configuration
This module provides functions for configuration management tasks includingtemplating, validation, and deployment of configuration artifacts. It integrates
with dependencies, git, and templating modules to enable automated configuration
workflows within Dagger pipelines.
Installation
dagger install github.com/stuttgart-things/blueprints/configuration@v1.82.0Entrypoint
Return Type
ConfigurationExample
dagger -m github.com/stuttgart-things/blueprints/configuration@f058d5b64f209dd2ad2394cb8381f099eb95a36b call \
func (m *MyModule) Example() *dagger.Configuration {
return dag.
Configuration()
}@function
def example() -> dagger.Configuration:
return (
dag.configuration()
)@func()
example(): Configuration {
return dag
.configuration()
}Types
Configuration 🔗
analyzeConfigString() 🔗
AnalyzeConfigString parses a key=value configuration string and validates mandatory keys Dagger-compatible wrapper that returns JSON string representation of the map
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| configString | String ! | - | No description provided |
| mandatoryKeys | String ! | - | Comma-separated list of mandatory keys (e.g., "name,template,disk") |
Example
dagger -m github.com/stuttgart-things/blueprints/configuration@f058d5b64f209dd2ad2394cb8381f099eb95a36b call \
analyze-config-string --config-string string --mandatory-keys stringfunc (m *MyModule) Example(ctx context.Context, configString string, mandatoryKeys string) string {
return dag.
Configuration().
AnalyzeConfigString(ctx, configString, mandatoryKeys)
}@function
async def example(config_string: str, mandatory_keys: str) -> str:
return await (
dag.configuration()
.analyze_config_string(config_string, mandatory_keys)
)@func()
async example(configString: string, mandatoryKeys: string): Promise<string> {
return dag
.configuration()
.analyzeConfigString(configString, mandatoryKeys)
}createAnsibleRequirementFiles() 🔗
Return Type
Directory !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| src | Directory | - | No description provided |
| templatePaths | String | "https://raw.githubusercontent.com/stuttgart-things/ansible/refs/heads/main/templates/requirements.yaml.tmpl" | No description provided |
| dataFile | String | "https://raw.githubusercontent.com/stuttgart-things/ansible/refs/heads/main/templates/requirements-data.yaml" | Path to YAML or JSON file containing template data (supports HTTPS URLs) |
| strictMode | Boolean | false | No description provided |
Example
dagger -m github.com/stuttgart-things/blueprints/configuration@f058d5b64f209dd2ad2394cb8381f099eb95a36b call \
create-ansible-requirement-filesfunc (m *MyModule) Example() *dagger.Directory {
return dag.
Configuration().
CreateAnsibleRequirementFiles()
}@function
def example() -> dagger.Directory:
return (
dag.configuration()
.create_ansible_requirement_files()
)@func()
example(): Directory {
return dag
.configuration()
.createAnsibleRequirementFiles()
}createSecretsFile() 🔗
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| ageKey | Secret ! | - | Private AGE key secret used for SOPS decrypt (AGE-SECRET-KEY-...) |
| encryptedDataFile | File ! | - | SOPS-encrypted data file (YAML/JSON) whose values feed the template |
| templateFile | File ! | - | Go template file (e.g. secret.json.tmpl) rendered against the decrypted data |
| ageRecipient | Secret | - | Public AGE recipient secret used for SOPS re-encrypt (age1...); required when encrypt=true |
| fileExtension | String | "json" | File extension for the SOPS-encrypted output |
| sopsConfig | File | - | Optional .sops.yaml used for both decrypt and encrypt |
| encrypt | Boolean | "true" | When true, SOPS-encrypt the rendered file; when false, return the plaintext render |
Example
dagger -m github.com/stuttgart-things/blueprints/configuration@f058d5b64f209dd2ad2394cb8381f099eb95a36b call \
create-secrets-file --age-key env:MYSECRET --encrypted-data-file file:path --template-file file:pathfunc (m *MyModule) Example(ageKey *dagger.Secret, encryptedDataFile *dagger.File, templateFile *dagger.File) *dagger.File {
return dag.
Configuration().
CreateSecretsFile(ageKey, encryptedDataFile, templateFile)
}@function
def example(age_key: dagger.Secret, encrypted_data_file: dagger.File, template_file: dagger.File) -> dagger.File:
return (
dag.configuration()
.create_secrets_file(age_key, encrypted_data_file, template_file)
)@func()
example(ageKey: Secret, encryptedDataFile: File, templateFile: File): File {
return dag
.configuration()
.createSecretsFile(ageKey, encryptedDataFile, templateFile)
}getVmSize() 🔗
GetVmSize returns a formatted string for VM configuration based on t-shirt size.
This is a Dagger function that can be called via dagger call get-vm-size.
Example:
dagger call get-vm-size --config-file=vm_tshirt_sizes.yaml --size=small
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| configFile | File ! | - | YAML file containing VM t-shirt sizes |
| size | String ! | - | T-shirt size: small, medium, large, or xlarge |
Example
dagger -m github.com/stuttgart-things/blueprints/configuration@f058d5b64f209dd2ad2394cb8381f099eb95a36b call \
get-vm-size --config-file file:path --size stringfunc (m *MyModule) Example(ctx context.Context, configFile *dagger.File, size string) string {
return dag.
Configuration().
GetVmSize(ctx, configFile, size)
}@function
async def example(config_file: dagger.File, size: str) -> str:
return await (
dag.configuration()
.get_vm_size(config_file, size)
)@func()
async example(configFile: File, size: string): Promise<string> {
return dag
.configuration()
.getVmSize(configFile, size)
}renderFluxKustomization() 🔗
Return Type
Directory !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| src | Directory | - | No description provided |
| ociSource | String | - | OCI source path (e.g., oci://ghcr.io/stuttgart-things/kcl-flux-instance) |
| configParameters | String | - | KCL parameters as comma-separated key=value pairs |
| entrypoint | String | "main.k" | Entry point file name |
| fileName | String | "kustomization" | Output file name for rendered Kustomization |
| fileExtension | String | "yaml" | Output file name for rendered Kustomization |
| repository | String | - | Repository in format "owner/repo" |
| baseBranch | String | "main" | No description provided |
| branchName | String | - | Name of the new branch to create |
| destinationPath | String | "flux/" | Destination path within the repository (e.g., "flux/" or "clusters/prod/") |
| createBranch | Boolean | "false" | No description provided |
| commitChanges | Boolean | "false" | No description provided |
| applyToCluster | Boolean | "false" | No description provided |
| kubeConfig | Secret | - | Kubeconfig secret for authentication |
| namespace | String | "flux-system" | Namespace for the operation |
| token | Secret | - | GitHub token for authentication |
Example
dagger -m github.com/stuttgart-things/blueprints/configuration@f058d5b64f209dd2ad2394cb8381f099eb95a36b call \
render-flux-kustomizationfunc (m *MyModule) Example() *dagger.Directory {
return dag.
Configuration().
RenderFluxKustomization()
}@function
def example() -> dagger.Directory:
return (
dag.configuration()
.render_flux_kustomization()
)@func()
example(): Directory {
return dag
.configuration()
.renderFluxKustomization()
}renderMetadata() 🔗
RenderMetadata renders a README template with variables from multiple YAML files Multiple variables files are merged before rendering (comma-separated) Example usage:
dagger call render-readme \
--src ./tests/configuration \
--template-path README.md.tmpl \
--data-files vm-ansible.yaml,additional-vars.yaml
Return Type
Directory !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| src | Directory | - | Source directory containing template and variables files |
| configParameters | String | - | Configuration parameters as key=value pairs (comma-separated) |
| templatePath | String | "README.md.tmpl" | Path to template file |
| dataFiles | String | "data.yaml" | Path(s) to YAML or JSON file(s) containing template data Multiple files can be comma-separated and will be merged in order |
| strictMode | Boolean | false | No description provided |
Example
dagger -m github.com/stuttgart-things/blueprints/configuration@f058d5b64f209dd2ad2394cb8381f099eb95a36b call \
render-metadatafunc (m *MyModule) Example() *dagger.Directory {
return dag.
Configuration().
RenderMetadata()
}@function
def example() -> dagger.Directory:
return (
dag.configuration()
.render_metadata()
)@func()
example(): Directory {
return dag
.configuration()
.renderMetadata()
}terraformApply() 🔗
TerraformApply decrypts SOPS-encrypted files, optionally retrieves a Kubernetes secret (e.g. VAULT_TOKEN), and runs terraform initReturns the terraform working directory after execution.
Return Type
Directory !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| terraformDir | Directory ! | - | Directory containing terraform configurations |
| sopsAgeKey | Secret | - | AGE key for SOPS decryption |
| encryptedFiles | String | - | Comma-separated list of SOPS-encrypted file paths to decrypt (e.g. "terraform.tfvars.sops.json,secrets.sops.yaml") |
| operation | String | "apply" | Terraform operation to execute |
| variables | String | - | Comma-separated terraform variables (e.g. "name=patrick,food=schnitzel") |
| kubeConfig | Secret | - | Kubeconfig secret for Kubernetes state backend access (plaintext) |
| kubeConfigPath | String | "/root/.kube/config" | Path to mount the kubeconfig inside the container (must match backend config_path in backend.tf) |
| encryptedKubeConfig | File | - | SOPS-encrypted kubeconfig file (e.g. secrets/kubeconfigs/infra-sthings.yaml); decrypted with sopsAgeKey and used for kubectl |
| kubeSecretName | String | - | Kubernetes secret name to read (e.g. "vault-root-token") |
| kubeSecretNamespace | String | - | Kubernetes namespace for the secret |
| kubeSecretJsonpath | String | - | JSONPath expression to extract from the Kubernetes secret (e.g. ".data.root_token") |
| kubeSecretTfVar | String | - | Terraform variable name to set from the Kubernetes secret value (e.g. "vault_token" becomes -var vault_token=<value>) |
| envVars | String | - | Additional environment variables as comma-separated key=value pairs (e.g. "VAULT_ADDR=https://vault.example.com,VAULT_SKIP_VERIFY=true") |
| awsAccessKeyId | Secret | - | AWS access key ID for S3/MinIO backend |
| awsSecretAccessKey | Secret | - | AWS secret access key for S3/MinIO backend |
| vaultRoleId | Secret | - | Vault role ID secret |
| vaultSecretId | Secret | - | Vault secret ID secret |
| vaultToken | Secret | - | Vault token secret |
| exportTfOutput | Boolean | - | Run terraform output --json after apply and write result to output.json in the returned directory |
Example
dagger -m github.com/stuttgart-things/blueprints/configuration@f058d5b64f209dd2ad2394cb8381f099eb95a36b call \
terraform-apply --terraform-dir DIR_PATHfunc (m *MyModule) Example(terraformDir *dagger.Directory) *dagger.Directory {
return dag.
Configuration().
TerraformApply(terraformDir)
}@function
def example(terraform_dir: dagger.Directory) -> dagger.Directory:
return (
dag.configuration()
.terraform_apply(terraform_dir)
)@func()
example(terraformDir: Directory): Directory {
return dag
.configuration()
.terraformApply(terraformDir)
}terraformOutput() 🔗
TerraformOutput retrieves terraform outputs as JSON from an already-applied terraform directory (returned by TerraformApply).
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| terraformDir | Directory ! | - | Directory containing terraform state (output of TerraformApply) |
| awsAccessKeyId | Secret | - | AWS access key ID for S3/MinIO backend |
| awsSecretAccessKey | Secret | - | AWS secret access key for S3/MinIO backend |
| kubeConfig | Secret | - | Kubeconfig secret for Kubernetes backend access |
| kubeConfigPath | String | "/root/.kube/config" | Path to mount the kubeconfig inside the container (must match backend config_path in backend.tf) |
Example
dagger -m github.com/stuttgart-things/blueprints/configuration@f058d5b64f209dd2ad2394cb8381f099eb95a36b call \
terraform-output --terraform-dir DIR_PATHfunc (m *MyModule) Example(ctx context.Context, terraformDir *dagger.Directory) string {
return dag.
Configuration().
TerraformOutput(ctx, terraformDir)
}@function
async def example(terraform_dir: dagger.Directory) -> str:
return await (
dag.configuration()
.terraform_output(terraform_dir)
)@func()
async example(terraformDir: Directory): Promise<string> {
return dag
.configuration()
.terraformOutput(terraformDir)
}vsphereVm() 🔗
Return Type
Directory !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| src | Directory ! | - | No description provided |
| configParameters | String | - | No description provided |
| variablesFile | String | - | No description provided |
| templatePaths | String | "https://raw.githubusercontent.com/stuttgart-things/vsphere-vm/refs/heads/main/templates/vm.tf.tmpl,https://raw.githubusercontent.com/stuttgart-things/vsphere-vm/refs/heads/main/templates/README.md.tmpl" | No description provided |
| repository | String | - | Repository in format "owner/repo" |
| branchName | String | - | Name of the new branch to create |
| baseBranch | String | "main" | Base ref/branch to create from (e.g., "main", "develop") |
| token | Secret | - | GitHub token for authentication |
| createBranch | Boolean | "false" | No description provided |
| renderAnsibleRequirements | Boolean | "true" | No description provided |
| ansibleRequirementsTemplate | String | "https://raw.githubusercontent.com/stuttgart-things/ansible/refs/heads/main/templates/requirements.yaml.tmpl" | No description provided |
| ansibleRequirementsData | String | "https://raw.githubusercontent.com/stuttgart-things/ansible/refs/heads/main/templates/requirements-data.yaml" | No description provided |
| renderExecutionfile | Boolean | "true" | No description provided |
| executionfileData | String | "https://raw.githubusercontent.com/stuttgart-things/blueprints/refs/heads/main/tests/vm/execution-vars.yaml" | No description provided |
| executionfileTemplate | String | "https://raw.githubusercontent.com/stuttgart-things/blueprints/refs/heads/main/tests/vm/execution.yaml.tmpl" | No description provided |
| commitConfig | Boolean | "false" | No description provided |
| createPullRequest | Boolean | "false" | No description provided |
| commitMessage | String | "" | No description provided |
| destinationFolder | String | "" | No description provided |
| destinationBasePath | String | "./" | No description provided |
| authorName | String | "" | No description provided |
| authorEmail | String | "" | No description provided |
| pullRequestTitle | String | "" | No description provided |
| pullRequestBody | String | "" | No description provided |
Example
dagger -m github.com/stuttgart-things/blueprints/configuration@f058d5b64f209dd2ad2394cb8381f099eb95a36b call \
vsphere-vm --src DIR_PATHfunc (m *MyModule) Example(src *dagger.Directory) *dagger.Directory {
return dag.
Configuration().
VsphereVm(src)
}@function
def example(src: dagger.Directory) -> dagger.Directory:
return (
dag.configuration()
.vsphere_vm(src)
)@func()
example(src: Directory): Directory {
return dag
.configuration()
.vsphereVm(src)
}