So I am trying to use the shell-local post processor to run a few commands after a build is finished. However, /tmp is mounted as noexec due to security. That isn’t really a problem, but even though when I remount /tmp with exec, the build fails like this:
==> qemu.image_build: Running post-processor: (type shell-local)
==> qemu.image_build (shell-local): Running local shell script: /tmp/packer-shell903509056
==> qemu.image_build (shell-local): /bin/sh: /tmp/packer-shell903509056: Permission denied
This is strange as it was working fine the week before and nothing has changed. While SELinux is in enforcing mode, I set it to permissive just to test and sure enough, it will still fail.
Here is the post-processor block:
post-processor "shell-local" {
inline = [
"echo 'Copying ${local.image_family}-${var.build_number}.tar.gz to the ${var.gcs_bucket} bucket'",
"gsutil cp output/${local.os}/${local.os}_disk.raw.tar.gz gs://${var.gcs_bucket}/${local.os}/${local.image_family}-${var.build_number}.tar.gz",
"echo 'Creating ${local.image_family}-${var.build_number} image'",
"gcloud compute images create ${local.image_family}-${var.build_number} \\",
"--source-uri=gs://${var.gcs_bucket}/${local.os}/${local.image_family}-${var.build_number}.tar.gz \\",
"--family=${local.image_family}",
"rm -rf output"
]
}
Is there a way to redirect where packer is writing these temporary scripts for the shell-local post processor?