HCP Packer now supports webhooks and streamlined run task reviews

HCP Packer is a powerful tool for tracking, governing, and managing image artifacts across multi-cloud environments. Today at HashiConf, we are introducing two new features for HCP Packer: project-level webhooks and streamlined run task reviews.

Project-level webhooks allow users to notify external systems about specific HCP Packer events using automation. Streamlined run task reviews provide meaningful context on run task evaluations for the HCP Packer run task on HashiCorp Terraform Cloud, building on the new functionality released in September. These two additions help organizations improve the efficiency and security of image-related workflows across their multi-cloud infrastructure estate.

»Project-level webhooks

A webhook is a method of automating the exchange between two applications in real time. It allows one system to send data to another as soon as a specific event occurs. Webhooks are integrated into many applications, such as Terraform Cloud, where they are often used to automate business processes.

»Challenges

Before the addition of project-level webhooks, after completing an action in HCP Packer users had to manually orchestrate external workflows to ensure consistency across their infrastructure estate. For example, if a user revoked an image version, they then needed to manually delete the image in the cloud provider. The inability to hook HCP Packer into their existing automation pipelines added complexity to their image management workflows, opened organizations to security risks caused by human errors, and slowed deployment speed.

»Introducing webhooks for HCP Packer

HCP Packer users can now configure webhooks at the project level, allowing them to implement automation when interacting with the HashiCorp Cloud Platform (HCP). Webhooks can be used to trigger custom automation in response to image lifecycle events such as:

• Creation, completion, and deletion
• Revocation and restoration
• Scheduling and canceling a scheduled revocation
• Assignment to a channel

Example workflows include initiating functional tests via Terraform Cloud after publishing a new image version, setting a deprecation date or tag in the cloud provider when an artifact is revoked, and sending notifications to stakeholders when these events take place.

These automation workflows can be set up and edited directly in HCP:

»Key webhook benefits

Project-level webhooks have two chief benefits in HCP Packer:

• More comprehensive workflow automation: Webhooks let you automate processes triggered by specific events to reduce manual effort while integrating with existing external pipelines and Terraform Cloud.
• Enhanced security: Through automation, organizations can mitigate the risk of human errors such as missed notifications and forgotten image management tasks that could lead to outdated and insecure images throughout their infrastructure estate.

See a demo of webhooks in this video:

»Streamlined run task reviews

Terraform Cloud and HCP Packer let users tightly integrate their image management and provisioning workflows through the use of a golden image pipeline. One component of this is the Terraform Cloud run task for HCP Packer, which helps prevent the deployment of non-approved images in two ways:

• Data source image validation: scans your Terraform plan for references to the HCP Packer data sources, warning you or blocking the run if any referenced data is associated with a revoked image version.
• Resource image validation: scans your Terraform configuration for resources that use hard-coded image IDs, checks if the image is tracked by HCP Packer, and warns you if the image is associated with a revoked version.

»Run task evaluation challenges

Previously, Terraform Cloud users would receive HCP Packer run task evaluation information via a callback request that included only a brief message on the run task event. Users often had trouble with HCP Packer run task failures, because they lacked visibility into which resources were specifically affected, the details of the failure, and actionable guidance for remediation in warning and failure messages. Terraform Cloud addressed this issue through the addition of streamlined run task reviews, which provides comprehensive details in-app. At release, however, this functionality was not yet supported for the HCP Packer run task.

»Introducing streamlined run task reviews for HCP Packer

Users can now easily check their image compliance and get actionable guidance without having to leave Terraform Cloud. Practitioners can see a list view of run task evaluations for HCP Packer to identify warnings and failures for image-related events per resource. From there they can access the critical information needed to remediate image issues such as addressing revoked versions, untracked images, and more.

From the list view, users can click into run task warnings and failures to see additional details and remediation guidance.

»Key benefits of streamlined run task reviews

Streamlined run task reviews have two chief benefits in HCP Packer:

• Improved security and compliance: Streamlined run task reviews for HCP Packer help organizations ensure their images are secure and compliant by providing clear and actionable remediation information. This prevents the deployment of non-approved images, minimizing risk in the infrastructure provisioning process.
• Efficient issue remediation: Users can now diagnose and resolve image-related issues promptly without having to navigate to external systems and rely on additional tooling. This reduces the time and effort required to troubleshoot failures, streamlining the overall image management workflow.

»Getting started with HCP Packer

To get started with webhooks and streamlined run task reviews for HCP Packer, please refer to the documentation:

• Create and manage HCP Packer webhooks
• HCP Packer webhook events
• Set up Terraform Cloud run task for HCP Packer
• Streamlined run task reviews

Or get started with HCP Packer for free to track and manage artifacts across all your cloud environments.