Skip to content

GoCodeAlone/workflow-plugin-digitalocean

BranchesTags

Repository files navigation

workflow-plugin-digitalocean

Verified — used in production at buymywishlist, core-dump, workflow-compute. This plugin has been validated end-to-end in a merged main-branch wfctl.yaml of an active GoCodeAlone project.

DigitalOcean IaC provider for the GoCodeAlone/workflow engine. Manages App Platform, App Platform domains, DOKS, databases, Redis cache, load balancers, VPC, firewall, DNS, Spaces, DOCR, certificates, Droplets, Block Storage volumes, IAM (declared), and API gateway resources via wfctl infra.

Supported resource types

Type Description
infra.container_service DigitalOcean App Platform service
infra.app_domain App Platform domain binding
infra.k8s_cluster DigitalOcean Kubernetes (DOKS)
infra.database Managed database (PostgreSQL, MySQL, Redis, MongoDB)
infra.cache Managed Redis cache
infra.load_balancer Load balancer
infra.vpc Virtual Private Cloud
infra.firewall Cloud firewall (Droplet/DOKS tag-based)
infra.dns DNS domain, records, and targeted stale-record removal
infra.storage Spaces object storage
infra.registry DigitalOcean Container Registry (DOCR)
infra.certificate TLS certificate
infra.droplet Droplet (VM)
infra.volume Block Storage volume
infra.iam_role IAM role (declarative)
infra.api_gateway API gateway

Quick start

See examples/minimal/config.yaml for a minimal working configuration.

wfctl infra plan   --env staging
wfctl infra apply  --env staging

DNS stale-record removal

infra.dns is not authoritative for every record in a zone. Use absent_records to delete specific stale records while leaving unmanaged records intact.

resources:
  - name: site-dns
    type: infra.dns
    config:
      domain: example.com
      absent_records:
        - type: CNAME
          name: www
          data: example.com.

data is optional. When omitted, every record matching type and name is deleted. When set for hostname-like records such as CNAME, MX, NS, and SRV, matching ignores case and a trailing dot.

DNS reads and imports preserve a provider-neutral authority output alongside the legacy authoritative_nameservers list:

{
  "authority": {
    "role": "authoritative_dns",
    "dns_host": "DigitalOcean",
    "name_servers": ["ns1.digitalocean.com", "ns2.digitalocean.com", "ns3.digitalocean.com"]
  }
}

The nested shape matches Workflow DNS replay fixtures while keeping existing flat outputs stable for current consumers.

Deployment strategies

  • Deployment strategies — what AppDeployDriver, AppBlueGreenDriver, and AppCanaryDriver actually do on DO App Platform, including the in-rollout availability probe and the InstanceCount<2 single-instance non-guarantee.

Requirements

  • workflow engine ≥ 0.57.1
  • DIGITALOCEAN_TOKEN environment variable set to a valid DO personal access token

Contributing

See CONTRIBUTING.md.

About

No description or website provided.

Topics

workflow-plugin workflow-verified

Resources

Readme

License

MIT license

Contributing

Contributing
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 97

v2.1.9 Latest
Jun 3, 2026
+ 96 releases

Packages

 
 
 

Contributors

Languages