HCP Packer improves metadata visibility for artifact creation
You can now see the Packer Community Edition version and plugin versions associated with each artifact in HCP Packer.
HCP Packer is a powerful tool for managing the lifecycle of image artifacts at scale across any cloud or on-premises environment. We are excited to announce the addition of Packer version and plugin version tracking, now available in HCP Packer and the latest version of Packer Community Edition (1.10.1+). With these additions, users can now quickly check the versions of Packer Community Edition or associated plugins used while creating a build artifact. This enhancement lays the foundation for a secure build pipeline and helps organizations ensure they are leveraging the latest Packer features.
» Artifact governance challenges
As the security demands on the software supply chain grow, organizations increasingly recognize the governance of their base images and build artifacts as a pivotal concern. Without provenance and a clear lineage of where and how each artifact was built, organizations face heightened security threats from unverified software components. Organizations must ensure they employ only trusted artifacts, validated at each stage of their lifecycle, to maintain the integrity and security of their software supply chain. It can be difficult to verify an artifact's legitimacy and compliance without proper visibility into its creation pipeline.
» Improving build visibility
HCP Packer plays a crucial role in the software supply chain by managing the resources at the foundation of infrastructure pipelines: image artifacts. Through proper image management, organizations can shift their security left and address risks earlier in the infrastructure deployment process. With the addition of Packer version and plugin version tracking, users can now see which version of Packer Community Edition or plugins were used for each of their artifacts, directly in the HashiCorp Cloud Platform (HCP). This enhancement marks another step towards complete artifact provenance by providing users with more visibility into the tools used to create an artifact and allowing them to use this information for troubleshooting and risk mitigation.
» Learn more
To learn more about HCP Packer, visit the HCP Packer introduction page on HashiCorp Developer.
Get started with HCP Packer for free to track and manage artifacts across all your cloud environments.
Sign up for the latest HashiCorp news
More blog posts like this one
New SLM offerings for Vault, Boundary, and Consul at HashiConf 2024 make security easier
The latest Security Lifecycle Management (SLM) features from HashiCorp Vault, Boundary, and Consul help organizations offer a smoother path to better security practices for developers.
Terraform, Packer, Nomad, and Waypoint updates help scale ILM at HashiConf 2024
New Infrastructure Lifecycle Management (ILM) offerings from HashiCorp Terraform, Packer, Nomad, and Waypoint help organizations manage their infrastructure at scale with reduced complexity.
HCP Packer now tracks CI/CD pipeline metadata
You can now see the CI/CD pipeline metadata associated with each image build in HCP Packer.