HCP Packer now tracks CI/CD pipeline metadata
HCP Packer now supports tracking CI/CD pipeline metadata, allowing users to see which tools were used in the image-building process through integrations with GitHub and GitLab. This enhancement helps lay the foundation for a secure build pipeline and grants HCP Packer level 1 compliance with SLSA (Supply-Chain Levels for Software Artifacts). The addition of pipeline metadata tracking improves build visibility, providing critical CI/CD information such as pipeline IDs, job names, details on the operating system, VCS commits, and more. This helps organizations make risk-based security decisions and shift their security left in the infrastructure deployment process.
Company
HashiCorp
Date published
Aug. 5, 2024
Author(s)
Mitchell Ross
Word count
473
Language
English
Hacker News points
None found.