hashicorp · devashish-patel · Sep 18, 2024 · Sep 25, 2024 · Sep 25, 2024 · Sep 25, 2024
@@ -28,6 +28,7 @@ import (
 	shelllocalpostprocessor "github.com/hashicorp/packer/post-processor/shell-local"
 	breakpointprovisioner "github.com/hashicorp/packer/provisioner/breakpoint"
 	fileprovisioner "github.com/hashicorp/packer/provisioner/file"
+	hcp_sbomprovisioner "github.com/hashicorp/packer/provisioner/hcp_sbom"
 	powershellprovisioner "github.com/hashicorp/packer/provisioner/powershell"
 	shellprovisioner "github.com/hashicorp/packer/provisioner/shell"
 	shelllocalprovisioner "github.com/hashicorp/packer/provisioner/shell-local"
@@ -48,6 +49,7 @@ var Builders = map[string]packersdk.Builder{
 var Provisioners = map[string]packersdk.Provisioner{
 	"breakpoint":      new(breakpointprovisioner.Provisioner),
 	"file":            new(fileprovisioner.Provisioner),
+	"hcp_sbom":        new(hcp_sbomprovisioner.Provisioner),
 	"powershell":      new(powershellprovisioner.Provisioner),
 	"shell":           new(shellprovisioner.Provisioner),
 	"shell-local":     new(shelllocalprovisioner.Provisioner),

@@ -516,6 +516,12 @@ func (cfg *PackerConfig) getCoreBuildProvisioner(source SourceUseBlock, pb *Prov
 		}
 	}
 
+	if pb.PType == "hcp_sbom" {
+		provisioner = &packer.SBOMInternalProvisioner{
+			Provisioner: provisioner,
+		}
+	}
+
 	return packer.CoreBuildProvisioner{
 		PType:       pb.PType,
 		PName:       pb.PName,

@@ -50,11 +50,14 @@ type CoreBuild struct {
 	onError       string
 	l             sync.Mutex
 	prepareCalled bool
+
+	SBOMFilesCompressed [][]byte
 }
 
 type BuildMetadata struct {
 	PackerVersion string
 	Plugins       map[string]PluginDetails
+	SBOMs         [][]byte
 }
 
 func (b *CoreBuild) getPluginsMetadata() map[string]PluginDetails {
@@ -88,6 +91,7 @@ func (b *CoreBuild) GetMetadata() BuildMetadata {
 	metadata := BuildMetadata{
 		PackerVersion: version.FormattedVersion(),
 		Plugins:       b.getPluginsMetadata(),
+		SBOMs:         b.SBOMFilesCompressed,
 	}
 	return metadata
 }
@@ -300,6 +304,16 @@ func (b *CoreBuild) Run(ctx context.Context, originalUi packersdk.Ui) ([]packers
 		return nil, err
 	}
 
+	if len(b.Provisioners) > 0 {
+		for _, p := range b.Provisioners {
+			sbomInternalProvisioner, ok := p.Provisioner.(*SBOMInternalProvisioner)
+			if !ok {
+				continue
+			}
+			b.SBOMFilesCompressed = append(b.SBOMFilesCompressed, sbomInternalProvisioner.CompressedData)
-			if !ok {
-				continue
-			}
-			b.SBOMFilesCompressed = append(b.SBOMFilesCompressed, sbomInternalProvisioner.CompressedData)
+			if ok {
+				b.SBOMFilesCompressed = append(b.SBOMFilesCompressed, sbomInternalProvisioner.CompressedData)
+			}
-			if !ok {
-				continue
-			}
-			b.SBOMFilesCompressed = append(b.SBOMFilesCompressed, sbomInternalProvisioner.CompressedData)
+			if ok {
+				b.SBOMFilesCompressed = append(b.SBOMFilesCompressed, sbomInternalProvisioner.CompressedData)
+			}
+		}
+	}
+
 	// If there was no result, don't worry about running post-processors
 	// because there is nothing they can do, just return.
 	if builderArtifact == nil {

@@ -296,6 +296,13 @@ func (c *Core) generateCoreBuildProvisioner(rawP *template.Provisioner, rawName
 			Provisioner: provisioner,
 		}
 	}
+
+	if rawP.Type == "hcp_sbom" {
+		provisioner = &SBOMInternalProvisioner{
+			Provisioner: provisioner,
+		}
+	}
+
 	cbp = CoreBuildProvisioner{
 		PType:       rawP.Type,
 		Provisioner: provisioner,

@@ -6,7 +6,12 @@ package packer
 import (
 	"context"
 	"fmt"
+	"io"
 	"log"
+	"os"
+
+	"github.com/klauspost/compress/zstd"
+
 	"time"
 
 	"github.com/hashicorp/hcl/v2/hcldec"
@@ -234,3 +239,80 @@ func (p *DebuggedProvisioner) Provision(ctx context.Context, ui packersdk.Ui, co
 
 	return p.Provisioner.Provision(ctx, ui, comm, generatedData)
 }
+
+// SBOMInternalProvisioner is a Provisioner implementation that waits until a key
+// press before the provisioner is actually run.
+type SBOMInternalProvisioner struct {
+	Provisioner    packersdk.Provisioner
+	TempFileLoc    string
+	CompressedData []byte
+}
+
+func (p *SBOMInternalProvisioner) ConfigSpec() hcldec.ObjectSpec { return p.ConfigSpec() }
+func (p *SBOMInternalProvisioner) FlatConfig() interface{}       { return p.FlatConfig() }
+func (p *SBOMInternalProvisioner) Prepare(raws ...interface{}) error {
+	return p.Provisioner.Prepare(raws...)
+}
+
+func (p *SBOMInternalProvisioner) Provision(
+	ctx context.Context, ui packersdk.Ui, comm packersdk.Communicator,
+	generatedData map[string]interface{},
+) error {
+	// Get the current working directory
+	cwd, err := os.Getwd()
+	if err != nil {
+		return fmt.Errorf("failed to get current working directory for Packer SBOM: %s", err)
+	}
+
+	// Create a temporary file in the current working directory
+	tmpFile, err := os.CreateTemp(cwd, "packer-sbom-*.json")
+	if err != nil {
+		return fmt.Errorf("failed to create internal temporary file for Packer SBOM: %s", err)
+	}
+	defer tmpFile.Close()
+	defer func(name string) {
+		fileRemoveErr := os.Remove(name)
+		if fileRemoveErr != nil {
+			log.Printf("Error removing SBOM temporary file %s: %s", name, fileRemoveErr)
+		}
+	}(p.TempFileLoc)
+
+	generatedData["dst"] = tmpFile.Name()
+	p.TempFileLoc = tmpFile.Name()
+
+	err = p.Provisioner.Provision(ctx, ui, comm, generatedData)
+	if err != nil {
+		return err
+	}
+
+	compressedData, err := p.compressFile(p.TempFileLoc)
+	if err != nil {
+		return err
+	}
+	p.CompressedData = compressedData
+	return nil
+}
+
+func (p *SBOMInternalProvisioner) compressFile(filePath string) ([]byte, error) {
+	sourceFile, err := os.Open(filePath)
+	if err != nil {
+		return nil, err
+	}
+	defer sourceFile.Close()
+
+	data, err := io.ReadAll(sourceFile)
+	if err != nil {
+		return nil, err
+	}
+
+	encoder, err := zstd.NewWriter(nil)
+	if err != nil {
+		return nil, err
+	}
+	defer encoder.Close()
+
+	compressedData := encoder.EncodeAll(data, nil)
+
+	fmt.Printf(fmt.Sprintf("SBOM file compressed successfully. Size: %d bytes", len(compressedData)))
+	return compressedData, nil
+}