vmtemplate
Packer and Vault, optionally driven by Git-hosted configurations.This module is designed for infrastructure automation involving dynamic VM
image generation in vSphere environments. It supports building templates via
Packer with secure secret injection from Vault (AppRole or token-based),
optionally sourcing the build configuration from a Git repository.
The primary function RunVsphereWorkflow orchestrates this process. It clones
a Packer configuration from Git or uses a provided local directory, then
invokes the Bake function to initialize and optionally build the template.
Secrets such as vSphere credentials or config values are fetched from Vault
and injected securely into the Packer process.
This module is well-suited for use within Dagger-based CI/CD pipelines or
automated image delivery systems. Its integration with Vault ensures secrets
never touch the disk, while Git integration makes the workflow reproducible.
Future enhancements planned include:
- Creating and validating test VMs from newly built templates
- Running Ansible-based verification and post-provisioning logic
- Performing automated template promotion and cleanup
- Supporting versioned GitOps-style workflows for image release
This documentation provides an overview of the current implementation and
serves as a foundation for extending the VM lifecycle automation further.
Installation
dagger install github.com/stuttgart-things/blueprints/vmtemplate@v1.72.0Entrypoint
Return Type
VmtemplateExample
dagger -m github.com/stuttgart-things/blueprints/vmtemplate@f3d10202deba4f1726692e874a8eb109b33b4184 call \
func (m *MyModule) Example() *dagger.Vmtemplate {
return dag.
Vmtemplate()
}@function
def example() -> dagger.Vmtemplate:
return (
dag.vmtemplate()
)@func()
example(): Vmtemplate {
return dag
.vmtemplate()
}Types
Vmtemplate 🔗
bake() 🔗
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| packerConfigDir | Directory ! | - | No description provided |
| packerConfig | String ! | - | No description provided |
| packerVersion | String | "1.13.1" | The Packer version to use |
| arch | String | "linux_amd64" | The Packer arch |
| initOnly | Boolean | false | If true, only init packer w/out build |
| vaultAddr | String | - | vaultAddr |
| vaultRoleId | Secret | - | vaultRoleID |
| vaultSecretId | Secret | - | vaultSecretID |
| vaultToken | Secret | - | vaultToken |
Example
dagger -m github.com/stuttgart-things/blueprints/vmtemplate@f3d10202deba4f1726692e874a8eb109b33b4184 call \
bake --packer-config-dir DIR_PATH --packer-config stringfunc (m *MyModule) Example(ctx context.Context, packerConfigDir *dagger.Directory, packerConfig string) string {
return dag.
Vmtemplate().
Bake(ctx, packerConfigDir, packerConfig)
}@function
async def example(packer_config_dir: dagger.Directory, packer_config: str) -> str:
return await (
dag.vmtemplate()
.bake(packer_config_dir, packer_config)
)@func()
async example(packerConfigDir: Directory, packerConfig: string): Promise<string> {
return dag
.vmtemplate()
.bake(packerConfigDir, packerConfig)
}cloneGitRepository() 🔗
Return Type
Directory !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| scm | String | "github" | Source code management (SCM) version to use |
| repository | String ! | - | No description provided |
| token | Secret ! | - | No description provided |
Example
dagger -m github.com/stuttgart-things/blueprints/vmtemplate@f3d10202deba4f1726692e874a8eb109b33b4184 call \
clone-git-repository --repository string --token env:MYSECRETfunc (m *MyModule) Example(repository string, token *dagger.Secret) *dagger.Directory {
return dag.
Vmtemplate().
CloneGitRepository(repository, token)
}@function
def example(repository: str, token: dagger.Secret) -> dagger.Directory:
return (
dag.vmtemplate()
.clone_git_repository(repository, token)
)@func()
example(repository: string, token: Secret): Directory {
return dag
.vmtemplate()
.cloneGitRepository(repository, token)
}renderAndCommit() 🔗
RenderAndCommit renders templates and optionally commits the result to a GitHub branch with an optional pull request.
Return Type
Directory !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| packerTemplatesDir | Directory ! | - | Directory containing packer template files (.tmpl) |
| packerTemplates | String ! | - | Comma-separated list of packer template files to render |
| testVmTemplatesDir | Directory | - | Directory containing test VM template files (.tmpl) |
| testVmTemplates | String | - | Comma-separated list of test VM template files to render |
| buildDir | Directory ! | - | Directory containing build-specific variables and static files |
| envDir | Directory | - | Additional directory containing shared variable files (e.g., environment configs) |
| variablesFiles | String ! | - | Comma-separated list of YAML variable files to merge, in priority order (last wins) |
| overrides | String | - | Comma-separated key=value overrides with highest priority (e.g., "isoChecksum=abc123,cpus=16") |
| repository | String | - | GitHub repository (e.g., "stuttgart-things/stuttgart-things") |
| token | Secret | - | GitHub authentication token |
| branchName | String | - | Branch name for the commit |
| baseBranch | String | "main" | Base branch to create from |
| createBranch | Boolean | false | Create a new branch before committing |
| commitConfig | Boolean | false | Commit rendered files to the branch |
| createPullRequest | Boolean | false | Create a pull request after committing |
| commitMessage | String | - | Commit message |
| packerDestinationPath | String | - | Destination path in the repository for packer files |
| testVmDestinationPath | String | - | Destination path in the repository for test VM files |
| pullRequestTitle | String | - | Pull request title |
| pullRequestBody | String | - | Pull request body |
Example
dagger -m github.com/stuttgart-things/blueprints/vmtemplate@f3d10202deba4f1726692e874a8eb109b33b4184 call \
render-and-commit --packer-templates-dir DIR_PATH --packer-templates string --build-dir DIR_PATH --variables-files stringfunc (m *MyModule) Example(packerTemplatesDir *dagger.Directory, packerTemplates string, buildDir *dagger.Directory, variablesFiles string) *dagger.Directory {
return dag.
Vmtemplate().
RenderAndCommit(packerTemplatesDir, packerTemplates, buildDir, variablesFiles)
}@function
def example(packer_templates_dir: dagger.Directory, packer_templates: str, build_dir: dagger.Directory, variables_files: str) -> dagger.Directory:
return (
dag.vmtemplate()
.render_and_commit(packer_templates_dir, packer_templates, build_dir, variables_files)
)@func()
example(packerTemplatesDir: Directory, packerTemplates: string, buildDir: Directory, variablesFiles: string): Directory {
return dag
.vmtemplate()
.renderAndCommit(packerTemplatesDir, packerTemplates, buildDir, variablesFiles)
}renderBuildConfig() 🔗
RenderBuildConfig renders templates by merging multiple YAML variable files (environment + OS + build overrides) into a single context. Later files override earlier ones. Returns a directory with rendered files.
Return Type
Directory !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| templatesDir | Directory ! | - | Directory containing the template files (.tmpl) |
| templates | String ! | - | Comma-separated list of template files to render |
| buildDir | Directory ! | - | Directory containing build-specific variable files and static files |
| variablesFiles | String ! | - | Comma-separated list of YAML variable files to merge, in order of priority (last wins) |
| envDir | Directory | - | Additional directory containing shared variable files (e.g., environment configs) |
| overrides | String | - | Comma-separated key=value overrides with highest priority (e.g., "isoChecksum=abc123,cpus=16") |
Example
dagger -m github.com/stuttgart-things/blueprints/vmtemplate@f3d10202deba4f1726692e874a8eb109b33b4184 call \
render-build-config --templates-dir DIR_PATH --templates string --build-dir DIR_PATH --variables-files stringfunc (m *MyModule) Example(templatesDir *dagger.Directory, templates string, buildDir *dagger.Directory, variablesFiles string) *dagger.Directory {
return dag.
Vmtemplate().
RenderBuildConfig(templatesDir, templates, buildDir, variablesFiles)
}@function
def example(templates_dir: dagger.Directory, templates: str, build_dir: dagger.Directory, variables_files: str) -> dagger.Directory:
return (
dag.vmtemplate()
.render_build_config(templates_dir, templates, build_dir, variables_files)
)@func()
example(templatesDir: Directory, templates: string, buildDir: Directory, variablesFiles: string): Directory {
return dag
.vmtemplate()
.renderBuildConfig(templatesDir, templates, buildDir, variablesFiles)
}runVsphereWorkflow() 🔗
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| packerConfig | String ! | - | The Packer configuration file name (after rendering, e.g., "vsphere-base-os.pkr.hcl") |
| packerVersion | String | "1.13.1" | The Packer version to use |
| arch | String | "linux_amd64" | The Packer arch |
| initOnly | Boolean | false | If true, only init packer w/out build |
| vaultAddr | String | - | vaultAddr |
| vaultRoleId | Secret | - | vaultRoleID |
| vaultSecretId | Secret | - | vaultSecretID |
| vaultToken | Secret | - | vaultToken |
| packerTemplatesDir | Directory ! | - | Directory containing packer template files (.tmpl), e.g., packer/templates/packer |
| packerTemplates | String ! | - | Comma-separated list of packer template files to render (e.g., "vsphere-base-os.pkr.hcl.tmpl,user-data.tmpl") |
| testVmTemplatesDir | Directory | - | Directory containing test VM template files (.tmpl), e.g., packer/templates/test-vm |
| testVmTemplates | String | - | Comma-separated list of test VM template files to render (e.g., "test-vm.tf.tmpl,state.tf.tmpl") |
| buildDir | Directory ! | - | Directory containing build-specific variables and static files (e.g., base-os.yaml, meta-data) |
| envDir | Directory | - | Directory containing shared environment variable files (e.g., packer/environments) |
| variablesFiles | String ! | - | Comma-separated list of YAML variable files to merge, in priority order (last wins) |
| overrides | String | - | Comma-separated key=value overrides with highest priority (e.g., "isoChecksum=abc123,cpus=16") |
| testVm | Boolean | false | Enable test VM creation and validation before promotion |
| testPlaybooks | String | - | Comma-separated Ansible playbook paths for test VM validation |
| testRequirements | File | - | Ansible requirements file for test playbooks |
| ansibleWaitTimeout | Integer | 30 | Seconds to wait for test VM before running Ansible |
| sshUser | Secret | - | SSH user for test VM |
| sshPassword | Secret | - | SSH password for test VM |
| ansibleParameters | String | - | Ansible parameters for test playbooks (e.g., "key1=value1,key2=value2") |
| ansibleInventoryType | String | "simple" | Ansible inventory type: "simple" or "cluster" |
| promoteTemplate | Boolean | false | Enable golden image promotion (rename, move, delete old) |
| goldenTemplateName | String | - | Target name for the golden template (e.g., "ubuntu25-base") |
| goldenTemplateFolder | String | - | vCenter folder to move the golden template to (e.g., "/LabUL/vm/golden") |
| vcenter | Secret | - | vCenter URL for govc operations |
| vcenterUsername | Secret | - | vCenter username for govc operations |
| vcenterPassword | Secret | - | vCenter password for govc operations |
Example
dagger -m github.com/stuttgart-things/blueprints/vmtemplate@f3d10202deba4f1726692e874a8eb109b33b4184 call \
run-vsphere-workflow --packer-config string --packer-templates-dir DIR_PATH --packer-templates string --build-dir DIR_PATH --variables-files stringfunc (m *MyModule) Example(ctx context.Context, packerConfig string, packerTemplatesDir *dagger.Directory, packerTemplates string, buildDir *dagger.Directory, variablesFiles string) string {
return dag.
Vmtemplate().
RunVsphereWorkflow(ctx, packerConfig, packerTemplatesDir, packerTemplates, buildDir, variablesFiles)
}@function
async def example(packer_config: str, packer_templates_dir: dagger.Directory, packer_templates: str, build_dir: dagger.Directory, variables_files: str) -> str:
return await (
dag.vmtemplate()
.run_vsphere_workflow(packer_config, packer_templates_dir, packer_templates, build_dir, variables_files)
)@func()
async example(packerConfig: string, packerTemplatesDir: Directory, packerTemplates: string, buildDir: Directory, variablesFiles: string): Promise<string> {
return dag
.vmtemplate()
.runVsphereWorkflow(packerConfig, packerTemplatesDir, packerTemplates, buildDir, variablesFiles)
}