Skip to content

Commit ea25de1

Browse files
anurag5shanurag5sh
authored
feat: native sbom generation for hcp (#13566)
* add configuration fields to SBOMInternalProvisioner * add os detection * move implementation to hcp-sbom * upload scanner binary and execute * use latest syft version always * reduce duplicate code * rename config fields appropriately * default to cyclonedx * add syft dependency * add support for elevated user for windows * add retry for download * add syft dependency Updates go version * optimization for windows * improve docs * update config usage rules * add unit tests * update golang version, fix linter issues * refactor and improvements * simplify few lines * refactor retry for scanner download * resolved conflicts * resolve conflicts from main * stick to syft v1 for compatibility * fix lint issues * stricter version check for syft * fix version eg * update go version to 1.25.7 * go mod changes
1 parent d897421 commit ea25de1

File tree

10 files changed

+2716
-232
lines changed

10 files changed

+2716
-232
lines changed

.go-version

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
1.24.0
1+
1.25.7

.golangci.yml

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
# Copyright IBM Corp. 2013, 2025
22
# SPDX-License-Identifier: BUSL-1.1
33

4+
version: 2
5+
46
issues:
57
# List of regexps of issue texts to exclude, empty list by default.
68
# But independently from this option we use default exclude patterns,
@@ -34,15 +36,17 @@ linters:
3436
disable-all: true
3537
enable:
3638
- errcheck
37-
- goimports
38-
- gosimple
3939
- govet
4040
- ineffassign
4141
- staticcheck
4242
- unconvert
4343
- unused
4444
fast: true
4545

46+
formatters:
47+
enable:
48+
- goimports
49+
4650
# options for analysis running
4751
run:
4852
# default concurrency is a available CPU number
@@ -94,7 +98,9 @@ run:
9498
# output configuration options
9599
output:
96100
# colored-line-number|line-number|json|tab|checkstyle|code-climate, default is "colored-line-number"
97-
format: colored-line-number
101+
formats:
102+
colored-line-number:
103+
path: stdout
98104

99105
# print lines of code with issue, default is true
100106
print-issued-lines: true

Makefile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,7 @@ install-gen-deps: ## Install dependencies for code generation
5555

5656
install-lint-deps: ## Install linter dependencies
5757
@echo "==> Updating linter dependencies..."
58-
@curl -sSfL -q https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.64.8
58+
@curl -sSfL -q https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v2.11.3
5959

6060
dev: ## Build and install a development build
6161
@grep 'const VersionPrerelease = ""' version/version.go > /dev/null ; if [ $$? -eq 0 ]; then \

go.mod

Lines changed: 222 additions & 57 deletions
Large diffs are not rendered by default.

go.sum

Lines changed: 1050 additions & 121 deletions
Large diffs are not rendered by default.

packer/provisioner.go

Lines changed: 16 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -9,14 +9,13 @@ import (
99
"fmt"
1010
"log"
1111
"os"
12+
"time"
1213

1314
hcpSbomProvisioner "github.com/hashicorp/packer/provisioner/hcp-sbom"
1415

1516
hcpPackerModels "github.com/hashicorp/hcp-sdk-go/clients/cloud-packer-service/stable/2023-01-01/models"
1617
"github.com/klauspost/compress/zstd"
1718

18-
"time"
19-
2019
"github.com/hashicorp/hcl/v2/hcldec"
2120
packersdk "github.com/hashicorp/packer-plugin-sdk/packer"
2221
"github.com/hashicorp/packer-plugin-sdk/packerbuilderdata"
@@ -254,8 +253,15 @@ type SBOMInternalProvisioner struct {
254253
SBOMName string
255254
}
256255

257-
func (p *SBOMInternalProvisioner) ConfigSpec() hcldec.ObjectSpec { return p.ConfigSpec() }
258-
func (p *SBOMInternalProvisioner) FlatConfig() interface{} { return p.FlatConfig() }
256+
func (p *SBOMInternalProvisioner) ConfigSpec() hcldec.ObjectSpec { return p.Provisioner.ConfigSpec() }
257+
func (p *SBOMInternalProvisioner) FlatConfig() interface{} {
258+
// Try to delegate to inner provisioner if it implements FlatConfig
259+
if fc, ok := p.Provisioner.(interface{ FlatConfig() interface{} }); ok {
260+
return fc.FlatConfig()
261+
}
262+
return nil
263+
}
264+
259265
func (p *SBOMInternalProvisioner) Prepare(raws ...interface{}) error {
260266
return p.Provisioner.Prepare(raws...)
261267
}
@@ -264,6 +270,7 @@ func (p *SBOMInternalProvisioner) Provision(
264270
ctx context.Context, ui packersdk.Ui, comm packersdk.Communicator,
265271
generatedData map[string]interface{},
266272
) error {
273+
// Original implementation - all logic now in hcp-sbom provisioner
267274
cwd, err := os.Getwd()
268275
if err != nil {
269276
return fmt.Errorf("failed to get current working directory for Packer SBOM: %s", err)
@@ -297,6 +304,11 @@ func (p *SBOMInternalProvisioner) Provision(
297304
if err != nil {
298305
return fmt.Errorf("failed to open Packer SBOM file %q: %s", tmpFileName, err)
299306
}
307+
defer func() {
308+
if err := packerSbom.Close(); err != nil {
309+
log.Printf("[WARN] Failed to close Packer SBOM file: %s", err)
310+
}
311+
}()
300312

301313
provisionerOut := &hcpSbomProvisioner.PackerSBOM{}
302314
err = json.NewDecoder(packerSbom).Decode(provisionerOut)

0 commit comments

Comments
 (0)