Generic templated configuration management for Kubernetes, Terraform and other things
Project description
Kapitan: Configuration Management for Kubernetes, Terraform, and Infrastructure
Kapitan is an open source configuration management tool for Kubernetes, Terraform, and complex infrastructure systems. It helps teams generate, organize, reuse, and validate configuration across environments using an inventory-driven model, templates (Jsonnet, Jinja2, Kadet), and integrations with Helm, Kustomize, CUE, and external references.
Kapitan provides native secrets management (GPG, AWS KMS, GCP KMS, Azure Key Vault, HashiCorp Vault) and is designed for Platform Engineering and GitOps workflows.
- Website: https://kapitan.dev
- Documentation: https://kapitan.dev/getting_started/
- Community:
#kapitanon Kubernetes Slack - Sponsor: GitHub Sponsors
Quick start
The fastest way to try Kapitan is with the Kapitan Reference repository:
git clone https://github.com/kapicorp/kapitan-reference.git kapitan-templates
cd kapitan-templates
./kapitan compile
For a minimal project from a cookiecutter template:
pip3 install cruft
cruft create https://github.com/kapicorp/kapitan-reference --checkout cookiecutter --no-input
What is Kapitan?
Kapitan lets you model infrastructure configuration with reusable inventory classes and targets, then compile that data into manifests, scripts, documentation, and Terraform resources. Instead of copying values across Helm values files, Kustomize overlays, and Terraform variables, you define everything once in the Kapitan inventory and let each input type generate the files it needs.
Install Kapitan
Docker (recommended)
docker run -t --rm -v $(pwd):/src:delegated kapicorp/kapitan -h
On Linux, add -u $(id -u) to preserve file permissions.
Pip
Kapitan requires Python 3.10 or newer.
pip3 install --user --upgrade kapitan
See the full installation guide for platform-specific steps.
What Kapitan does
Kapitan turns a hierarchical inventory and a set of input templates into compiled configuration files ready for deployment.
- Define reusable classes and per-environment targets in YAML.
- Write templates with your preferred tools.
- Run
kapitan compile. - Deploy the generated output from the
compiled/directory.
Supported input types
Native integrations
- Secret management: GPG, HashiCorp Vault, AWS KMS, GCP KMS, Azure Key Vault
- Remote dependencies: Git, HTTP, ORAS (OCI registry)
- Validation: JSON Schema, TOML, YAML linting
- GitOps-friendly: compiles to fully rendered, plain-text output
When to use Kapitan
- You manage the same application across many environments (dev, staging, prod, regions) and want a single source of truth.
- You need to reuse configuration fragments across targets without copy-paste.
- You want to combine multiple templating tools in one pipeline.
- You need native secret management embedded in the same configuration workflow.
- You prefer a compile step that generates fully rendered output before deployment.
When another tool may be enough
- Helm alone is sufficient if you only need to template a single chart with values files and do not share complex configuration across many services.
- Kustomize alone is sufficient if your environment differences are mostly patches and overlays on a small set of bases.
- Plain YAML with a CD tool is sufficient if you have very few environments and simple configuration with little reuse.
- Terraform alone is sufficient if you only manage infrastructure resources and do not need a broader multi-language configuration layer.
Project status
Kapitan is actively maintained by KapiCorp and the open source community. Releases are published regularly with release notes. The project uses an MIT license.
Contributing
We welcome contributions. Please open an issue or pull request to get started.
Security
If you discover a security issue, please open a private security advisory or contact the maintainers directly.
Support
- Ask questions in the
#kapitanSlack channel. - Read the FAQ.
- Open a GitHub Discussion or Issue.
Related projects
- Tesoro — Kubernetes admission controller for Kapitan secrets.
- Kapitan Reference — working examples to get started.
- Kapitan Generators — reusable generators for common patterns.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file kapitan-0.35.2.dev20.tar.gz.
File metadata
- Download URL: kapitan-0.35.2.dev20.tar.gz
- Upload date:
- Size: 4.0 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
94b421f1a47819453d8acdb5efc6af9aa70049618a315bfe0d832768ce3c7f17
|
|
| MD5 |
959d9f45131201ceebd94474c3de37bb
|
|
| BLAKE2b-256 |
57f1a62700f44005b3eab7a6f19b278522697dcf612f1870d3fcfe5cd170f1da
|
File details
Details for the file kapitan-0.35.2.dev20-py3-none-any.whl.
File metadata
- Download URL: kapitan-0.35.2.dev20-py3-none-any.whl
- Upload date:
- Size: 151.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d7582e16c57040163e95c7b00ae670a4dda4b9bf5dde87dffb3b53de3f63c506
|
|
| MD5 |
252ce6a05871823926605aa606181f80
|
|
| BLAKE2b-256 |
acabfc54d229a034f62e43ea6da202819166fa883dd2e5fe3fe010f11c02c281
|
