June 20-22 Announcing HashiConf Europe full schedule: keynotes, sessions, labs & more Register Now
  • Infrastructure
    • terraform
    • packer
  • Networking
    • consul
  • Security
    • vault
    • boundary
  • Applications
    • nomad
    • waypoint
    • vagrant
  • HashiCorp Cloud Platform

    A fully managed platform to automate infrastructure on any cloud with HashiCorp products.

    • consul
    • terraform
    • vault
    • packerbeta
    Visit cloud.hashicorp.com
  • Overview
  • Tutorials
  • Docs
  • Plugins
  • Community
GitHubInstall PackerTry HCP Packer
    • v1.8.x (latest)
    • v1.7.x
    • v1.6.x
    • v1.5.x

  • Terminology
    • Overview
    • init
      • Overview
      • install
      • installed
      • remove
      • required
    • build
    • console
    • fix
    • fmt
    • inspect
    • validate
    • hcl2_upgrade
    • Overview
      • Overview
        • Overview
          • Overview
          • hcp_packer_registry
          • source
          • provisioner
          • post-processor
          • post-processors
        • locals
        • source
        • variable
        • packer
        • data
        • Overview
          • aws_secretsmanager
          • consul
          • env
          • vault
          • abs
          • ceil
          • floor
          • log
          • max
          • min
          • parseint
          • pow
          • signum
          • chomp
          • format
          • formatlist
          • indent
          • join
          • lower
          • replace
          • regex_replace
          • regex
          • regexall
          • split
          • strrev
          • substr
          • title
          • trim
          • trimprefix
          • trimsuffix
          • trimspace
          • upper
          • chunklist
          • coalesce
          • coalescelist
          • compact
          • concat
          • contains
          • distinct
          • element
          • flatten
          • index
          • keys
          • length
          • lookup
          • merge
          • range
          • reverse
          • setintersection
          • setproduct
          • setunion
          • slice
          • sort
          • values
          • zipmap
          • base64decode
          • base64encode
          • csvdecode
          • jsondecode
          • jsonencode
          • urlencode
          • yamldecode
          • yamlencode
          • abspath
          • basename
          • dirname
          • file
          • fileexists
          • fileset
          • pathexpand
          • templatefile
          • formatdate
          • timeadd
          • timestamp
          • legacy_isotime
          • legacy_strftime
          • bcrypt
          • md5
          • rsadecrypt
          • sha1
          • sha256
          • sha512
          • uuidv4
          • uuidv5
          • cidrhost
          • cidrnetmask
          • cidrsubnet
          • cidrsubnets
          • can
          • convert
          • try
      • Variables
      • Locals
      • Contextual Variables
      • Data Sources
      • Path Variables
      • Syntax
      • Only Except
      • Expressions
      • JSON Syntax
      • Overview
      • Builders
      • Communicators
      • Engine
      • Post-Processors
      • Provisioners
      • User Variables

    • Overview
    • SSH
    • WINRM
    • Overview
    • File
    • Null
    • Custom
    • Community-Supported
    • Overview
      • Overview
      • Iteration
      • Image
      • Image-Deprecated
    • Overview
    • Breakpoint
    • File
    • PowerShell
    • Shell
    • Shell (Local)
    • Windows Shell
    • Windows Restart
    • Custom
    • Community-Supported
    • Overview
    • Artifice
    • Compress
    • Checksum
    • Manifest
    • Shell (Local)
    • Community-Supported
  • External Plugins

  • Installing Packer
  • Configuring Packer

    • Overview
      • Overview
      • Custom Builders
      • Custom Post-Processors
      • Custom Provisioners
      • Custom Data Sources
    • HCP Packer Support
  • Integration Program

  • Debugging
  • HCP Packer
Type '/' to Search

Note: This page is about HCL2 Packer templates. HCL2 templates were first introduced as a beta feature into Packer version 1.5. As of v1.7, HCL2 support is no longer in beta, and is the preferred way to write Packer configuration. For the old-style stable configuration language see template docs. As of v1.6.2, you can convert your legacy JSON template into an HCL2 config file using the hcl2_upgrade command.

»Source Variables

It is possible to access the name and type of your source from provisioners and post-processors:

source "null" "first-example" {
  communicator = "none"
}

build {
  name = "roles"

  source "null.first-example" {
    name = "consul"
  }
  source "null.first-example" {
    name = "nomad"
  }
  source "null.first-example" {
    name = "vault"
  }
  sources = ["null.first-example"]

  provisioner "shell-local" {
    inline = ["echo ${source.name} and ${source.type}"]
  }
}

# This will echo something like:
#
# roles.null.consul: consul and null
# roles.null.nomad: nomad and null
# roles.null.vault: vault and null
# roles.null.first-example: first-example and null
source "null" "first-example" {
  communicator = "none"
}

build {
  name = "roles"

  source "null.first-example" {
    name = "consul"
  }
  source "null.first-example" {
    name = "nomad"
  }
  source "null.first-example" {
    name = "vault"
  }
  sources = ["null.first-example"]

  provisioner "shell-local" {
    inline = ["echo ${source.name} and ${source.type}"]
  }
}

# This will echo something like:
#
# roles.null.consul: consul and null
# roles.null.nomad: nomad and null
# roles.null.vault: vault and null
# roles.null.first-example: first-example and null

»Build Variables

Build variables will allow you to access connection information and basic instance state information for a builder. All special build variables are stored in the build variable:

source "null" "first-example" {
  communicator = "none"
}

build {
  name = "my-build-name"
  sources = ["null.first-example"]

  provisioner "shell-local" {
    environment_vars = ["TESTVAR=${build.PackerRunUUID}"]
    inline = ["echo source.name is ${source.name}.",
              "echo build.name is ${build.name}.",
              "echo build.PackerRunUUID is $TESTVAR"]
  }
}
source "null" "first-example" {
  communicator = "none"
}

build {
  name = "my-build-name"
  sources = ["null.first-example"]

  provisioner "shell-local" {
    environment_vars = ["TESTVAR=${build.PackerRunUUID}"]
    inline = ["echo source.name is ${source.name}.",
              "echo build.name is ${build.name}.",
              "echo build.PackerRunUUID is $TESTVAR"]
  }
}

Here is the list of available build variables:

  • name Represents the name of the build block being run. This is different than the name of the source block being run.

  • ID: Represents the vm being provisioned. For example, in Amazon it is the instance id; in digitalocean, it is the droplet id; in Vmware, it is the vm name.

  • Host, Port, User and Password: The host, port, user, and password that Packer uses to access the machine. Useful for using the shell local provisioner to run Ansible or Inspec against the provisioned instance.

  • ConnType: Type of communicator being used. For example, for SSH communicator this will be "ssh".

  • PackerRunUUID: Current build's unique id. Can be used to specify build artifacts. An example of that, is when multiple builds runs at the same time producing the same artifact. It's possible to differentiate these artifacts by naming them with the builds' unique ids.

  • PackerHTTPIP, PackerHTTPPort, and PackerHTTPAddr: HTTP IP, port, and address of the file server Packer creates to serve items in the "http" dir to the vm. The HTTP address is displayed in the format IP:PORT.

  • SSHPublicKey and SSHPrivateKey: The public and private key that Packer uses to connect to the instance. These are unique to the SSH communicator and are unset when using other communicators. SSHPublicKey and SSHPrivateKey can have escape sequences and special characters so their output should be single quoted to avoid surprises. For example:

      provisioner "shell" {
          inline = ["echo '${build.SSHPrivateKey}' > /tmp/packer-session.pem"]
      }
    
      provisioner "shell" {
          inline = ["echo '${build.SSHPrivateKey}' > /tmp/packer-session.pem"]
      }
    

For backwards compatibility, WinRMPassword is also available through this engine, though it is no different than using the more general Password.

All build variables are valid to use with any of the HCL2 functions. Example of using upper to upper case the build ID:

  post-processor "shell-local" {
      inline = ["echo ${upper(build.ID)}"]
  }
  post-processor "shell-local" {
      inline = ["echo ${upper(build.ID)}"]
  }

For builder-specific builder variables, please also refer to the builder docs:

  • Amazon EC2: chroot, EBS Volume, EBS, EBS Surrogate, Instance.

The HCL2 Special Build Variables is in beta; please report any issues or requests on the Packer issue tracker on GitHub.

»Packer Version

This variable is set to the Packer version currently running.

source "null" "first-example" {
  communicator = "none"
}

build {
  sources = ["null.first-example"]

  provisioner "shell-local" {
    inline = ["echo packer_version is '${packer.version}'"]
  }
}
source "null" "first-example" {
  communicator = "none"
}

build {
  sources = ["null.first-example"]

  provisioner "shell-local" {
    inline = ["echo packer_version is '${packer.version}'"]
  }
}

If you are running a development version of Packer, the version variable will contain the released version number, dev flag, and current commit.

PACKER_LOG=0 packer build packer_version_demo.pkr.hcl
null.first-example: output will be in this color.

==> null.first-example: Running local shell script: /var/folders/8t/0yb5q0_x6mb2jldqq_vjn3lr0000gn/T/packer-shell083160352
    null.first-example: packer_version is 1.6.5-dev (a69392129+CHANGES)
PACKER_LOG=0 packer build packer_version_demo.pkr.hcl
null.first-example: output will be in this color.

==> null.first-example: Running local shell script: /var/folders/8t/0yb5q0_x6mb2jldqq_vjn3lr0000gn/T/packer-shell083160352
    null.first-example: packer_version is 1.6.5-dev (a69392129+CHANGES)

If you are running a released version of Packer, the version variable will contain the released version number only:

PACKER_LOG=0 packer build packer_version_demo.pkr.hcl
null.first-example: output will be in this color.

==> null.first-example: Running local shell script: /var/folders/8t/0yb5q0_x6mb2jldqq_vjn3lr0000gn/T/packer-shell718995312
    null.first-example: packer_version is 1.6.5
PACKER_LOG=0 packer build packer_version_demo.pkr.hcl
null.first-example: output will be in this color.

==> null.first-example: Running local shell script: /var/folders/8t/0yb5q0_x6mb2jldqq_vjn3lr0000gn/T/packer-shell718995312
    null.first-example: packer_version is 1.6.5

Make sure to wrap your variable in single quotes in order to escape the string that is returned; if you are running a dev version of packer the parenthesis may through off your shell escaping otherwise.

»HCP Packer Iteration ID

If your build is pushing metadata to the HCP Packer registry, this variable is set to the value of the Iteration ID associated with this run.

source "amazon-ebs" "cannonical-ubuntu-server" {
  ami_name         = "packer-example"
  // ...
  run_volume_tags = {
    hcp_iteration_id = packer.iterationID
  }
}
source "amazon-ebs" "cannonical-ubuntu-server" {
  ami_name         = "packer-example"
  // ...
  run_volume_tags = {
    hcp_iteration_id = packer.iterationID
  }
}
==> vanilla.amazon-ebs.cannonical-ubuntu-server: Adding tags to source instance
    vanilla.amazon-ebs.cannonical-ubuntu-server: Adding tag: "Name": "Packer Builder"
    vanilla.amazon-ebs.cannonical-ubuntu-server: Adding tag: "hcp_iteration_id": "01FHGF3M2AK4TS6PCZES4VX5E7"
==> vanilla.amazon-ebs.cannonical-ubuntu-server: Adding tags to source instance
    vanilla.amazon-ebs.cannonical-ubuntu-server: Adding tag: "Name": "Packer Builder"
    vanilla.amazon-ebs.cannonical-ubuntu-server: Adding tag: "hcp_iteration_id": "01FHGF3M2AK4TS6PCZES4VX5E7"

You can also add this value to post-processors, for example to add to a manifest file:

  post-processor "manifest" {
    output     = "manifest.json"
    strip_path = true
    custom_data = {
      iteration = "${packer.iterationID}"
    }
  }

  post-processor "manifest" {
    output     = "manifest.json"
    strip_path = true
    custom_data = {
      iteration = "${packer.iterationID}"
    }
  }

github logoEdit this page
IntroGuidesDocsCommunityPrivacySecurityPress KitConsent Manager