HCP Packer Config Sourcer plugin

[paladin-devops]

The HCP Packer plugin added in this PR enables users to source a machine image ID from an HCP Packer channel. The user-configured bucket is checked for the specified channel. Within the channel, if the latest machine image iteration has a build that matches the desired cloud provider and region, it is returned to Waypoint. Below is an example of this being used to source the desired Nginx base image for a ReactJS app build, where the sourced machine image is templated into the Dockerfile.

Configuration source settings

$ waypoint config source-set -type=packer -config=client_id=sunset -config=client_secret=sarsaparilla -config=organization_id=nuka-cola -config=project_id=quantum

waypoint.hcl

...
variable "image" {
  default = dynamic("packer", {
    bucket  = "nginx"
    channel = "base"
    // Packer registers the region and cloud provider for a Docker image as "docker".
    // Other Packer plugins may do things differently.
    region  = "docker" 
    cloud   = "docker"
  })
  type        = string
  description = "The name of the base image to use for building app Docker images."
}

app "packer-plugin-app" {
  build {
    use "docker" {
      dockerfile = templatefile("${path.app}/Dockerfile", {
        base_image = var.image
      })
    }
  }
...

Dockerfile

# Multi-stage Docker build
FROM node:19.2-alpine as build
WORKDIR /app
ENV PATH /app/node_modules/.bin:$PATH
COPY package.json ./
COPY package-lock.json ./
RUN npm ci --silent
RUN npm install react-scripts@3.4.1 -g --silent
COPY . ./
RUN npm run build

# Below is where the Docker repository are templated for building the image
FROM ${base_image}
COPY nginx/default.conf /etc/nginx/conf.d/
COPY --from=build /app/build /usr/share/nginx/html
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]

[briancain]

Nice job on this one! I've got a few minor code comments, but this looks great and will be an interesting addition to the Waypoint plugin collection! ✨

[briancain]

We should probably have a bit more information here, like for example that only container images are valid, etc.

[paladin-devops]

I'm hesitant to point out that only container images will work, since Packer supports more than just containers. Our plugins do work almost exclusively with containers, but since plugins don't have to, and since we have the EC2 plugin, I think it's okay to leave it at "image". However, I will at least add some color to this description! 😃

[briancain]

This is interesting - is there a chance that we could unintentionally be picking the wrong build here? Or is "first" build essentially latest build?

[paladin-devops]

With one packer build operation, I have never tried to push more than one image of the same cloud provider and region to the same bucket in an HCP Packer registry. 🤔 I don't know for certain if it's possible or not, but maybe we could add more specific input parameters here in a follow up PR if it seems useful?

[briancain]

Sure - totally fine to fix this up in a follow-up PR! Make an issue so we don't lose track 👍🏻

[vercel]

@paladin-devops is attempting to deploy a commit to the HashiCorp Team on Vercel.

A member of the Team first needs to authorize it.