Skip to content

Packer Build Evidence (How to Review)

This folder contains signed-off, timestamped proof that VM templates were built in Proxmox VE using HashiCorp Packer. Each successful run produces a human summary (README.md), a machine summary (proof.json), and the full Packer log (packer.log).

Linux templates - Ubuntu 22.04 (latest)builds/ubuntu-22.04/latest/README.md
- Rocky Linux 9 (latest)builds/rocky-9/latest/README.md
- Ubuntu 24.04 (latest)builds/ubuntu-24.04/latest/README.md

Windows template - Windows Server 2022 (latest)builds/windows-2022/latest/README.md

Tip: Each template folder also contains a history of prior runs (by UTC timestamp). Use the latest link above for the most recent successful build.

What’s inside each proof

Each build proof folder contains: - README.md — plain‑English summary (timestamp, VMID, node, and template facts: CPU, disk, ISO/CDROM, network). - proof.json — machine‑readable metadata (VMID, node, SHA‑256 checksum for the log, byte size). - packer.log — complete build output with PACKER_LOG=1 enabled.

The init proof folder contains: - README.md — summary of Proxmox bootstrap (API token/user, node/storage/bridge discovery). - proof.json — metadata and a list of rendered unattended assets. - init-packer.log — one‑time initialization log.

Integrity & Authenticity (no tooling required)

  • Each build README states the SHA‑256 of the packer.log.
  • proof.json repeats the same hash under log_sha256.
  • Logs are immutable per timestamped folder, and a latest symlink always points to the most recent successful run.

How this evidence is produced

  • Templates live under infra/packer/ (HCL + OS assets).
  • The build is executed via bin/build-wrapper.sh which streams to console and writes structured logs.
  • On success only, bin/evidence_packer.sh generates this proof (README + JSON + log) for the run.
  • The one‑time initialization proof is generated by the same evidence tool in init mode.

If a build fails, no proof is emitted—you’ll only see logs under output/logs/packer/... (useful for debugging, not for review).

Design rationale & runbooks

Contact

Maintainer: Jeleel Muibi (HybridOps.Studio)
For questions about provenance, process, or reproducibility, open the latest template proof (above) and use the referenced log + JSON to trace the exact build parameters and outcome.