Dapr workflow orchestration for infrastructure automation — golden image builds, provisioning, and more.
This repository contains Dapr durable workflows that orchestrate infrastructure automation tasks. Workflows run as Go services on Kubernetes with Dapr sidecar injection, calling Dagger modules as building blocks.
| Workflow | Description | Status |
|---|---|---|
| golden-image-build | Render → packer build → test VM → promote golden image | Planned |
| backstage-template-execution | Trigger Backstage scaffolder templates, poll the task to completion, optionally watch a follow-up GitHub Actions run, and auto-merge the resulting PR | Working |
End-to-end orchestration around a Backstage scaffolder template:
- POST to
/api/scaffolder/v2/tasks(or/dry-run) to start the template - Poll the scaffolder task until it reaches
completed/failed/cancelled - Optionally poll a GitHub Actions workflow run on a deterministic branch (the activity skips runs that completed with conclusion
skipped, e.g. PRs that fired before labels were applied) - Optionally squash/merge/rebase-merge the PR once the GH run reaches
success
Inputs are passed as JSON; the worker reads GITHUB_TOKEN from its environment for the GH-watch + merge activities. See backstage-template-execution/input.json (create flow) and backstage-template-execution/input-delete.json (delete flow) for examples wired against the create-terraform-vm and delete-terraform-vm Backstage templates.
cd backstage-template-execution
export DAPR_SERVICE_TOKEN=... # Backstage scaffolder token
export GITHUB_TOKEN=... # PAT with repo scope (actions:read + pull_requests:write)
dapr run --app-id backstage-tpl --dapr-http-port 3500 -- go run .
# in another terminal
./run.sh # uses input.json
./run.sh input-delete.json
./run.sh status <id>wget -q https://raw.githubusercontent.com/dapr/cli/master/install/install.sh -O - | /bin/bash
dapr initSee docs/setup/dapr-cli.md for details.
Patrick Hermann, stuttgart-things (2025-2026)
Licensed under the Apache License 2.0.