Commit graph

18627 commits

Author SHA1 Message Date
Lucas Bajolet
2009079246 packer: remove ineffasign pointed assigns/decls
Some of the variables we create are flagged by our linters as
ineffective assignments, which makes sense as those are generally fed by
code below, so we don't need to use the declaration/assignation syntax
(:=) but instead can fall back to using var with a type to get the zero
value of the declared entity.
2024-07-18 10:51:17 -04:00
Lucas Bajolet
02ac9628cc golangci.yml: add rule to not run errcheck on test
Test files have some calls that don't necessarily get checked since they
have a very low probability to fail, and in a testing environment it's
acceptable to not have bulletproof code.

Therefore, we add a rule to not run that check on any file that ends
with `_test.go` (Go test convention), so the linter isn't as noisy as it
used to be.
2024-07-18 10:51:17 -04:00
Lucas Bajolet
4a7f5f38a6
Makefile: replace enumer upstream with dmarkham's (#13107)
Since the enumer implementation we used hadn't been updated for 5+
years, this didn't work with recent linux/go versions, and enumer
crashed while attempting to parse/analyse the source files.

There's another alternative on Github, forked from the one we used,
which seems more maintained now, and does produce the expected files in
Packer.
2024-07-16 21:14:27 -04:00
Jamie Finnigan
ae367bc114 .go-version: bump version of Go to 1.21.12 2024-07-03 13:11:45 -04:00
Wilken Rivera
1e446de977 Update CHANGELOG post 1.11.1 release 2024-07-01 12:57:21 -04:00
dependabot[bot]
7425ef3a45 build(deps): bump github.com/hashicorp/go-retryablehttp
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.7.0 to 0.7.7.
- [Changelog](https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.7.0...v0.7.7)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-retryablehttp
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-01 12:50:39 -04:00
hashicorp-tsccr[bot]
863f3b0422 Result of tsccr-helper -log-level=info gha update . 2024-07-01 12:49:51 -04:00
Wilken Rivera
986b5c01ce Add entry for go-retryablehttp bump 2024-07-01 09:10:47 -04:00
Wilken Rivera
1bc0099c46 Update CHANGELOG 2024-07-01 09:10:47 -04:00
Wilken Rivera
cceead82aa
Bump github.com/hashicorp/go-retryablehttp to address CVE-2024-6104 (#13081)
Before change
```
~>  govulncheck ./...
=== Symbol Results ===

Vulnerability #1: GO-2024-2947
    Leak of sensitive information to log files in
    github.com/hashicorp/go-retryablehttp
  More info: https://pkg.go.dev/vuln/GO-2024-2947
  Module: github.com/hashicorp/go-retryablehttp
    Found in: github.com/hashicorp/go-retryablehttp@v0.7.6
    Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
    Example traces found:
      #1: hcl2template/function/vault.go:30:30: function.init calls template.Vault, which eventually calls retryablehttp.Client.Do

Your code is affected by 1 vulnerability from 1 module.
```

After Change
```
~>  govulncheck ./...
No vulnerabilities found.
```
2024-06-28 13:57:52 -04:00
graevy
e4ec754985
doc fix for unattended debian/ubuntu installer linkrot (#13023)
* doc fix for unattended debian/ubuntu installer linkrot

the links for chef-maintained preseeds/autoinstallers for debian/ubuntu both rotted. i'm just getting started with packer, so i hope this edit is accurate.

* Remove webarchive links for legacy JSON

When possible point users to HCL2 templates for getting started examples.

* As per the style guide aim for inclusive language

---------

Co-authored-by: Wilken Rivera <dev@wilkenrivera.com>
2024-06-21 16:00:38 -04:00
dependabot[bot]
0f223cc9ac build(deps): bump google.golang.org/protobuf
Bumps google.golang.org/protobuf from 1.28.1 to 1.33.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-21 15:48:19 -04:00
dependabot[bot]
bf5555f0fb build(deps): bump github.com/hashicorp/hcp-sdk-go from 0.96.0 to 0.99.0
Bumps [github.com/hashicorp/hcp-sdk-go](https://github.com/hashicorp/hcp-sdk-go) from 0.96.0 to 0.99.0.
- [Release notes](https://github.com/hashicorp/hcp-sdk-go/releases)
- [Changelog](https://github.com/hashicorp/hcp-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/hcp-sdk-go/compare/v0.96.0...v0.99.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/hcp-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-21 13:12:16 -04:00
Jenna Goldstrich
078ad45860
HCP Packer Buckets: Change UpsertBucket to call GetBucket (#13059)
* Update UpsertBucket to first call GetBucket, this will allow bucket level role based authentication, as CreateBucket uses project level auth

* Fix one incorrect test failure message
2024-06-21 08:28:09 -07:00
dependabot[bot]
dd3b2e51f0
build(deps): bump github.com/hashicorp/packer-plugin-sdk from 0.5.3 to 0.5.4 (#13061)
* build(deps): bump github.com/hashicorp/packer-plugin-sdk

Bumps [github.com/hashicorp/packer-plugin-sdk](https://github.com/hashicorp/packer-plugin-sdk) from 0.5.3 to 0.5.4.
- [Release notes](https://github.com/hashicorp/packer-plugin-sdk/releases)
- [Changelog](https://github.com/hashicorp/packer-plugin-sdk/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/packer-plugin-sdk/compare/v0.5.3...v0.5.4)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/packer-plugin-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump Go mod version to 1.21.0

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Wilken Rivera <dev@wilkenrivera.com>
2024-06-20 14:12:49 -04:00
Wilken Rivera
d406613387
Document use of TMPDIR required for remote plugin installation (#13056)
* Document use of TMPDIR required for remote plugin installation

* Update website/content/docs/configure.mdx

Co-authored-by: Lucas Bajolet <105649352+lbajolet-hashicorp@users.noreply.github.com>

---------

Co-authored-by: Lucas Bajolet <105649352+lbajolet-hashicorp@users.noreply.github.com>
2024-06-17 17:32:42 -04:00
dependabot[bot]
5843c86c7e build(deps): bump google.golang.org/grpc in /packer_test/plugin_tester
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.50.1 to 1.56.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.50.1...v1.56.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-17 16:57:01 -04:00
Lucas Bajolet
13c52124de packer_test: check for a panic during execution
When a command is run, it is the expectation that no test should make
Packer panic. If it did, something is wrong and Packer should be fixed
so it doesn't panic anymore in that situation.

The way we did the check before was adding a PanicCheck after the
command ran, so we could make sure of that during `Assert`.

However, since we introduced the possibility to have multiple runs,
having this addition as part of the run loop meant that the PanicCheck
would be run as many times as there were runs.

While this worked, this implied that we'd do the same check multiple
times on a single command output, which is not optimal.

Instead, this commit moves the check to within the `Run` function, this
way for each run of the command we do the check once, and then we can
assert the results of the command on what output it produced.
2024-06-17 16:51:58 -04:00
Lucas Bajolet
36e43e30ee hcl2template: detect duplicate locals during parse
Previously duplicate detection for local variables happened during
`Initialise`, through a call to `checkForDuplicateLocalDefinition`.

This works in a majority of cases, but for commands like `console`, this
was not detected as the return diagnostics for `Initialise` are ignored.

That check can be done as early as during parsing however, as the names
of blocks are not dynamic in the slightest (no interpolation possible),
so we move that detection logic into `Parse`, so that the behaviour is
coherent between all commands.
2024-06-17 16:51:58 -04:00
Lucas Bajolet
14cf4b40d4 hcl2template: recursively evaluate local variables
The logic for evaluating local variables used to rely on their
definition order, with some edge cases. Typically `locals` blocks define
multiple local variables, which don't necessarily appear in the same
order at evaluation as within the template, leading to inconsistent
behaviour, as the order in which those are added to the list of local
variables is non-deterministic.

To avoid this problem, we change how local variables are evaluated, and
we're adopting a workflow similar to datasources, where the local
variables first build a list of direct dependencies. Then when
evaluation happens, we evaluate all the dependencies recursively for
each local variable, which takes care of this issue.

As with Datasources, we add a cap to the recursion: 10. I.e. if the
evaluation of a single variable provokes an infinite recursion, we stop
at that point and return an error to the user, telling them to fix their
template.
2024-06-17 16:51:58 -04:00
Lucas Bajolet
5673af108f hcl2template: split GetVarsByType in two functions
GetVarsByType is a function that gets a list of Traversals from a hcl
Block.

This approach works when what we are visiting is indeed one, however
when we can get an immediate list of Traversals, but want to filter them
based on their roots, we have to reimplement parts of that function.

Therefore, we split this function in two, GetVarsByType still keeps its
current behaviour, but the filtering step is exposed as another function
now: FilterTraversalsByType, so we can reuse it elsewhere.
2024-06-17 16:51:58 -04:00
Lucas Bajolet
9d1dc7d41d packer_test: disable checkpoint for test cmds 2024-06-17 16:51:58 -04:00
Lucas Bajolet
dbaaab512a packer_test: add SkipNoAcc function
The SkipNoAcc function on PackerTestSuite allows to mark a test run as
not to be run every time we run `make test`, but only when PACKER_ACC=1
is set in the environment.

This allows us to skip executing tests that are either long-running, or
that depend on external dependencies (typically Github), which have a
higher potential to fail on a normal run of Packer tests.
2024-06-17 16:51:58 -04:00
Lucas Bajolet
d65074c05c packer_test: dump command outs in case of failure
When a test fails to exert its assertions on the command-line output, a
test fails, but we don't necessarily can troubleshoot what happened,
especially when this happens in a CI environment.

Therefore, for convenience, we add the faculty for packerCommand.Assert
to automatically dump a command's output (both stdout and stderr) if a
test fails.
2024-06-17 16:51:58 -04:00
Lucas Bajolet
4a05d19a89 packer_test: add capability to provide stdin
Some commands need to have an input in order to work.
For those, we add the capability for the packerCommand struct to have
their stdin defined from a string, which is then fed to the command
being executed.
2024-06-17 16:51:58 -04:00
Lucas Bajolet
39a483f762 packer_test: add func to test a cmd multiple times
When a Packer command is created for testing the tool, we generally run
it once, then the command is essentially nooping.

This change allows us to run Packer multiple times with the same
parameters, and make sure all runs conform to a specific list of checks.

This allows us to more reliably test non-deterministic behaviours.
2024-06-17 16:51:58 -04:00
Ryan Johnson
5e9f5f4a99 docs: update provisioners
Updates the provisioners documentation for a better reader experience by including a list of the built-in provisioners and a link to the community supported provisioners that are all withing the navigation tree.

Ref: #12898

Signed-off-by: Ryan Johnson <ryan@tenthirtyam.org>
2024-06-17 11:26:32 -04:00
Ryan Johnson
66abaaeb4e docs: string templates
Adds an example of a string template being used.

The example demonstrates how a template sequence can be used to embed the value of a variable into a string that can be used as script content.

Ref: #12651

Signed-off-by: Ryan Johnson <ryan.johnson@broadcom.com>
2024-06-14 18:12:34 -04:00
Ryan Johnson
51cbe0ba81 docs: update ssh
Adds documentation for `ssh_keypair_name`, `ssh_agent_auth`, `temporary_key_pair_name`, and `ssh_private_key_file`.

The note is updated noting that not all builders support these options.

Ref:  #10722

Signed-off-by: Ryan Johnson <ryan@tenthirtyam.org>
2024-06-13 14:30:48 -04:00
Ryan Johnson
f7cf9ede19 docs: update init
Adds additional examples and help regarding the use of `packer init`.

Ref: #11541

Signed-off-by: Ryan Johnson <ryan@tenthirtyam.org>
2024-06-13 12:22:07 -04:00
dependabot[bot]
e6acdd5f52 build(deps): bump golang.org/x/net in /packer_test/plugin_tester
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.17.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-12 11:55:32 -04:00
dependabot[bot]
5e7607184d build(deps): bump github.com/go-jose/go-jose/v3
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.0 to 3.0.3.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0...v3.0.3)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-10 14:59:17 -04:00
Lucas Bajolet
6e45bf3c31 packer_test: add remote install with pre-rel test
Remotely installing plugins with a pre-release as part of the constraint
is unsupported by Packer, and should error if that happens.
This test makes sure that this gets treated as an error if that's the
case, even before attempting to connect to the source.
2024-06-10 09:59:32 -04:00
Lucas Bajolet
8d7a8f126d packer_test: remove %d from workdir path
'%d' gets output as-is in the temporary workdir we create. This is
unnecessary and could even be problematic in some cases, so we scrub it
from the MkdirTemp call.
2024-06-10 09:59:32 -04:00
Lucas Bajolet
8402e00222 packer_test: add test with config.json/components
Since legacy config files may declare single plugin components, we need
to warn that they're not supported anymore.
This is in process of being PR'd into main, but to ensure the config
works as intended and we do get the error, we add some tests for that.
2024-06-10 09:59:32 -04:00
Wilken Rivera
1d65ad676f Add test cases for init command
These changes include a series of test cases for validating packer init
using the force and upgrade flag. Include in this test is a test case
for validating the plugin installation error when init encounters a
plugin whose reported version does not match the version within the
plugin name.

```
--- PASS: Test_PackerCoreSuite (18.66s)
    --- PASS: Test_PackerCoreSuite/TestPackerInitForce (4.91s)
        --- PASS: Test_PackerCoreSuite/TestPackerInitForce/installs_any_missing_plugins (2.76s)
        --- PASS: Test_PackerCoreSuite/TestPackerInitForce/reinstalls_plugins_matching_version_constraints (2.14s)
    --- PASS: Test_PackerCoreSuite/TestPackerInitUpgrade (3.70s)
        --- PASS: Test_PackerCoreSuite/TestPackerInitUpgrade/upgrades_a_plugin_to_the_latest_matching_version_constraints (2.02s)
    --- PASS: Test_PackerCoreSuite/TestPackerInitWithMixedVersions (1.96s)
        --- PASS: Test_PackerCoreSuite/TestPackerInitWithMixedVersions/skips_the_plugin_installation_with_mixed_versions_before_exiting_with_an_error (1.96s)
    --- PASS: Test_PackerCoreSuite/TestPackerInitWithNonGithubSource (1.22s)
        --- PASS: Test_PackerCoreSuite/TestPackerInitWithNonGithubSource/try_installing_from_a_non-github_source,_should_fail (0.07s)
        --- PASS: Test_PackerCoreSuite/TestPackerInitWithNonGithubSource/manually_install_plugin_to_the_expected_source (0.59s)
        --- PASS: Test_PackerCoreSuite/TestPackerInitWithNonGithubSource/re-run_packer_init_on_same_template,_should_succeed_silently (0.55s)
```
2024-06-10 09:59:32 -04:00
Lucas Bajolet
19594be808 packer_test: add test with both pre/meta in plugin
To make sure we do scrub the metadata in the plugin name when installing
it from a local binary, we add a test that does that installation with
both alternatives: 1.0.0-dev and 1.0.0-dev+metadata, which should result
in only one alternative being installed (the last one that succeeded).
2024-06-10 09:59:32 -04:00
Lucas Bajolet
51cdd9c4a9 packer_test: amend installation with meta test
The installation with a metadata part in the version for a plugin had
one test that relied on the plugin directories being populated with
packer plugins install --path.
This could change in the future, while the command should remain
functional, so we explicitely call it in the test instead of through the
function that creates/populates a temp plugin dir.
2024-06-10 09:59:32 -04:00
Lucas Bajolet
3661d97fc0 packer_test: add convenience func for line count
When building a pipeline to count the number of lines returned by
Packer, it can be a bit cumbersome to have to chain the calls to
MkPipeCheck to do that check, so we add one convenience function for the
simplest case: counting the number of lines on stdout, without any kind
of filtering.
2024-06-10 09:59:32 -04:00
Wilken Rivera
c6388d4680 packer_test: Add tests for invalid plugin remove use cases 2024-06-10 09:59:32 -04:00
Wilken Rivera
1cace90289 packer_test: Add tests for valid plugin remove use cases 2024-06-10 09:59:32 -04:00
Lucas Bajolet
9f7098b230 packer_test: fix typo in error message for cleanup 2024-06-10 09:59:32 -04:00
Lucas Bajolet
a2e08329a3 packer_test: fix shasum file name for tests
When manually installing a plugin to the plugin directory, we compute a
SHA256SUM file from the plugin binary, and install it alongside it so we
can test the loading process for Packer.

In the introduction of the function, we added a check that if we were
running on Windows, we'd remove the extension of the sumfile's name
before writing it.

This is actually not necessary (and breaks the loading logic) as Packer
looks for the name of the plugin with extension, followed by
_SHA256SUM in order to compare the effective digest of the file to the
one written to this file.

Since this prevents the tests that use this function from succeeding in
a Windows environment, we remove this extra step.
2024-06-10 09:59:32 -04:00
Lucas Bajolet
2a414af35f packer_test: set TMP envvar for commands
Windows relies on the `TMP` (or alternatives) being set in the
environment in order to be able to create temporary directories and
files.

If this is not set, the `os.TempDir` function defaults on the windows
installation root directory (typically C:\Windows), leading to
permission errors when running Packer in the context of a test, as we're
installing plugins in a temporary directory.

To avoid this problem, we get the current setting from the test's
invocation environment, and forward it to the subcommand we execute for
our tests.
2024-06-10 09:59:32 -04:00
Lucas Bajolet
f77da46b3f packer_test: compile packer with .exe for Windows
Since on Windows extensions are mandatory in order to have something
executable, we compile Packer with a `.exe` suffix during tests, so we
can use the executable afterwards to run tests with.
2024-06-10 09:59:32 -04:00
Lucas Bajolet
7124cf81fa packer_test: test build/validate with ignore flag
As we're introducing a --ignore-prerelease-plugins flag to both the
validate and build subcommands, we need to make sure they work as we
expect it to, so we add a test case for that.
2024-06-10 09:59:32 -04:00
Lucas Bajolet
66e70a863d packer_test: add test for plugin with meta in name
Plugins with metadata information in their file name (i.e.
v1.0.0+metadata) should be ignored by Packer as they could introduce
ambiguity since the metadata is free-form, so we add that test to make
sure Packer behaves coherently.
2024-06-10 09:59:32 -04:00
Lucas Bajolet
a49da98350 packer_test: test non-canonical plugin loading
If a plugin is installed with a non-canonical version in its name (e.g.
01.01.01), Packer rejects it with a message to that effect in stderr, so
we add a test for this use-case.
2024-06-10 09:59:32 -04:00
Lucas Bajolet
707e40e2e6 packer_test: add func for "manual" plugin install
Installing a plugin manually to a directory is something needed for some
tests, especially those not relying on packer commands to install
plugins as they reject/correct the path/version.

Therefore this function is introduced so we have an easy way to install
a binary as a plugin somewhere on the provided plugin directory.
2024-06-10 09:59:32 -04:00
Lucas Bajolet
901f31ad82 packer_test: fix ExpectedName to not clean version
The ExpectedInstalledName function used to compute the expected name of
a plugin binary for a given version, based on the invoker's environment,
used to cleanup the version string passed in parameter of the function,
which could be problematic.
Besides the logic applied would produce some invalid binary names as the
prerelease plugin would not have a `-` separator, so the resulting
plugin would be ignored, and we couldn't test metadata rejection with
this logic.

This commit therefore changes how the function works: the version string
is still parsed to account for manipulation errors, but the string is
left as-is for the final binary name.
2024-06-10 09:59:32 -04:00