Skip to content

Packer Build Records (How to Review)

This folder contains signed-off, timestamped run records showing that VM templates were built in Proxmox VE using HashiCorp Packer. Each successful run produces a human summary (README.md), a machine summary (run.json), and the full Packer log (packer.log).

  • Init (one‑time bootstrap)init/latest/README.md

Linux templates - Ubuntu 22.04 (latest)builds/ubuntu-22.04/latest/README.md
- Rocky Linux 9 (latest)builds/rocky-9/latest/README.md
- Ubuntu 24.04 (latest)builds/ubuntu-24.04/latest/README.md

Windows template - Windows Server 2022 (latest)builds/windows-2022/latest/README.md

Tip: Each template folder also contains a history of prior runs (by UTC timestamp). Use the latest link above for the most recent successful build.

What’s inside each record

Each build run record folder contains: - README.md — plain‑English summary (timestamp, VMID, node, and template facts: CPU, disk, ISO/CDROM, network). - run.json — machine‑readable metadata (VMID, node, SHA‑256 checksum for the log, byte size). - packer.log — complete build output with PACKER_LOG=1 enabled.

The init run record folder contains: - README.md — summary of Proxmox bootstrap (API token/user, node/storage/bridge discovery). - run.json — metadata and a list of rendered unattended assets. - init-packer.log — one‑time initialization log.

Integrity & Authenticity (no tooling required)

  • Each build README states the SHA‑256 of the packer.log.
  • run.json repeats the same hash under log_sha256.
  • Logs are immutable per timestamped folder, and a latest symlink always points to the most recent successful run.

How these records are produced

  • Templates live under infra/packer/ (HCL + OS assets).
  • The build is executed via bin/build-wrapper.sh which streams to console and writes structured logs.
  • On success only, bin/evidence_packer.sh generates this record set (README + JSON + log) for the run.
  • The one‑time initialization record is generated by the same tooling in init mode.

If a build fails, no review record is emitted. You will only see logs under <runtime-root>/logs/packer/... for debugging.

Design rationale & runbooks

Contact

Maintainer: Jeleel Muibi (HybridOps)
For questions about provenance, process, or reproducibility, open the latest template record above and use the referenced log + JSON to trace the exact build parameters and outcome.