Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Mondoo Packer Provisioner

This provisioner runs Mondoo vulnerability scan as part of the packer build. It enables you to easily plug Mondoo into your existing Packer build pipeline.

The provisioner leverages Packer's built-in ssh proxy, to easily assess the vulnerabilities without the need to install anything on the target. Everybody loves clean images, right?

Further documentation is available at Mondoo Packer Integration Docs. An AMI build example is located in the examples directory


  1. Install Mondoo agent on your workstation
  2. Download and install the Packer plugin and place it into ~/.packer.d/plugins


The simplest setup is to add mondoo to your provisioners list:

  "provisioners": [{
    "type": "shell",
    "scripts": [
    "override": {
      "virtualbox-iso": {
        "execute_command": "/bin/sh '{{.Path}}'"
  }, {
    "type": "mondoo"

Compiling the Packer plugin from source

If you wish to compile from source, you need to have Go installed and configured.

  1. Clone the mondoo repository from GitHub into your $GOPATH:
$ mkdir -p $(go env GOPATH)/src/ && cd $_
$ git clone
$ cd mondoo/packer-provisioner-mondoo
  1. Build the plugin for your current system and place the binary in the packer plugin directory
make install


The tests are derived from maier/packer-templates.

You can’t perform that action at this time.