to force Packer and plugins to use the legacy serialization format for communication. + +Example: `export PACKER_FORCE_GOB=1` will force using gob for serialization. + +## Data Source and Locals DAG support + +In order to allow more flexibility in how you define data sources and locals, we introduced a graph-based approach to scheduling the evaluation of those components. +With this change, you can use a local variable in a data source, and vice-versa. You are not bound to a strict evaluation order. + +If your templates worked with older versions of Packer, this change should be transparent to you. +However, if you are experiencing errors with your data sources or locals, typically errors due to unkown values, or other dependency problems, please [report it to us](https://github.com/hashicorp/packer/issues) so we can fix it in a later version. +You can use the `--use-sequential-evaluation` command-line option can be used to revert back to the evaluation scheduler that Packer used prior to v1.12.0. + +Example: `packer build --use-sequential-evaluation