The kubiya_inline_source resource allows you to define tools and workflows directly in your Terraform configuration. This is ideal for custom tools, quick prototypes, and workflows that don’t require a separate Git repository. For Git-based sources, use the kubiya_source resource instead.
Inline sources are perfect for custom automation that’s tightly coupled with your infrastructure configuration, enabling rapid prototyping and deployment-specific tools.

Container-First Architecture

Kubiya uses a container-first architecture where every tool is backed by a Docker image. This ensures:
  • Secure, isolated execution environments - Each tool runs in its own container
  • Predictable and reproducible results - Consistent execution across environments
  • Language-agnostic tool implementation - Support for any programming language
  • Easy integration with existing containerized workflows - Leverage existing Docker images

Prerequisites

Before using this resource, ensure you have:
  1. A Kubiya account with API access
  2. An API key (generated from Kubiya dashboard under Admin → Kubiya API Keys)
  3. Docker images accessible from your runner environment
  4. Understanding of tool and workflow structure in Kubiya

Quick Start

resource "kubiya_inline_source" "hello_tool" {
  name   = "hello-world-tool"
  runner = "kubiya-hosted"
  
  tools = jsonencode([
    {
      name        = "say-hello"
      description = "A simple greeting tool"
      type        = "docker"
      image       = "alpine:latest"
      content     = "echo 'Hello, World!'"
    }
  ])
}

resource "kubiya_agent" "basic_agent" {
  name         = "greeting-agent"
  runner       = "kubiya-hosted"
  description  = "Agent with hello world tool"
  instructions = "You are a friendly agent that can greet users."
  
  sources = [kubiya_inline_source.hello_tool.id]
}

Configuration Examples

Create automation workflows for deployment processes:
resource "kubiya_inline_source" "deployment_workflows" {
  name   = "deployment-automation"
  runner = "kubiya-hosted"
  
  workflows = jsonencode([
    {
      name        = "blue-green-deployment"
      description = "Blue-green deployment strategy"
      steps = [
        {
          name        = "validate-config"
          description = "Validate deployment configuration"
          executor = {
            type = "command"
            config = {
              command = "kubectl apply --dry-run=client -f deployment.yaml"
            }
          }
        },
        {
          name        = "deploy-green"
          description = "Deploy green environment"
          depends     = ["validate-config"]
          executor = {
            type = "command"
            config = {
              command = "kubectl apply -f green-deployment.yaml"
            }
          }
        },
        {
          name        = "health-check"
          description = "Check green environment health"
          depends     = ["deploy-green"]
          executor = {
            type = "command"
            config = {
              command = "kubectl wait --for=condition=ready pod -l version=green --timeout=300s"
            }
          }
          output = "HEALTH_STATUS"
        },
        {
          name        = "switch-traffic"
          description = "Switch traffic to green"
          depends     = ["health-check"]
          executor = {
            type = "command"
            config = {
              command = "kubectl patch service app -p '{\"spec\":{\"selector\":{\"version\":\"green\"}}}'"
            }
          }
        }
      ]
    }
  ])
}

resource "kubiya_agent" "deployment_agent" {
  name         = "deployment-orchestrator"
  runner       = "kubiya-hosted"
  description  = "Deployment automation agent"
  instructions = "You orchestrate deployments using blue-green strategy."
  
  sources = [kubiya_inline_source.deployment_workflows.id]
}

Advanced Configurations

Arguments Reference

Required Arguments

name
string
required
The name of the inline source. Must be unique within your organization.

Optional Arguments

runner
string
default:"kubiya-hosted"
The runner to use for executing tools and workflows from this source.
tools
string
JSON-encoded array of inline tool definitions. Each tool defines a containerized executable.
workflows
string
JSON-encoded array of workflow definitions. Each workflow defines a multi-step automation process.
dynamic_config
string
JSON-encoded configuration for dynamic parameters and source-level settings.

Tool Definition Structure

tools[].name
string
required
Unique identifier for the tool.
tools[].description
string
required
Human-readable description of what the tool does.
tools[].type
string
required
Execution type (usually “docker” for containerized tools).
tools[].image
string
required
Docker image to use for tool execution.
tools[].content
string
required
Command or script to execute within the container.
tools[].with_files
array
Optional files to create in the container before execution:
tools[].with_files[].destination
string
required
File path within the container where the file should be created.
tools[].with_files[].content
string
required
Content of the file to be created.
tools[].args
array
Optional arguments that the tool accepts:
tools[].args[].name
string
required
Name of the argument (used as environment variable).
tools[].args[].type
string
required
Type of the argument (e.g., “string”, “number”, “boolean”).
tools[].args[].description
string
required
Description of what the argument is used for.
tools[].args[].required
boolean
default:"false"
Whether the argument is required for tool execution.
tools[].args[].default
string
Default value for the argument if not provided.

Workflow Definition Structure

workflows[].name
string
required
Name identifier for the workflow.
workflows[].description
string
required
Description of the workflow’s purpose.
workflows[].steps
array
required
Array of workflow steps defining the execution sequence:
workflows[].steps[].name
string
required
Unique name for the step within the workflow.
workflows[].steps[].description
string
Optional description of what the step does.
workflows[].steps[].executor
object
required
Executor configuration defining how the step runs:
  • type: “tool”, “command”, or “agent”
  • config: Configuration specific to the executor type
workflows[].steps[].depends
array
Array of step names that must complete before this step runs.
workflows[].steps[].output
string
Variable name to store the step’s output for use in subsequent steps.

Attributes Reference

In addition to all arguments above, the following attributes are exported:
id
string
The unique identifier of the inline source.
type
string
The computed type of the source (always “inline”).

Import

Inline sources can be imported using their ID: 
terraform import kubiya_inline_source.example <inline-source-id>

Best Practices

Container Management

  • Use specific image tags rather than “latest” for reproducibility
  • Choose lightweight base images when possible (alpine, slim variants)
  • Consider resource requirements when selecting Docker images
  • Ensure images are accessible from your runner environment

Security

  • Never hardcode credentials in tool definitions; use Kubiya secrets
  • Use read-only file systems where possible
  • Implement proper input validation in tool scripts
  • Audit tool permissions and capabilities regularly

Development & Testing

  • Test tools and workflows in development before production use
  • Include error handling in tool scripts
  • Use echo statements and output variables for debugging workflows
  • Create focused, single-purpose tools that can be composed

Documentation & Maintenance

  • Include clear descriptions for tools and their parameters
  • Document expected inputs and outputs for each tool
  • Consider moving complex tools to Git repositories as they mature
  • Version control your Terraform configurations

Executor Types

Execute custom tools defined in the same source:
{
  "type": "tool",
  "config": {
    "tool_name": "my-custom-tool",
    "args": {
      "param1": "value1",
      "param2": "value2"
    }
  }
}

Compatibility

Requirements:
  • Kubiya Terraform Provider version >= 1.0.0
  • Terraform >= 1.0
  • Docker images must be accessible from the runner environment
  • Tools and workflows are defined inline, not from Git repositories
Important Considerations:
  • Inline sources must be created before agents can reference them
  • Large tool definitions may impact Terraform plan/apply performance
  • Complex tools should consider migration to Git-based sources
  • Container resource limits apply to tool execution

Troubleshooting