kubernetes-deployment
This module has been generated via dagger init and serves as a reference tobasic module structure as you get started with Dagger.
Two functions have been pre-created. You can modify, delete, or add to them,
as needed. They demonstrate usage of arguments and return types using simple
echo and grep commands. The functions can be called from the dagger CLI or
from one of the SDKs.
The first line in this comment block is a short description line and the
rest is a long description with more detail on the module's purpose or usage,
if appropriate. All modules should have a short description.
Installation
dagger install github.com/stuttgart-things/blueprints/kubernetes-deployment@v1.64.0Entrypoint
Return Type
KubernetesDeploymentExample
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
func (m *MyModule) Example() *dagger.KubernetesDeployment {
return dag.
KubernetesDeployment()
}@function
def example() -> dagger.KubernetesDeployment:
return (
dag.kubernetes_deployment()
)@func()
example(): KubernetesDeployment {
return dag
.kubernetesDeployment()
}Types
KubernetesDeployment 🔗
applyManifests() 🔗
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| manifestPattern | String | "*.yaml" | No description provided |
| sourceFiles | String | - | No description provided |
| sourceUrls | String | "" | No description provided |
| operation | String | "apply" | No description provided |
| kubeConfig | Secret | - | No description provided |
| namespace | String | "default" | No description provided |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
apply-manifestsfunc (m *MyModule) Example(ctx context.Context) string {
return dag.
KubernetesDeployment().
ApplyManifests(ctx)
}@function
async def example() -> str:
return await (
dag.kubernetes_deployment()
.apply_manifests()
)@func()
async example(): Promise<string> {
return dag
.kubernetesDeployment()
.applyManifests()
}deployHelmfile() 🔗
Return Type
Void !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| src | Directory | - | No description provided |
| helmfileRef | String | "helmfile.yaml" | No description provided |
| operation | String | "apply" | No description provided |
| registrySecret | Secret | - | No description provided |
| kubeConfig | Secret | - | No description provided |
| vaultAppRoleId | Secret | - | No description provided |
| vaultSecretId | Secret | - | No description provided |
| vaultUrl | Secret | - | No description provided |
| secretPathKubeconfig | String | - | No description provided |
| vaultAuthMethod | String | "approle" | No description provided |
| stateValues | String | - | Comma-separated key=value pairs for --state-values-set (e.g., "issuerName=cluster-issuer-approle,domain=demo.example.com") |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
deploy-helmfilefunc (m *MyModule) Example(ctx context.Context) {
return dag.
KubernetesDeployment().
DeployHelmfile(ctx)
}@function
async def example() -> None:
return await (
dag.kubernetes_deployment()
.deploy_helmfile()
)@func()
async example(): Promise<void> {
return dag
.kubernetesDeployment()
.deployHelmfile()
}deployMicroservices() 🔗
Return Type
Void !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| src | Directory | - | No description provided |
| helmfileRefs | String | "helmfile.yaml" | No description provided |
| operation | String | "apply" | No description provided |
| registrySecret | Secret | - | No description provided |
| kubeConfig | Secret | - | No description provided |
| vaultAppRoleId | Secret | - | No description provided |
| vaultSecretId | Secret | - | No description provided |
| vaultUrl | Secret | - | No description provided |
| secretPathKubeconfig | String | - | No description provided |
| vaultAuthMethod | String | "approle" | No description provided |
| stateValues | String | - | Comma-separated key=value pairs for --state-values-set (e.g., "issuerName=cluster-issuer-approle,domain=demo.example.com") |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
deploy-microservicesfunc (m *MyModule) Example(ctx context.Context) {
return dag.
KubernetesDeployment().
DeployMicroservices(ctx)
}@function
async def example() -> None:
return await (
dag.kubernetes_deployment()
.deploy_microservices()
)@func()
async example(): Promise<void> {
return dag
.kubernetesDeployment()
.deployMicroservices()
}fluxApplyConfig() 🔗
FluxApplyConfig applies rendered config (non-secret) manifests to the cluster.
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| configContent | String ! | - | Config YAML content |
| namespace | String | "flux-system" | Target namespace |
| kubeConfig | Secret ! | - | Kubeconfig secret for cluster access |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
flux-apply-config --config-content string --kube-config env:MYSECRETfunc (m *MyModule) Example(ctx context.Context, configContent string, kubeConfig *dagger.Secret) string {
return dag.
KubernetesDeployment().
FluxApplyConfig(ctx, configContent, kubeConfig)
}@function
async def example(config_content: str, kube_config: dagger.Secret) -> str:
return await (
dag.kubernetes_deployment()
.flux_apply_config(config_content, kube_config)
)@func()
async example(configContent: string, kubeConfig: Secret): Promise<string> {
return dag
.kubernetesDeployment()
.fluxApplyConfig(configContent, kubeConfig)
}fluxApplySecrets() 🔗
FluxApplySecrets applies secret manifests to the cluster.
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| secretContent | String ! | - | Secret YAML content |
| namespace | String | "flux-system" | Target namespace |
| kubeConfig | Secret ! | - | Kubeconfig secret for cluster access |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
flux-apply-secrets --secret-content string --kube-config env:MYSECRETfunc (m *MyModule) Example(ctx context.Context, secretContent string, kubeConfig *dagger.Secret) string {
return dag.
KubernetesDeployment().
FluxApplySecrets(ctx, secretContent, kubeConfig)
}@function
async def example(secret_content: str, kube_config: dagger.Secret) -> str:
return await (
dag.kubernetes_deployment()
.flux_apply_secrets(secret_content, kube_config)
)@func()
async example(secretContent: string, kubeConfig: Secret): Promise<string> {
return dag
.kubernetesDeployment()
.fluxApplySecrets(secretContent, kubeConfig)
}fluxBootstrap() 🔗
FluxBootstrap orchestrates a full Flux bootstrap lifecycle.
Phase order:
0: ValidateAgeKeyPair — fail fast on key mismatch
1: FluxRenderConfig — render all manifests
2: FluxEncryptSecrets — encrypt before committing
3: FluxCommitConfig — push to Git
4: FluxDeployOperator — install operator (Helmfile)
5: FluxApplyConfig — apply FluxInstance CR
6: FluxApplySecrets — apply AFTER operator is running
7: FluxVerifySecrets — confirm secrets exist
8: FluxWaitForReconciliation — wait for Flux to reconcile
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| ociSource | String | "ghcr.io/stuttgart-things/kcl-flux-instance:0.3.3" | OCI KCL module source for rendering Flux instance config |
| configParameters | String | - | Additional comma-separated key=value pairs for KCL parameters |
| fluxVersion | String | "2.4.0" | Flux instance version |
| entrypoint | String | "main.k" | KCL entrypoint file name |
| renderSecrets | Boolean | false | Whether KCL should also render Secret manifests |
| gitUsername | Secret | - | Git username for pull secret |
| gitPassword | Secret | - | GitHub token for git pull secret |
| sopsAgeKey | Secret | - | AGE private key for SOPS decryption (applied to cluster) |
| agePublicKey | Secret | - | AGE public key for encrypting secrets before git commit |
| sopsConfig | File | - | SOPS config file (.sops.yaml) |
| kubeConfig | Secret ! | - | Kubeconfig secret for cluster access |
| namespace | String | "flux-system" | Target namespace for Flux |
| repository | String | - | Repository in "owner/repo" format |
| branchName | String | "main" | Branch name for git operations |
| destinationPath | String | "clusters/" | Destination path within the repository |
| gitRef | String | "refs/heads/main" | Git reference for Flux source (e.g., refs/heads/main) |
| gitToken | Secret | - | GitHub token for git operations |
| helmfileRef | String | "helmfile.yaml" | Helmfile reference |
| src | Directory | - | Directory containing the helmfile |
| applySecrets | Boolean | true | Apply rendered secrets to cluster |
| encryptSecrets | Boolean | false | Encrypt secrets with SOPS before git commit |
| commitToGit | Boolean | false | Commit rendered config to git |
| deployOperator | Boolean | true | Deploy Flux operator via Helmfile |
| waitForReconciliation | Boolean | true | Wait for Flux reconciliation |
| reconciliationTimeout | String | "5m" | Timeout for reconciliation check |
| applyConfig | Boolean | false | Apply rendered config to cluster |
| fluxCliImage | String | "ghcr.io/fluxcd/flux-cli:v2.7.5" | Flux CLI container image |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
flux-bootstrap --kube-config env:MYSECRETfunc (m *MyModule) Example(ctx context.Context, kubeConfig *dagger.Secret) string {
return dag.
KubernetesDeployment().
FluxBootstrap(ctxkubeConfig)
}@function
async def example(kube_config: dagger.Secret) -> str:
return await (
dag.kubernetes_deployment()
.flux_bootstrap(kube_config)
)@func()
async example(kubeConfig: Secret): Promise<string> {
return dag
.kubernetesDeployment()
.fluxBootstrap(kubeConfig)
}fluxCommitConfig() 🔗
FluxCommitConfig commits rendered config and optional secrets to a Git repository.
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| configContent | String ! | - | Config YAML content to commit |
| repository | String ! | - | Repository in "owner/repo" format |
| branchName | String | "main" | Branch name for git operations |
| destinationPath | String | "clusters/" | Destination path within the repository |
| gitToken | Secret ! | - | GitHub token for git operations |
| secretsContent | String | - | Optional secrets YAML content to include in the commit |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
flux-commit-config --config-content string --repository string --git-token env:MYSECRETfunc (m *MyModule) Example(ctx context.Context, configContent string, repository string, gitToken *dagger.Secret) string {
return dag.
KubernetesDeployment().
FluxCommitConfig(ctx, configContent, repository, gitToken)
}@function
async def example(config_content: str, repository: str, git_token: dagger.Secret) -> str:
return await (
dag.kubernetes_deployment()
.flux_commit_config(config_content, repository, git_token)
)@func()
async example(configContent: string, repository: string, gitToken: Secret): Promise<string> {
return dag
.kubernetesDeployment()
.fluxCommitConfig(configContent, repository, gitToken)
}fluxDeployOperator() 🔗
FluxDeployOperator deploys the Flux operator via Helmfile.
Return Type
Void !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| kubeConfig | Secret ! | - | Kubeconfig secret for cluster access |
| helmfileRef | String | "helmfile.yaml" | Helmfile reference |
| src | Directory | - | Directory containing the helmfile |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
flux-deploy-operator --kube-config env:MYSECRETfunc (m *MyModule) Example(ctx context.Context, kubeConfig *dagger.Secret) {
return dag.
KubernetesDeployment().
FluxDeployOperator(ctx, kubeConfig)
}@function
async def example(kube_config: dagger.Secret) -> None:
return await (
dag.kubernetes_deployment()
.flux_deploy_operator(kube_config)
)@func()
async example(kubeConfig: Secret): Promise<void> {
return dag
.kubernetesDeployment()
.fluxDeployOperator(kubeConfig)
}fluxEncryptSecrets() 🔗
FluxEncryptSecrets encrypts secret YAML content with SOPS using the given AGE public key.
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| secretContent | String ! | - | Plain-text secret YAML content |
| agePublicKey | Secret ! | - | AGE public key for encryption |
| sopsConfig | File | - | SOPS config file (.sops.yaml) |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
flux-encrypt-secrets --secret-content string --age-public-key env:MYSECRETfunc (m *MyModule) Example(ctx context.Context, secretContent string, agePublicKey *dagger.Secret) string {
return dag.
KubernetesDeployment().
FluxEncryptSecrets(ctx, secretContent, agePublicKey)
}@function
async def example(secret_content: str, age_public_key: dagger.Secret) -> str:
return await (
dag.kubernetes_deployment()
.flux_encrypt_secrets(secret_content, age_public_key)
)@func()
async example(secretContent: string, agePublicKey: Secret): Promise<string> {
return dag
.kubernetesDeployment()
.fluxEncryptSecrets(secretContent, agePublicKey)
}fluxRenderConfig() 🔗
FluxRenderConfig renders the Flux instance configuration using a KCL module. Returns the full rendered YAML (multi-document).
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| ociSource | String | "ghcr.io/stuttgart-things/kcl-flux-instance:0.3.3" | OCI KCL module source |
| configParameters | String ! | - | Comma-separated key=value pairs for KCL parameters |
| entrypoint | String | "main.k" | KCL entrypoint file name |
| renderSecrets | Boolean | false | Whether KCL should also render Secret manifests |
| gitUsername | Secret | - | Git username for pull secret |
| gitPassword | Secret | - | GitHub token for git pull secret |
| sopsAgeKey | Secret | - | AGE private key for SOPS decryption (applied to cluster) |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
flux-render-config --config-parameters stringfunc (m *MyModule) Example(ctx context.Context, configParameters string) string {
return dag.
KubernetesDeployment().
FluxRenderConfig(ctxconfigParameters)
}@function
async def example(config_parameters: str) -> str:
return await (
dag.kubernetes_deployment()
.flux_render_config(config_parameters)
)@func()
async example(configParameters: string): Promise<string> {
return dag
.kubernetesDeployment()
.fluxRenderConfig(configParameters)
}fluxVerifySecrets() 🔗
FluxVerifySecrets auto-extracts secret names from the YAML and verifies they exist in the cluster.
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| secretContent | String ! | - | Secret YAML content (multi-document) |
| namespace | String | "flux-system" | Target namespace |
| kubeConfig | Secret ! | - | Kubeconfig secret for cluster access |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
flux-verify-secrets --secret-content string --kube-config env:MYSECRETfunc (m *MyModule) Example(ctx context.Context, secretContent string, kubeConfig *dagger.Secret) string {
return dag.
KubernetesDeployment().
FluxVerifySecrets(ctx, secretContent, kubeConfig)
}@function
async def example(secret_content: str, kube_config: dagger.Secret) -> str:
return await (
dag.kubernetes_deployment()
.flux_verify_secrets(secret_content, kube_config)
)@func()
async example(secretContent: string, kubeConfig: Secret): Promise<string> {
return dag
.kubernetesDeployment()
.fluxVerifySecrets(secretContent, kubeConfig)
}fluxWaitForReconciliation() 🔗
FluxWaitForReconciliation runs flux check with retry, reconciles sources, and gets all Flux resources.
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| namespace | String | "flux-system" | Target namespace |
| kubeConfig | Secret ! | - | Kubeconfig secret for cluster access |
| reconciliationTimeout | String | "5m" | Timeout for reconciliation check |
| fluxCliImage | String | "ghcr.io/fluxcd/flux-cli:v2.7.5" | Flux CLI container image |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
flux-wait-for-reconciliation --kube-config env:MYSECRETfunc (m *MyModule) Example(ctx context.Context, kubeConfig *dagger.Secret) string {
return dag.
KubernetesDeployment().
FluxWaitForReconciliation(ctxkubeConfig)
}@function
async def example(kube_config: dagger.Secret) -> str:
return await (
dag.kubernetes_deployment()
.flux_wait_for_reconciliation(kube_config)
)@func()
async example(kubeConfig: Secret): Promise<string> {
return dag
.kubernetesDeployment()
.fluxWaitForReconciliation(kubeConfig)
}installCustomResourceDefinitions() 🔗
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| kustomizeSources | String | - | No description provided |
| sourceUrls | String | "" | No description provided |
| operation | String | "apply" | No description provided |
| serverSide | Boolean | true | Use server-side apply (only valid with apply operation) |
| kubeConfig | Secret | - | No description provided |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
install-custom-resource-definitionsfunc (m *MyModule) Example(ctx context.Context) string {
return dag.
KubernetesDeployment().
InstallCustomResourceDefinitions(ctx)
}@function
async def example() -> str:
return await (
dag.kubernetes_deployment()
.install_custom_resource_definitions()
)@func()
async example(): Promise<string> {
return dag
.kubernetesDeployment()
.installCustomResourceDefinitions()
}validateAgeKeyPair() 🔗
ValidateAgeKeyPair derives the public key from the given AGE private key and verifies it matches the provided public key. Fails fast on mismatch.
Usage:
dagger call validate-age-key-pair --sops-age-key env:SOPS_AGE_KEY --age-public-key env:AGE_PUB
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| sopsAgeKey | Secret ! | - | AGE private key |
| agePublicKey | Secret ! | - | AGE public key to validate against |
Example
dagger -m github.com/stuttgart-things/blueprints/kubernetes-deployment@9d6fadeaaa3e602a8bdcd7af199561d7f8aa3674 call \
validate-age-key-pair --sops-age-key env:MYSECRET --age-public-key env:MYSECRETfunc (m *MyModule) Example(ctx context.Context, sopsAgeKey *dagger.Secret, agePublicKey *dagger.Secret) string {
return dag.
KubernetesDeployment().
ValidateAgeKeyPair(ctx, sopsAgeKey, agePublicKey)
}@function
async def example(sops_age_key: dagger.Secret, age_public_key: dagger.Secret) -> str:
return await (
dag.kubernetes_deployment()
.validate_age_key_pair(sops_age_key, age_public_key)
)@func()
async example(sopsAgeKey: Secret, agePublicKey: Secret): Promise<string> {
return dag
.kubernetesDeployment()
.validateAgeKeyPair(sopsAgeKey, agePublicKey)
}