releases.shpreview
HashiCorp/Packer/v1.12.0

v1.12.0

January 22, 2025PackerView original ↗
$npx -y @buildinternet/releases show rel_5bPFTatETXrTT1EbeptXI

1.12.0 (January 22, 2025)

FEATURES:

  • core: add support for a DAG-based evaluation on locals and datasources. A long-standing odditiy of Packer has been the order of evaluation for locals and data sources. In previous versions of Packer, the data sources were evaluated first, then the local variables were, making it impossible to have a datasource that referenced a local variable as part of its configuration. This change introduces a Directed Acyclic Graph (DAG) to evaluate those resources, instead of the phased approach of old, which makes the order of evaluation not dependent on the type of resource, but instead of the detected dependencies between them. Note: While we are confident this should be robust enough for general use, we do recognise that it is possible some users might encounter issues. To give those users a way to continue using the old evaluation method, we introduced a -use-sequential-evaluation command-line flag to the build, validate, console and inspect subcommands, to force using the sequential evaluation approach for those entities. GH-13155

  • core/hcp: support for uploading SBOMs to HCP Packer. Software Bill of Materials (SBOM) are a standardised way to export the various software packages linked to an artifact. As some users have expressed a need to produce and access those for images they build, we now add the feature to Packer itself. While the generation of the SBOM itself is not done directly by Packer, instead we recommend using known scanners to produce them, we add the capacity to upload this SBOM file to HCP Packer, and link it to a build artifact. GH-13171

  • core: support for alternate serialisation formats for plugin communication. Packer relies on plugins to do most of the actual workload related to building and provisioing artifacts, while Packer is mostly an orchestrator for those plugins to perform their work. This separation of concerns implies that both entities have to communicate on multiple occasions during the course of a build. Before v1.12.0 of Packer, and v0.6.0 of the plugin SDK, we used Gob to do most of the serialisation for those steps. This is however a bit of a problem recently, as go-cty, the library we use for dynamic objects lifted from HCL templates, dropped support for this a while back. Therefore now, we introduce an alternative: protobuf/msgpack, which are both usable and maintained by the projects around Packer, so we can begin our transition away from gob with this change. Note: as with the introduction of the DAG for locals/datasources, this is a feature that we are reasonably confident you will not encounter bugs with, however we cannot rule-out this possibility, therefore we introduce a new environment variable: PACKER_FORCE_GOB, which if set to '1', forces the use of Gob instead of protobuf/msgpack. GH-13120

IMPROVEMENTS:

  • hcl2/json: add aws_secretsmanager_raw funcion. When using the AWS secretsmanager function with a non-text secret, one could only get a secret once at a time. This could get cumbersome if wanting to get multiple through one request, which led people to encode their JSON/Object secrets as a big base64 encoded string that they could get once, and then manipulate through JSON functions. While the workaround works, it is one extra layer of manipulations to do so, therefore a new function to always get the raw textual version of a secret is now added to Packer. GH-13242
  • hcl2: add alltrue and anytrue functions. As with Terraform, Packer now supports the HCL functions alltrue and anytrue, which returns whether or not a collection only consists of true values, or if any is. GH-13237
  • hcl2: add strcontains function. As with Terraform, Packer now supports the HCL function strcontains, which returns whether or not a string contains a substring within it. GH-13217 GH-13222
  • datasource/http: Support other methods than GET. The HTTP datasource used to always use GET requests for getting data from a remote HTTP server, which was not always enough since some endpoints may only support other methods. This change allows for most of the HTTP methods to perform those requests. GH-13190
  • hcl2: add base64gzip function. In some cases, small blobs may need to be kept in memory, and injected in a template somewhere else, but if the blob needs to be minimised, the base64gzip function can be invoked to compress the blob and expose it as a valid HCL2 string for use later. GH-13142

BUG FIXES:

  • hcl2: Fix duplicate error messages on top-level HCL violations. A parsing quirk for HCL templates caused Packer to produce the same parsing error multiple times if the error was caused by a top-level violation. GH-13245
  • build: Include LC_UUID in Darwin binaries. A change in how Apple authorises a plugin to access the network caused Packer to break on recent (14.7 and above) macOS versions, as Packer uses the local network to communicate with plugins. The fix is to include an additional UUID into the metadata of the produced binary, so it is authorised by macOS to use the local network, which prompts an update to the version of Go used for building Packer (1.22.9), as it is when this addition is supported by an LDFLAG. GH-13214
  • hcl2: Don't error on empty bucker slug. As reported by members of our community, using a hcp_packer_registry block without a bucket slug, even if provided by external means, would cause Packer to fail with an invalid bucket slug error. This is most definitely a bug, which is addressed in this release. GH-13210
  • hcp: fix bug when trying to extract HEAD SHA from empty Git repo. GH-13165

SECURITY:

NOTES:

  • docs: fix UUIDv4 example. A community user has found discrepancies in the UUIDv4 examples which were used in our docs, as they do not match the standard. GH-13229
  • hcl2: fix slice initialisation method during variable evaluation phase. GH-13175

Fetched April 8, 2026