Packer
HCP SBOM Provisioner
Official
Type: hcp-sbom
The hcp-sbom
Packer provisioner downloads the SBOM file from the remote machine
and sends it to HCP Packer when the build is complete (only if the template is
HCP-enabled). The SBOM file is automatically removed at the end of the process.
If the user wants to retain a copy of the SBOM file, they should specify the
destination
field in the provisioner.
Currently, we support CycloneDX
and SPDX
SBOM formats in JSON
.
TBA: Add more details about max number of files allowed to download, and if we are going to add the file name field.
Basic Example
{
"type": "hcp-sbom",
"source": "/tmp/sbom_cyclonedx.json",
"destination": "./sbom/sbom_cyclonedx.json"
}
Configuration Reference
Required Parameters:
source
(string) - Source is a required field that specifies the path to the SBOM file that needs to be downloaded. It can be a file path or a URL.
Optional Parameters:
destination
(string) - Destination is an optional field that specifies the path where the SBOM file will be downloaded to for the user. The 'Destination' must be a writable location. If the destination is a file, the SBOM will be saved or overwritten at that path. If the destination is a directory, a file will be created within the directory to store the SBOM. Any parent directories for the destination must already exist and be writable by the provisioning user (generally not root), otherwise, a "Permission Denied" error will occur. If the source path is a file, it is recommended that the destination path be a file as well.
Example Usage
{
"builders": [
{
"type": "docker",
"image": "ubuntu:20.04",
"commit": true
}
],
"provisioners": [
{
"type": "shell",
"inline": [
"apt-get update -y",
"apt-get install -y curl",
"bash -c \"$(curl -sSL https://install.mondoo.com/sh)\""
]
},
{
"type": "shell",
"inline": [
"cnquery sbom --output cyclonedx-json --output-target /tmp/sbom_cyclonedx.json",
"cnquery sbom --output spdx-json --output-target /tmp/sbom_spdx.json"
]
},
{
"type": "hcp-sbom",
"source": "/tmp/sbom_cyclonedx.json",
"destination": "./sbom"
},
{
"type": "hcp-sbom",
"source": "/tmp/sbom_spdx.json",
"destination": "./sbom/sbom_spdx.json"
}
]
}