ethanmdavidson / packer-plugin-git Goto Github PK

View Code? Open in Web Editor NEW

13.0 2.0 9.0 397 KB

A Packer plugin for interfacing with Git

License: Mozilla Public License 2.0

Makefile 7.36% Go 60.93% HCL 15.41% Shell 16.30%

git packer packer-plugin

packer-plugin-git's Introduction

Git Packer Plugin

A plugin for Packer which provides access to git. Compatible with Packer >= 1.7.0

Under the hood, it uses go-git.

Usage

Add the plugin to your packer config:

packer {
  required_plugins {
    git = {
      version = ">= 0.6.2"
      source  = "github.com/ethanmdavidson/git"
    }
  }
}

Add the data source:

data "git-commit" "example" { }

Now you should have access to info about the commit:

locals {
  hash = data.git-commit.example.hash
}

Examples

See the examples directory for some example code.

Components

See the docs for a reference of all the available components and their attributes.

Development

The GNUmakefile has all the commands you need to work with this repo. The typical development flow looks something like this:

Make code changes, and add test cases for these changes.
Run make generate to recreate generated code.
Run make dev to build the plugin and install it locally.
Run make testacc to run the acceptance tests. If there are failures, go back to step 1.
Update examples in ./example directory if necessary.
Run make run-example to test examples.
Once the above steps are complete: commit, push, and open a PR!

For local development, you will need to install:

Packer >= 1.10.2
Go >= 1.21
GNU Make

Check out the Packer docs on Developing Plugins for more detailed info on plugins.

packer-plugin-git's People

Contributors

Stargazers

Watchers

Forkers

azr daroga0002 thomas-roper brandonromano i-ship p2x3yz andremarianiello pgaubatz lbajolet-hashicorp

packer-plugin-git's Issues

Work with remotes?

This plugin currently only operates on the local repository and doesn't interact with remotes. I want this plugin to stay simple, so I don't want to throw in a feature that hasn't been fully thought out. We need to think about:

what are the use cases for this feature? what alternatives/workarounds are available?
- git clone provisioner
how to handle multiple remotes?
how should remotes affect output? (e.g. for listing branches, should we list 'origin/branchName' or just 'branchName')

Update to packer-sdc command for validating plugin compatibility

👋 Fellow Packer maintainer here, reaching out to inform you about an upcoming breaking change that will affect your goreleaser release pipeline. In Packer 1.8.0 we will remove the packer-plugin-check command in Packer core in favor of the packer-sdc plugin-check command from the Packer Plugin SDK. So calling go install github.com/hashicorp/packer/cmd/packer-plugins-check@latest will result in an error.

To avoid potential issues I recommend either pinning the packer-plugins-check command to the current version of Packer until you can move to the packer-sdc command

go install github.com/hashicorp/packer/cmd/[email protected]

Or you can update your release configuration to use the packer-sdc command, which is the preferred long-term solution.

I'v provided a link to the updates that were made to the Packer Plugin Scaffolding for using the packer-sdc command here

Please let me know if you have any questions.

is there way to get a current branch name using this plugin?

Does there is a way to get current branch name?

This is because I want have such example code in packer:

locals {
......
### data source gathering branch name
  version       = local.branch == "master" ? "${var.version}" : "${var.version}-${local.sha}"
}


source "amazon-ebs" "ami1" {
  ami_description         = "AMI1"
  ami_name                = "ami1-${local.version}"
}

This will allow use CI/CD pipeline approach:

build artifacts on each branch with name including git sha
on master branch dont use SHA in version name

CVE hits on latest release

Hello my organization has been using this packer plugin but our cyber scans are hitting on "High" rated vulnerabilities. Is this something that can be patched, or if these are false positives can you explain why? Appreciate any assistance

./packer/plugins/github.com/ethanmdavidson/git/packer-plugin-git_v0.6.1_x5.0_linux_amd64
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
stdlib go1.19.13 go-module CVE-2023-45287 High
stdlib go1.19.13 go-module CVE-2023-45285 High
stdlib go1.19.13 go-module CVE-2023-44487 High
stdlib go1.19.13 go-module CVE-2023-39323 High

add ls-files datasource

azr says:

I also wanted it to have git.ls-files, it would be nice to have because we could for example create a hash of the list of files that are known to git, with another hashing plugin.

https://git-scm.com/docs/git-ls-files

Doc Issue: README has old name/location

packer {
required_plugins {
git = {
version = ">= 0.3.5"
source = "github.com/ethanmdavidson/git"
}
}
}

Which I think now is github.com/ethanmdavidson/packer-plugin-git

Feature (or doc) : how to tell which branch is currently checked out.

I'm trying to include logic in my packer build so that if the repo isn't clean and the currently checked out branch isn't "main" then a prod build is impossible.

I have the code for "isclean" -- thank you.
Is there any code for the checked out branch? I've seen "branches" -- which is an array.

Sorry -I'm not a git expert and am not sure why a commit would have an array for branches.

Support with git worktrees

If I try to use the the git-commit datasource in a git worktree (that isn't primary) I get the following error:

Error: Datasource.Execute failed: reference not found

This is because go-git is failing to resolve HEAD inside a git worktree. I think you need to enable commirdir support using the EnableDotGitCommonDir field of PlainOpenOptions to make this work.

Plugin issue when starting the build

Here is my script :

packer {
  required_version = ">= 1.8.6"
  required_plugins {
    git = {
      version = ">= 0.3.3"
      source  = "github.com/ethanmdavidson/git"
    }
    virtualbox = {
      version = "1.0.4"
      source  = "github.com/hashicorp/virtualbox"
    }
  }
}

data "git-repository" "cwd" {}

locals {
  build_version = data.git-repository.cwd.head
}

source "virtualbox-iso" "linux-ubuntu" {
  # Virtual Machine Settings
  guest_os_type = "Ubuntu_64"
  cpus          = 2
  memory        = 2048
  disk_size     = 40960

  # Removable Media Settings
  #  http_content = local.data_source_content

  # Boot and Provisioning Settings
  headless     = false
  iso_url      = "https://releases.ubuntu.com/20.04/ubuntu-20.04.6-live-server-amd64.iso"
  iso_checksum = "sha256:b8f31413336b9393ad5d8ef0282717b2ab19f007df2e9ed5196c13d8f9153c8b"
  boot_wait    = "5s"
  boot_command = [
    "<enter><enter><f6><esc><wait> ",
    "autoinstall ds=nocloud-net;seedfrom=http://{{ .HTTPIP }}:{{ .HTTPPort }}/",
    "<enter><wait>"
  ]
  shutdown_command = "echo 'test' | sudo -S shutdown -P now"

  # Communicator Settings and Credentials
  ssh_username           = "ubuntu"
  ssh_password           = "test"
  ssh_agent_auth         = true
  ssh_timeout            = "30m"
  ssh_handshake_attempts = 1000

  # Export Settings
  output_directory = "./output/virtualbox"
  export_opts = [
    "--manifest",
    "--vsys", "0",
    "--description", "test description",
    "--version", "${local.build_version}"
  ]
  format = "ova"
}


build {
  name = "Build OVA"
  sources = [
    "sources.virtualbox-iso.linux-ubuntu",
  ]
}

When I run command packer build <path-to-my-script>, no message is showed from the Packer output.

If I run PACKER_LOG=1 packer build <path-to-my-script>, here is the output:

2023/04/05 10:23:26 [INFO] Packer version: 1.8.6 [go1.18.9 linux amd64]
2023/04/05 10:23:26 [TRACE] discovering plugins in /usr/bin
2023/04/05 10:23:26 [TRACE] discovering plugins in /home/jean/.config/packer/plugins
2023/04/05 10:23:26 [DEBUG] Discovered plugin: git = /home/jean/.config/packer/plugins/github.com/ethanmdavidson/git/packer-plugin-git_v0.3.4_x5.0_linux_amd64
2023/04/05 10:23:26 [DEBUG] Discovered plugin: docker = /home/jean/.config/packer/plugins/github.com/hashicorp/docker/packer-plugin-docker_v1.0.8_x5.0_linux_amd64
2023/04/05 10:23:26 [DEBUG] Discovered plugin: virtualbox = /home/jean/.config/packer/plugins/github.com/hashicorp/virtualbox/packer-plugin-virtualbox_v1.0.4_x5.0_linux_amd64
2023/04/05 10:23:26 [DEBUG] Discovered plugin: vmware = /home/jean/.config/packer/plugins/github.com/hashicorp/vmware/packer-plugin-vmware_v1.0.7_x5.0_linux_amd64
2023/04/05 10:23:26 [DEBUG] Discovered plugin: vsphere = /home/jean/.config/packer/plugins/github.com/hashicorp/vsphere/packer-plugin-vsphere_v1.1.1_x5.0_linux_amd64
2023/04/05 10:23:26 found external [commit repository tree] datasource from git plugin
2023/04/05 10:23:26 [INFO] found external [-packer-default-plugin-name-] builders from docker plugin
2023/04/05 10:23:26 [INFO] found external [import push save tag] post-processors from docker plugin
2023/04/05 10:23:26 [INFO] found external [iso ovf vm] builders from virtualbox plugin
2023/04/05 10:23:26 [INFO] found external [iso vmx] builders from vmware plugin
2023/04/05 10:23:26 [INFO] found external [clone iso supervisor] builders from vsphere plugin
2023/04/05 10:23:26 [INFO] found external [-packer-default-plugin-name- template] post-processors from vsphere plugin
2023/04/05 10:23:26 [TRACE] discovering plugins in .
2023/04/05 10:23:26 [INFO] PACKER_CONFIG env var not set; checking the default config file path
2023/04/05 10:23:26 [INFO] PACKER_CONFIG env var set; attempting to open config file: /home/jean/.packerconfig
2023/04/05 10:23:26 [WARN] Config file doesn't exist: /home/jean/.packerconfig
2023/04/05 10:23:26 [INFO] Setting cache directory: /home/jean/.cache/packer
2023/04/05 10:23:26 [TRACE] listing potential installations for "github.com/ethanmdavidson/git" that match ">= 0.3.3". plugingetter.ListInstallationsOptions{FromFolders:[]string{"/usr/bin/packer", ".", "/home/jean/.config/packer/plugins"}, BinaryInstallationOptions:plugingetter.BinaryInstallationOptions{APIVersionMajor:"5", APIVersionMinor:"0", OS:"linux", ARCH:"amd64", Ext:"", Checksummers:[]plugingetter.Checksummer{plugingetter.Checksummer{Type:"sha256", Hash:(*sha256.digest)(0xc000b5e600)}}}}
2023/04/05 10:23:26 [TRACE] Found the following "github.com/ethanmdavidson/git" installations: [{/home/jean/.config/packer/plugins/github.com/ethanmdavidson/git/packer-plugin-git_v0.3.4_x5.0_linux_amd64 v0.3.4}]
2023/04/05 10:23:26 found external [commit repository tree] datasource from git plugin
2023/04/05 10:23:26 [TRACE] listing potential installations for "github.com/hashicorp/virtualbox" that match "1.0.4". plugingetter.ListInstallationsOptions{FromFolders:[]string{"/usr/bin/packer", ".", "/home/jean/.config/packer/plugins"}, BinaryInstallationOptions:plugingetter.BinaryInstallationOptions{APIVersionMajor:"5", APIVersionMinor:"0", OS:"linux", ARCH:"amd64", Ext:"", Checksummers:[]plugingetter.Checksummer{plugingetter.Checksummer{Type:"sha256", Hash:(*sha256.digest)(0xc000b5e600)}}}}
2023/04/05 10:23:26 [TRACE] Found the following "github.com/hashicorp/virtualbox" installations: [{/home/jean/.config/packer/plugins/github.com/hashicorp/virtualbox/packer-plugin-virtualbox_v1.0.4_x5.0_linux_amd64 v1.0.4}]
2023/04/05 10:23:26 [INFO] found external [iso ovf vm] builders from virtualbox plugin
2023/04/05 10:23:26 [TRACE] Starting external plugin /home/jean/.config/packer/plugins/github.com/ethanmdavidson/git/packer-plugin-git_v0.3.4_x5.0_linux_amd64 start datasource repository
2023/04/05 10:23:26 Starting plugin: /home/jean/.config/packer/plugins/github.com/ethanmdavidson/git/packer-plugin-git_v0.3.4_x5.0_linux_amd64 []string{"/home/jean/.config/packer/plugins/github.com/ethanmdavidson/git/packer-plugin-git_v0.3.4_x5.0_linux_amd64", "start", "datasource", "repository"}
2023/04/05 10:23:26 Waiting for RPC address for: /home/jean/.config/packer/plugins/github.com/ethanmdavidson/git/packer-plugin-git_v0.3.4_x5.0_linux_amd64
2023/04/05 10:23:26 packer-plugin-git_v0.3.4_x5.0_linux_amd64 plugin: 2023/04/05 10:23:26 Plugin address: unix /tmp/packer-plugin833923129
2023/04/05 10:23:26 packer-plugin-git_v0.3.4_x5.0_linux_amd64 plugin: 2023/04/05 10:23:26 Waiting for connection...
2023/04/05 10:23:26 Received unix RPC address for /home/jean/.config/packer/plugins/github.com/ethanmdavidson/git/packer-plugin-git_v0.3.4_x5.0_linux_amd64: addr is /tmp/packer-plugin833923129
2023/04/05 10:23:26 packer-plugin-git_v0.3.4_x5.0_linux_amd64 plugin: 2023/04/05 10:23:26 Serving a plugin connection...
2023/04/05 10:23:26 packer-plugin-git_v0.3.4_x5.0_linux_amd64 plugin: 2023/04/05 10:23:26 [TRACE] starting datasource repository

Automatically find repository root

When git is run inside a repository, it will traverse up the file tree until it finds a directory containing the .git folder (the repo root). This allows git commands to be run from anywhere inside a repo.

This plugin should do a similar thing to save people from having to configure the directory path every time the move things around. Probably want to keep directory as an optional config, so that it can be explicitly set when the auto-find doesn't work for w/e reason.

Add git-describe datasource

https://git-scm.com/docs/git-describe is sometimes used to version things, so it seems like a good candidate for a datasource. go-git doesn't seem to have support for this command, so this would have to be implemented (preferably as a PR into go-git, which can then be called from this plugin)

query: is it possible for this plugin to say whether the working dir is "clean" or not?

Using this plugin with the syntax:
data "git-commit" "cwd-head" { }

// BLOCK: locals
// Defines the local variables.

locals {
truncated_sha = substr(data.git-commit.cwd-head.hash, 0, 8)
author = data.git-commit.cwd-head.author
}

its possible to get the hash of the last checkin.

But if any changes have been made in the working directory, that won't be reflected in the truncated_hash.
Is it possible to get a binary/boolean on wether the working directory was "clean" when it was run?

No evaluation when running in Azure Devops

Hi,

I was hoping you could help me nail this bug down. So my packer image works locally but when running in Azure Devops Pipelines and using their default checkout I can see that the data sources are not evaluated.

# windows.pkr.hcl
packer {
  required_version = ">= 1.9.0"

  required_plugins {
    azure = {
      version = "2.0.0"
      source  = "github.com/hashicorp/azure"
    }
    ansible = {
      version = "1.1.0"
      source  = "github.com/hashicorp/ansible"
    }
    git = {
      version = "0.4.2"
      source  = "github.com/ethanmdavidson/git"
    }
  }
}

data "git-commit" "cwd-head" {}
data "git-repository" "cwd" {}

locals {
  # publish image only if run on main branch
  do_not_publish = data.git-commit.cwd-head == "main" ? false : true

  # if image is not to be published compute an image version from the current timestamp
  image_version = local.do_not_publish ? formatdate("YYYY.MM.DD", timestamp()) : trim(data.git-repository.cwd.tags[0], "v")
}

source "azure-arm" "build" {
   ...
}

locally I can see the data sources being evaluated correctly:

> packer inspect .
Packer Inspect: HCL2 mode

> input-variables:

> local-variables:

local.do_not_publish: "true"
local.image_version: "2023.09.05"

...

when running in CI the locals are not avaibale:

Packer v1.9.4
Packer Inspect: HCL2 mode

> input-variables:

> local-variables:
...

in CI and local I have packer version 1.9.4.

I guess it is caused by the way Azure checkouts the repository & commit, but running the same checkout command (git checkout --progress --force refs/remotes/origin/<sha>) local it works.

# azure-pipelines.yml
  - stage: validate
    # https://github.com/Microsoft/azure-pipelines-agent/issues/858#issuecomment-457027046
    condition: and(not(contains(variables['Build.SourceVersionMessage'], '[skip ci]')), ne(variables['Build.SourceBranch'], 'refs/heads/main'))
    jobs:
      - job: packer_fmt
        steps:
          - script: |
              cd $(System.DefaultWorkingDirectory)/.
              PACKER_PLUGIN_PATH="./plugins" packer fmt -check=true -recursive=true .
            failOnStderr: "true"
            displayName: packer fmt

      - job: packer_validate
        steps:
          - script: |
              cd $(System.DefaultWorkingDirectory)/.
              packer version
              packer inspect .
              PACKER_PLUGIN_PATH="./plugins" packer validate -evaluate-datasources .
            failOnStderr: "true"
            displayName: packer validate

Do you have any hint that behaviour is caused by?

New datasource HEAD

I think very beneficial in CI/CD pipelines will be having new data source git-head. It will be similar to git-commit but not focusing over commit, but rather on current git repo workspace.

Data source as input will be taking path (by default .) and always working on HEAD commit. As output it will initially return two values:

git commit sha
current git branch name

Alternatives:
we can add one output into git-commit with branch name associated with HEAD but by design of git-commit it doesnt seems to be fitting there (there is focus over commit object)

@ethanmdavidson what you think here?

The v0.5.0 release does not include assets resulting in failed installs

The v0.5.0 release published December 15 2023 does not include assets. Trying to install this version fails because the assets cannot be downloaded.

The previous releases include assets