container

Description

Specify a container image to build or pull from a remote registry. You may also optionally specify services to deploy, tasks or tests to run inside the container.

Note that the runtime services have somewhat limited features in this module type. For example, you cannot specify replicas for redundancy, and various platform-specific options are not included. For those, look at other module types like helm or kubernetes.

Below is the full schema reference. For an introduction to configuring Garden modules, please look at our Configuration guide.

The first section contains the complete YAML schema, and the second section describes each schema key.

container modules also export values that are available in template strings. See the Outputs section below for details.

Complete YAML Schema

The values in the schema below are the default values.

# The schema version of this module's config (currently not used).
apiVersion: garden.io/v0
kind: Module
# The type of this module.
type:
# The name of this module.
name:
# A description of the module.
description:
# Set this to `true` to disable the module. You can use this with conditional template strings to disable modules
# based on, for example, the current environment or other variables (e.g. `disabled: \${environment.name == "prod"}`).
# This can be handy when you only need certain modules for specific environments, e.g. only for development.
#
# Disabling a module means that any services, tasks and tests contained in it will not be deployed or run. It also
# means that the module is not built _unless_ it is declared as a build dependency by another enabled module (in which
# case building this module is necessary for the dependant to be built).
#
# If you disable the module, and its services, tasks or tests are referenced as _runtime_ dependencies, Garden will
# automatically ignore those dependency declarations. Note however that template strings referencing the module's
# service or task outputs (i.e. runtime outputs) will fail to resolve when the module is disabled, so you need to make
# sure to provide alternate values for those if you're using them, using conditional expressions.
disabled: false
# Specify a list of POSIX-style paths or globs that should be regarded as the source files for this module. Files that
# do *not* match these paths or globs are excluded when computing the version of the module, when responding to
# filesystem watch events, and when staging builds.
#
# Note that you can also _exclude_ files using the `exclude` field or by placing `.gardenignore` files in your source
# tree, which use the same format as `.gitignore` files. See the [Configuration Files
# guide](https://docs.garden.io/guides/configuration-files#including-excluding-files-and-directories) for details.
#
# Also note that specifying an empty list here means _no sources_ should be included.
#
# If neither `include` nor `exclude` is set, and the module has a Dockerfile, Garden
# will parse the Dockerfile and automatically set `include` to match the files and
# folders added to the Docker image (via the `COPY` and `ADD` directives in the Dockerfile).
#
# If neither `include` nor `exclude` is set, and the module
# specifies a remote image, Garden automatically sets `include` to `[]`.
include:
# Specify a list of POSIX-style paths or glob patterns that should be excluded from the module. Files that match these
# paths or globs are excluded when computing the version of the module, when responding to filesystem watch events,
# and when staging builds.
#
# Note that you can also explicitly _include_ files using the `include` field. If you also specify the `include`
# field, the files/patterns specified here are filtered from the files matched by `include`. See the [Configuration
# Files guide](https://docs.garden.io/guides/configuration-files#including-excluding-files-and-directories)for
# details.
#
# Unlike the `modules.exclude` field in the project config, the filters here have _no effect_ on which files and
# directories are watched for changes. Use the project `modules.exclude` field to affect those, if you have large
# directories that should not be watched for changes.
exclude:
# A remote repository URL. Currently only supports git servers. Must contain a hash suffix pointing to a specific
# branch or tag, with the format: <git remote url>#<branch|tag>
#
# Garden will import the repository source code into this module, but read the module's config from the local
# garden.yml file.
repositoryUrl:
# When false, disables pushing this module to remote registries.
allowPublish: true
# Specify how to build the module. Note that plugins may define additional keys on this object.
build:
# A list of modules that must be built before this module is built.
dependencies:
- # Module name to build ahead of this module.
name:
# Specify one or more files or directories to copy from the built dependency to this module.
copy:
- # POSIX-style path or filename of the directory or file(s) to copy to the target.
source:
# POSIX-style path or filename to copy the directory or file(s), relative to the build directory.
# Defaults to to same as source path.
target: ''
# For multi-stage Dockerfiles, specify which image to build (see
# https://docs.docker.com/engine/reference/commandline/build/#specifying-target-build-stage---target for details).
targetImage:
# Maximum time in seconds to wait for build to finish.
timeout: 1200
# Specify build arguments to use when building the container image.
buildArgs: {}
# Specify extra flags to use when building the container image. Note that arguments may not be portable across
# implementations.
extraFlags:
# Specify the image name for the container. Should be a valid Docker image identifier. If specified and the module
# does not contain a Dockerfile, this image will be used to deploy services for this module. If specified and the
# module does contain a Dockerfile, this identifier is used when pushing the built image.
image:
# Specifies which files or directories to sync to which paths inside the running containers of hot reload-enabled
# services when those files or directories are modified. Applies to this module's services, and to services with this
# module as their `sourceModule`.
hotReload:
# Specify one or more source files or directories to automatically sync into the running container.
sync:
- # POSIX-style path of the directory to sync to the target, relative to the module's top-level directory. Must be
# a relative path if provided. Defaults to the module's top-level directory if no value is provided.
source: .
# POSIX-style absolute path to sync the directory to inside the container. The root path (i.e. "/") is not
# allowed.
target:
# An optional command to run inside the container after syncing.
postSyncCommand:
# POSIX-style name of Dockerfile, relative to module root.
dockerfile:
# A list of services to deploy from this container module.
services:
- # Valid RFC1035/RFC1123 (DNS) label (may contain lowercase letters, numbers and dashes, must start with a letter,
# and cannot end with a dash), cannot contain consecutive dashes or start with `garden`, or be longer than 63
# characters.
name:
# The names of any services that this service depends on at runtime, and the names of any tasks that should be
# executed before this service is deployed.
dependencies: []
# Set this to `true` to disable the service. You can use this with conditional template strings to enable/disable
# services based on, for example, the current environment or other variables (e.g. `enabled: \${environment.name
# != "prod"}`). This can be handy when you only need certain services for specific environments, e.g. only for
# development.
#
# Disabling a service means that it will not be deployed, and will also be ignored if it is declared as a runtime
# dependency for another service, test or task.
#
# Note however that template strings referencing the service's outputs (i.e. runtime outputs) will fail to resolve
# when the service is disabled, so you need to make sure to provide alternate values for those if you're using
# them, using conditional expressions.
disabled: false
# Annotations to attach to the service (Note: May not be applicable to all providers).
annotations: {}
# The command/entrypoint to run the container with when starting the service.
command:
# The arguments to run the container with when starting the service.
args:
# Whether to run the service as a daemon (to ensure exactly one instance runs per node). May not be supported by
# all providers.
daemon: false
# List of ingress endpoints that the service exposes.
ingresses:
- # Annotations to attach to the ingress (Note: May not be applicable to all providers)
annotations: {}
# The hostname that should route to this service. Defaults to the default hostname configured in the provider
# configuration.
#
# Note that if you're developing locally you may need to add this hostname to your hosts file.
hostname:
# The link URL for the ingress to show in the console and on the dashboard. Also used when calling the service
# with the `call` command.
#
# Use this if the actual URL is different from what's specified in the ingress, e.g. because there's a load
# balancer in front of the service that rewrites the paths.
#
# Otherwise Garden will construct the link URL from the ingress spec.
linkUrl:
# The path which should be routed to the service.
path: /
# The name of the container port where the specified paths should be routed.
port:
# Key/value map of environment variables. Keys must be valid POSIX environment variable names (must not start with
# `GARDEN`) and values must be primitives or references to secrets.
env: {}
# Specify how the service's health should be checked after deploying.
healthCheck:
# Set this to check the service's health by making an HTTP request.
httpGet:
# The path of the service's health check endpoint.
path:
# The name of the port where the service's health check endpoint should be available.
port:
scheme: HTTP
# Set this to check the service's health by running a command in its container.
command:
# Set this to check the service's health by checking if this TCP port is accepting connections.
tcpPort:
# If this module uses the `hotReload` field, the container will be run with this command/entrypoint when the
# service is deployed with hot reloading enabled.
hotReloadCommand:
# If this module uses the `hotReload` field, the container will be run with these arguments when the service is
# deployed with hot reloading enabled.
hotReloadArgs:
# Specify resource limits for the service.
limits:
# The maximum amount of CPU the service can use, in millicpus (i.e. 1000 = 1 CPU)
cpu: 1000
# The maximum amount of RAM the service can use, in megabytes (i.e. 1024 = 1 GB)
memory: 1024
# List of ports that the service container exposes.
ports:
- # The name of the port (used when referencing the port elsewhere in the service configuration).
name:
# The protocol of the port.
protocol: TCP
# The port exposed on the container by the running process. This will also be the default value for
# `servicePort`.
# This is the port you would expose in your Dockerfile and that your process listens on. This is commonly a
# non-priviledged port like 8080 for security reasons.
# The service port maps to the container port:
# `servicePort:80 -> containerPort:8080 -> process:8080`
containerPort:
# The port exposed on the service. Defaults to `containerPort` if not specified.
# This is the port you use when calling a service from another service within the cluster. For example, if
# your service name is my-service and the service port is 8090, you would call it with:
# http://my-service:8090/some-endpoint.
# It is common to use port 80, the default port number, so that you can call the service directly with
# http://my-service/some-endpoint.
# The service port maps to the container port:
# `servicePort:80 -> containerPort:8080 -> process:8080`
servicePort:
# Set this to expose the service on the specified port on the host node (may not be supported by all
# providers). Set to `true` to have the cluster pick a port automatically, which is most often advisable if
# the cluster is shared by multiple users.
# This allows you to call the service from the outside by the node's IP address and the port number set in
# this field.
nodePort:
# The number of instances of the service to deploy. Defaults to 3 for environments configured with `production:
# true`, otherwise 1.
# Note: This setting may be overridden or ignored in some cases. For example, when running with `daemon: true`,
# with hot-reloading enabled, or if the provider doesn't support multiple replicas.
replicas:
# List of volumes that should be mounted when deploying the service.
#
# Note: If neither `hostPath` nor `module` is specified, an empty ephemeral volume is created and mounted when
# deploying the container.
volumes:
- # The name of the allocated volume.
name:
# The path where the volume should be mounted in the container.
containerPath:
# _NOTE: Usage of hostPath is generally discouraged, since it doesn't work reliably across different platforms
# and providers. Some providers may not support it at all._
#
# A local path or path on the node that's running the container, to mount in the container, relative to the
# module source path (or absolute).
hostPath:
# The name of a _volume module_ that should be mounted at `containerPath`. The supported module types will
# depend on which provider you are using. The `kubernetes` provider supports the [persistentvolumeclaim
# module](https://docs.garden.io/reference/module-types/persistentvolumeclaim), for example.
#
# When a `module` is specified, the referenced module/volume will be automatically configured as a runtime
# dependency of this service, as well as a build dependency of this module.
#
# Note: Make sure to pay attention to the supported `accessModes` of the referenced volume. Unless it supports
# the ReadWriteMany access mode, you'll need to make sure it is not configured to be mounted by multiple
# services at the same time. Refer to the documentation of the module type in question to learn more.
module:
# A list of tests to run in the module.
tests:
- # The name of the test.
name:
# The names of any services that must be running, and the names of any tasks that must be executed, before the
# test is run.
dependencies: []
# Set this to `true` to disable the test. You can use this with conditional template strings to
# enable/disable tests based on, for example, the current environment or other variables (e.g.
# `enabled: \${environment.name != "prod"}`). This is handy when you only want certain tests to run in
# specific environments, e.g. only during CI.
disabled: false
# Maximum duration (in seconds) of the test run.
timeout: null
# The arguments used to run the test inside the container.
args:
# Specify artifacts to copy out of the container after the run.
# Note: Depending on the provider, this may require the container image to include `sh` `tar`, in order to enable
# the file transfer.
artifacts:
- # A POSIX-style path or glob to copy. Must be an absolute path. May contain wildcards.
source:
# A POSIX-style path to copy the artifacts to, relative to the project artifacts directory.
target: .
# The command/entrypoint used to run the test inside the container.
command:
# Key/value map of environment variables. Keys must be valid POSIX environment variable names (must not start with
# `GARDEN`) and values must be primitives or references to secrets.
env: {}
# List of volumes that should be mounted when deploying the test.
#
# Note: If neither `hostPath` nor `module` is specified, an empty ephemeral volume is created and mounted when
# deploying the container.
volumes:
- # The name of the allocated volume.
name:
# The path where the volume should be mounted in the container.
containerPath:
# _NOTE: Usage of hostPath is generally discouraged, since it doesn't work reliably across different platforms
# and providers. Some providers may not support it at all._
#
# A local path or path on the node that's running the container, to mount in the container, relative to the
# module source path (or absolute).
hostPath:
# The name of a _volume module_ that should be mounted at `containerPath`. The supported module types will
# depend on which provider you are using. The `kubernetes` provider supports the [persistentvolumeclaim
# module](https://docs.garden.io/reference/module-types/persistentvolumeclaim), for example.
#
# When a `module` is specified, the referenced module/volume will be automatically configured as a runtime
# dependency of this service, as well as a build dependency of this module.
#
# Note: Make sure to pay attention to the supported `accessModes` of the referenced volume. Unless it supports
# the ReadWriteMany access mode, you'll need to make sure it is not configured to be mounted by multiple
# services at the same time. Refer to the documentation of the module type in question to learn more.
module:
# A list of tasks that can be run from this container module. These can be used as dependencies for services (executed
# before the service is deployed) or for other tasks.
tasks:
- # The name of the task.
name:
# A description of the task.
description:
# The names of any tasks that must be executed, and the names of any services that must be running, before this
# task is executed.
dependencies: []
# Set this to `true` to disable the task. You can use this with conditional template strings to enable/disable
# tasks based on, for example, the current environment or other variables (e.g. `enabled: \${environment.name !=
# "prod"}`). This can be handy when you only want certain tasks to run in specific environments, e.g. only for
# development.
#
# Disabling a task means that it will not be run, and will also be ignored if it is declared as a runtime
# dependency for another service, test or task.
#
# Note however that template strings referencing the task's outputs (i.e. runtime outputs) will fail to resolve
# when the task is disabled, so you need to make sure to provide alternate values for those if you're using them,
# using conditional expressions.
disabled: false
# Maximum duration (in seconds) of the task's execution.
timeout: null
# The arguments used to run the task inside the container.
args:
# Specify artifacts to copy out of the container after the run.
# Note: Depending on the provider, this may require the container image to include `sh` `tar`, in order to enable
# the file transfer.
artifacts:
- # A POSIX-style path or glob to copy. Must be an absolute path. May contain wildcards.
source:
# A POSIX-style path to copy the artifacts to, relative to the project artifacts directory.
target: .
# Set to false if you don't want the task's result to be cached. Use this if the task needs to be run any time
# your project (or one or more of the task's dependants) is deployed. Otherwise the task is only re-run when its
# version changes (i.e. the module or one of its dependencies is modified), or when you run `garden run task`.
cacheResult: true
# The command/entrypoint used to run the task inside the container.
command:
# Key/value map of environment variables. Keys must be valid POSIX environment variable names (must not start with
# `GARDEN`) and values must be primitives or references to secrets.
env: {}
# List of volumes that should be mounted when deploying the task.
#
# Note: If neither `hostPath` nor `module` is specified, an empty ephemeral volume is created and mounted when
# deploying the container.
volumes:
- # The name of the allocated volume.
name:
# The path where the volume should be mounted in the container.
containerPath:
# _NOTE: Usage of hostPath is generally discouraged, since it doesn't work reliably across different platforms
# and providers. Some providers may not support it at all._
#
# A local path or path on the node that's running the container, to mount in the container, relative to the
# module source path (or absolute).
hostPath:
# The name of a _volume module_ that should be mounted at `containerPath`. The supported module types will
# depend on which provider you are using. The `kubernetes` provider supports the [persistentvolumeclaim
# module](https://docs.garden.io/reference/module-types/persistentvolumeclaim), for example.
#
# When a `module` is specified, the referenced module/volume will be automatically configured as a runtime
# dependency of this service, as well as a build dependency of this module.
#
# Note: Make sure to pay attention to the supported `accessModes` of the referenced volume. Unless it supports
# the ReadWriteMany access mode, you'll need to make sure it is not configured to be mounted by multiple
# services at the same time. Refer to the documentation of the module type in question to learn more.
module:

Configuration Keys

apiVersion

The schema version of this module's config (currently not used).

Type

Allowed Values

Default

Required

string

"garden.io/v0"

"garden.io/v0"

Yes

kind

Type

Allowed Values

Default

Required

string

"Module"

"Module"

Yes

type

The type of this module.

Type

Required

string

Yes

Example:

type: "container"

name

The name of this module.

Type

Required

string

Yes

Example:

name: "my-sweet-module"

description

A description of the module.

Type

Required

string

No

disabled

Set this to true to disable the module. You can use this with conditional template strings to disable modules based on, for example, the current environment or other variables (e.g. disabled: \${environment.name == "prod"}). This can be handy when you only need certain modules for specific environments, e.g. only for development.

Disabling a module means that any services, tasks and tests contained in it will not be deployed or run. It also means that the module is not built unless it is declared as a build dependency by another enabled module (in which case building this module is necessary for the dependant to be built).

If you disable the module, and its services, tasks or tests are referenced as runtime dependencies, Garden will automatically ignore those dependency declarations. Note however that template strings referencing the module's service or task outputs (i.e. runtime outputs) will fail to resolve when the module is disabled, so you need to make sure to provide alternate values for those if you're using them, using conditional expressions.

Type

Default

Required

boolean

false

No

include[]

Specify a list of POSIX-style paths or globs that should be regarded as the source files for this module. Files that do not match these paths or globs are excluded when computing the version of the module, when responding to filesystem watch events, and when staging builds.

Note that you can also exclude files using the exclude field or by placing .gardenignore files in your source tree, which use the same format as .gitignore files. See the Configuration Files guide for details.

Also note that specifying an empty list here means no sources should be included.

If neither include nor exclude is set, and the module has a Dockerfile, Garden will parse the Dockerfile and automatically set include to match the files and folders added to the Docker image (via the COPY and ADD directives in the Dockerfile).

If neither include nor exclude is set, and the module specifies a remote image, Garden automatically sets include to [].

Type

Required

array[posixPath]

No

Example:

include:
- Dockerfile
- my-app.js

exclude[]

Specify a list of POSIX-style paths or glob patterns that should be excluded from the module. Files that match these paths or globs are excluded when computing the version of the module, when responding to filesystem watch events, and when staging builds.

Note that you can also explicitly include files using the include field. If you also specify the include field, the files/patterns specified here are filtered from the files matched by include. See the Configuration Files guidefor details.

Unlike the modules.exclude field in the project config, the filters here have no effect on which files and directories are watched for changes. Use the project modules.exclude field to affect those, if you have large directories that should not be watched for changes.

Type

Required

array[posixPath]

No

Example:

exclude:
- tmp/**/*
- '*.log'

repositoryUrl

A remote repository URL. Currently only supports git servers. Must contain a hash suffix pointing to a specific branch or tag, with the format: #

Garden will import the repository source code into this module, but read the module's config from the local garden.yml file.

Type

Required

`gitUrl

string`

No

Example:

repositoryUrl: "git+https://github.com/org/repo.git#v2.0"

allowPublish

When false, disables pushing this module to remote registries.

Type

Default

Required

boolean

true

No

build

Specify how to build the module. Note that plugins may define additional keys on this object.

Type

Default

Required

object

{"dependencies":[]}

No

build.dependencies[]

build > dependencies

A list of modules that must be built before this module is built.

Type

Default

Required

array[object]

[]

No

Example:

build:
...
dependencies:
- name: some-other-module-name

build.dependencies[].name

build > dependencies > name

Module name to build ahead of this module.

Type

Required

string

Yes

build.dependencies[].copy[]

build > dependencies > copy

Specify one or more files or directories to copy from the built dependency to this module.

Type

Default

Required

array[object]

[]

No

build.dependencies[].copy[].source

build > dependencies > copy > source

POSIX-style path or filename of the directory or file(s) to copy to the target.

Type

Required

posixPath

Yes

build.dependencies[].copy[].target

build > dependencies > copy > target

POSIX-style path or filename to copy the directory or file(s), relative to the build directory. Defaults to to same as source path.

Type

Default

Required

posixPath

""

No

build.targetImage

build > targetImage

For multi-stage Dockerfiles, specify which image to build (see https://docs.docker.com/engine/reference/commandline/build/#specifying-target-build-stage---target for details).

Type

Required

string

No

build.timeout

build > timeout

Maximum time in seconds to wait for build to finish.

Type

Default

Required

number

1200

No

buildArgs

Specify build arguments to use when building the container image.

Type

Default

Required

object

{}

No

extraFlags[]

Specify extra flags to use when building the container image. Note that arguments may not be portable across implementations.

Type

Required

array[string]

No

image

Specify the image name for the container. Should be a valid Docker image identifier. If specified and the module does not contain a Dockerfile, this image will be used to deploy services for this module. If specified and the module does contain a Dockerfile, this identifier is used when pushing the built image.

Type

Required

string

No

hotReload

Specifies which files or directories to sync to which paths inside the running containers of hot reload-enabled services when those files or directories are modified. Applies to this module's services, and to services with this module as their sourceModule.

Type

Required

object

No

hotReload.sync[]

hotReload > sync

Specify one or more source files or directories to automatically sync into the running container.

Type

Required

array[object]

Yes

hotReload.sync[].source

hotReload > sync > source

POSIX-style path of the directory to sync to the target, relative to the module's top-level directory. Must be a relative path if provided. Defaults to the module's top-level directory if no value is provided.

Type

Default

Required

posixPath

"."

No

Example:

hotReload:
...
sync:
- source: "src"

hotReload.sync[].target

hotReload > sync > target

POSIX-style absolute path to sync the directory to inside the container. The root path (i.e. "/") is not allowed.

Type

Required

posixPath

Yes

Example:

hotReload:
...
sync:
- target: "/app/src"

hotReload.postSyncCommand[]

hotReload > postSyncCommand

An optional command to run inside the container after syncing.

Type

Required

array[string]

No

Example:

hotReload:
...
postSyncCommand:
- rebuild-static-assets.sh

dockerfile

POSIX-style name of Dockerfile, relative to module root.

Type

Required

posixPath

No

services[]

A list of services to deploy from this container module.

Type

Default

Required

array[object]

[]

No

services[].name

services > name

Valid RFC1035/RFC1123 (DNS) label (may contain lowercase letters, numbers and dashes, must start with a letter, and cannot end with a dash), cannot contain consecutive dashes or start with garden, or be longer than 63 characters.

Type

Required

string

Yes

services[].dependencies[]

services > dependencies

The names of any services that this service depends on at runtime, and the names of any tasks that should be executed before this service is deployed.

Type

Default

Required

array[string]

[]

No

services[].disabled

services > disabled

Set this to true to disable the service. You can use this with conditional template strings to enable/disable services based on, for example, the current environment or other variables (e.g. enabled: \${environment.name != "prod"}). This can be handy when you only need certain services for specific environments, e.g. only for development.

Disabling a service means that it will not be deployed, and will also be ignored if it is declared as a runtime dependency for another service, test or task.

Note however that template strings referencing the service's outputs (i.e. runtime outputs) will fail to resolve when the service is disabled, so you need to make sure to provide alternate values for those if you're using them, using conditional expressions.

Type

Default

Required

boolean

false

No

services[].annotations

services > annotations

Annotations to attach to the service (Note: May not be applicable to all providers).

Type

Default

Required

object

{}

No

Example:

services:
- annotations:
nginx.ingress.kubernetes.io/proxy-body-size: '0'

services[].command[]

services > command

The command/entrypoint to run the container with when starting the service.

Type

Required

array[string]

No

Example:

services:
- command:
- /bin/sh
- '-c'

services[].args[]

services > args

The arguments to run the container with when starting the service.

Type

Required

array[string]

No

Example:

services:
- args:
- npm
- start

services[].daemon

services > daemon

Whether to run the service as a daemon (to ensure exactly one instance runs per node). May not be supported by all providers.

Type

Default

Required

boolean

false

No

services[].ingresses[]

services > ingresses

List of ingress endpoints that the service exposes.

Type

Default

Required

array[object]

[]

No

Example:

services:
- ingresses:
- path: /api
port: http

services[].ingresses[].annotations

services > ingresses > annotations

Annotations to attach to the ingress (Note: May not be applicable to all providers)

Type

Default

Required

object

{}

No

Example:

services:
- ingresses:
- path: /api
port: http
- annotations:
nginx.ingress.kubernetes.io/proxy-body-size: '0'

services[].ingresses[].hostname

services > ingresses > hostname

The hostname that should route to this service. Defaults to the default hostname configured in the provider configuration.

Note that if you're developing locally you may need to add this hostname to your hosts file.

Type

Required

string

No

services[].ingresses[].linkUrl

services > ingresses > linkUrl

The link URL for the ingress to show in the console and on the dashboard. Also used when calling the service with the call command.

Use this if the actual URL is different from what's specified in the ingress, e.g. because there's a load balancer in front of the service that rewrites the paths.

Otherwise Garden will construct the link URL from the ingress spec.

Type

Required

string

No

services[].ingresses[].path

services > ingresses > path

The path which should be routed to the service.

Type

Default

Required

string

"/"

No

services[].ingresses[].port

services > ingresses > port

The name of the container port where the specified paths should be routed.

Type

Required

string

Yes

services[].env

services > env

Key/value map of environment variables. Keys must be valid POSIX environment variable names (must not start with GARDEN) and values must be primitives or references to secrets.

Type

Default

Required

object

{}

No

Example:

services:
- env:
- MY_VAR: some-value
MY_SECRET_VAR:
secretRef:
name: my-secret
key: some-key
- {}

services[].healthCheck

services > healthCheck

Specify how the service's health should be checked after deploying.

Type

Required

object

No

services[].healthCheck.httpGet

services > healthCheck > httpGet

Set this to check the service's health by making an HTTP request.

Type

Required

object

No

services[].healthCheck.httpGet.path

services > healthCheck > httpGet > path

The path of the service's health check endpoint.

Type

Required

string

Yes

services[].healthCheck.httpGet.port

services > healthCheck > httpGet > port

The name of the port where the service's health check endpoint should be available.

Type

Required

string

Yes

services[].healthCheck.httpGet.scheme

services > healthCheck > httpGet > scheme

Type

Default

Required

string

"HTTP"

No

services[].healthCheck.command[]

services > healthCheck > command

Set this to check the service's health by running a command in its container.

Type

Required

array[string]

No

services[].healthCheck.tcpPort

services > healthCheck > tcpPort

Set this to check the service's health by checking if this TCP port is accepting connections.

Type

Required

string

No

services[].hotReloadCommand[]

services > hotReloadCommand

If this module uses the hotReload field, the container will be run with this command/entrypoint when the service is deployed with hot reloading enabled.

Type

Required

array[string]

No

Example:

services:
- hotReloadCommand:
- /bin/sh
- '-c'

services[].hotReloadArgs[]

services > hotReloadArgs

If this module uses the hotReload field, the container will be run with these arguments when the service is deployed with hot reloading enabled.

Type

Required

array[string]

No

Example:

services:
- hotReloadArgs:
- npm
- run
- dev

services[].limits

services > limits

Specify resource limits for the service.

Type

Default

Required

object

{"cpu":1000,"memory":1024}

No

services[].limits.cpu

services > limits > cpu

The maximum amount of CPU the service can use, in millicpus (i.e. 1000 = 1 CPU)

Type

Default

Required

number

1000

No

services[].limits.memory

services > limits > memory

The maximum amount of RAM the service can use, in megabytes (i.e. 1024 = 1 GB)

Type

Default

Required

number

1024

No

services[].ports[]

services > ports

List of ports that the service container exposes.

Type

Default

Required

array[object]

[]

No

services[].ports[].name

services > ports > name

The name of the port (used when referencing the port elsewhere in the service configuration).

Type

Required

string

Yes

services[].ports[].protocol

services > ports > protocol

The protocol of the port.

Type

Default

Required

string

"TCP"

No

services[].ports[].containerPort

services > ports > containerPort

The port exposed on the container by the running process. This will also be the default value for servicePort. This is the port you would expose in your Dockerfile and that your process listens on. This is commonly a non-priviledged port like 8080 for security reasons. The service port maps to the container port: servicePort:80 -> containerPort:8080 -> process:8080

Type

Required

number

Yes

Example:

services:
- ports:
- containerPort: 8080

services[].ports[].servicePort

services > ports > servicePort

The port exposed on the service. Defaults to containerPort if not specified. This is the port you use when calling a service from another service within the cluster. For example, if your service name is my-service and the service port is 8090, you would call it with: http://my-service:8090/some-endpoint. It is common to use port 80, the default port number, so that you can call the service directly with http://my-service/some-endpoint. The service port maps to the container port: servicePort:80 -> containerPort:8080 -> process:8080

Type

Required

number

No

Example:

services:
- ports:
- servicePort: 80

services[].ports[].hostPort

services > ports > hostPort

Type

Required

number

No

services[].ports[].nodePort

services > ports > nodePort

Set this to expose the service on the specified port on the host node (may not be supported by all providers). Set to true to have the cluster pick a port automatically, which is most often advisable if the cluster is shared by multiple users. This allows you to call the service from the outside by the node's IP address and the port number set in this field.

Type

Required

number

No

services[].replicas

services > replicas

The number of instances of the service to deploy. Defaults to 3 for environments configured with production: true, otherwise 1. Note: This setting may be overridden or ignored in some cases. For example, when running with daemon: true, with hot-reloading enabled, or if the provider doesn't support multiple replicas.

Type

Required

number

No

services[].volumes[]

services > volumes

List of volumes that should be mounted when deploying the service.

Note: If neither hostPath nor module is specified, an empty ephemeral volume is created and mounted when deploying the container.

Type

Default

Required

array[object]

[]

No

services[].volumes[].name

services > volumes > name

The name of the allocated volume.

Type

Required

string

Yes

services[].volumes[].containerPath

services > volumes > containerPath

The path where the volume should be mounted in the container.

Type

Required

posixPath

Yes

services[].volumes[].hostPath

services > volumes > hostPath

NOTE: Usage of hostPath is generally discouraged, since it doesn't work reliably across different platforms and providers. Some providers may not support it at all.

A local path or path on the node that's running the container, to mount in the container, relative to the module source path (or absolute).

Type

Required

posixPath

No

Example:

services:
- volumes:
- hostPath: "/some/dir"

services[].volumes[].module

services > volumes > module

The name of a volume module that should be mounted at containerPath. The supported module types will depend on which provider you are using. The kubernetes provider supports the persistentvolumeclaim module, for example.

When a module is specified, the referenced module/volume will be automatically configured as a runtime dependency of this service, as well as a build dependency of this module.

Note: Make sure to pay attention to the supported accessModes of the referenced volume. Unless it supports the ReadWriteMany access mode, you'll need to make sure it is not configured to be mounted by multiple services at the same time. Refer to the documentation of the module type in question to learn more.

Type

Required

string

No

tests[]

A list of tests to run in the module.

Type

Default

Required

array[object]

[]

No

tests[].name

tests > name

The name of the test.

Type

Required

string

Yes

tests[].dependencies[]

tests > dependencies

The names of any services that must be running, and the names of any tasks that must be executed, before the test is run.

Type

Default

Required

array[string]

[]

No

tests[].disabled

tests > disabled

Set this to true to disable the test. You can use this with conditional template strings to enable/disable tests based on, for example, the current environment or other variables (e.g. enabled: \${environment.name != "prod"}). This is handy when you only want certain tests to run in specific environments, e.g. only during CI.

Type

Default

Required

boolean

false

No

tests[].timeout

tests > timeout

Maximum duration (in seconds) of the test run.

Type

Default

Required

number

null

No

tests[].args[]

tests > args

The arguments used to run the test inside the container.

Type

Required

array[string]

No

Example:

tests:
- args:
- npm
- test

tests[].artifacts[]

tests > artifacts

Specify artifacts to copy out of the container after the run. Note: Depending on the provider, this may require the container image to include sh tar, in order to enable the file transfer.

Type

Required

array[object]

No

Example:

tests:
- artifacts:
- source: /report/**/*

tests[].artifacts[].source

tests > artifacts > source

A POSIX-style path or glob to copy. Must be an absolute path. May contain wildcards.

Type

Required

posixPath

Yes

Example:

tests:
- artifacts:
- source: /report/**/*
- source: "/output/**/*"

tests[].artifacts[].target

tests > artifacts > target

A POSIX-style path to copy the artifacts to, relative to the project artifacts directory.

Type

Default

Required

posixPath

"."

No

Example:

tests:
- artifacts:
- source: /report/**/*
- target: "outputs/foo/"

tests[].command[]

tests > command

The command/entrypoint used to run the test inside the container.

Type

Required

array[string]

No

Example:

tests:
- command:
- /bin/sh
- '-c'

tests[].env

tests > env

Key/value map of environment variables. Keys must be valid POSIX environment variable names (must not start with GARDEN) and values must be primitives or references to secrets.

Type

Default

Required

object

{}

No

Example:

tests:
- env:
- MY_VAR: some-value
MY_SECRET_VAR:
secretRef:
name: my-secret
key: some-key
- {}

tests[].volumes[]

tests > volumes

List of volumes that should be mounted when deploying the test.

Note: If neither hostPath nor module is specified, an empty ephemeral volume is created and mounted when deploying the container.

Type

Default

Required

array[object]

[]

No

tests[].volumes[].name

tests > volumes > name

The name of the allocated volume.

Type

Required

string

Yes

tests[].volumes[].containerPath

tests > volumes > containerPath

The path where the volume should be mounted in the container.

Type

Required

posixPath

Yes

tests[].volumes[].hostPath

tests > volumes > hostPath

NOTE: Usage of hostPath is generally discouraged, since it doesn't work reliably across different platforms and providers. Some providers may not support it at all.

A local path or path on the node that's running the container, to mount in the container, relative to the module source path (or absolute).

Type

Required

posixPath

No

Example:

tests:
- volumes:
- hostPath: "/some/dir"

tests[].volumes[].module

tests > volumes > module

The name of a volume module that should be mounted at containerPath. The supported module types will depend on which provider you are using. The kubernetes provider supports the persistentvolumeclaim module, for example.

When a module is specified, the referenced module/volume will be automatically configured as a runtime dependency of this service, as well as a build dependency of this module.

Note: Make sure to pay attention to the supported accessModes of the referenced volume. Unless it supports the ReadWriteMany access mode, you'll need to make sure it is not configured to be mounted by multiple services at the same time. Refer to the documentation of the module type in question to learn more.

Type

Required

string

No

tasks[]

A list of tasks that can be run from this container module. These can be used as dependencies for services (executed before the service is deployed) or for other tasks.

Type

Default

Required

array[object]

[]

No

tasks[].name

tasks > name

The name of the task.

Type

Required

string

Yes

tasks[].description

tasks > description

A description of the task.

Type

Required

string

No

tasks[].dependencies[]

tasks > dependencies

The names of any tasks that must be executed, and the names of any services that must be running, before this task is executed.

Type

Default

Required

array[string]

[]

No

tasks[].disabled

tasks > disabled

Set this to true to disable the task. You can use this with conditional template strings to enable/disable tasks based on, for example, the current environment or other variables (e.g. enabled: \${environment.name != "prod"}). This can be handy when you only want certain tasks to run in specific environments, e.g. only for development.

Disabling a task means that it will not be run, and will also be ignored if it is declared as a runtime dependency for another service, test or task.

Note however that template strings referencing the task's outputs (i.e. runtime outputs) will fail to resolve when the task is disabled, so you need to make sure to provide alternate values for those if you're using them, using conditional expressions.

Type

Default

Required

boolean

false

No

tasks[].timeout

tasks > timeout

Maximum duration (in seconds) of the task's execution.

Type

Default

Required

number

null

No

tasks[].args[]

tasks > args

The arguments used to run the task inside the container.

Type

Required

array[string]

No

Example:

tasks:
- args:
- rake
- 'db:migrate'

tasks[].artifacts[]

tasks > artifacts

Specify artifacts to copy out of the container after the run. Note: Depending on the provider, this may require the container image to include sh tar, in order to enable the file transfer.

Type

Required

array[object]

No

Example:

tasks:
- artifacts:
- source: /report/**/*

tasks[].artifacts[].source

tasks > artifacts > source

A POSIX-style path or glob to copy. Must be an absolute path. May contain wildcards.

Type

Required

posixPath

Yes

Example:

tasks:
- artifacts:
- source: /report/**/*
- source: "/output/**/*"

tasks[].artifacts[].target

tasks > artifacts > target

A POSIX-style path to copy the artifacts to, relative to the project artifacts directory.

Type

Default

Required

posixPath

"."

No

Example:

tasks:
- artifacts:
- source: /report/**/*
- target: "outputs/foo/"

tasks[].cacheResult

tasks > cacheResult

Set to false if you don't want the task's result to be cached. Use this if the task needs to be run any time your project (or one or more of the task's dependants) is deployed. Otherwise the task is only re-run when its version changes (i.e. the module or one of its dependencies is modified), or when you run garden run task.

Type

Default

Required

boolean

true

No

tasks[].command[]

tasks > command

The command/entrypoint used to run the task inside the container.

Type

Required

array[string]

No

Example:

tasks:
- command:
- /bin/sh
- '-c'

tasks[].env

tasks > env

Key/value map of environment variables. Keys must be valid POSIX environment variable names (must not start with GARDEN) and values must be primitives or references to secrets.

Type

Default

Required

object

{}

No

Example:

tasks:
- env:
- MY_VAR: some-value
MY_SECRET_VAR:
secretRef:
name: my-secret
key: some-key
- {}

tasks[].volumes[]

tasks > volumes

List of volumes that should be mounted when deploying the task.

Note: If neither hostPath nor module is specified, an empty ephemeral volume is created and mounted when deploying the container.

Type

Default

Required

array[object]

[]

No

tasks[].volumes[].name

tasks > volumes > name

The name of the allocated volume.

Type

Required

string

Yes

tasks[].volumes[].containerPath

tasks > volumes > containerPath

The path where the volume should be mounted in the container.

Type

Required

posixPath

Yes

tasks[].volumes[].hostPath

tasks > volumes > hostPath

NOTE: Usage of hostPath is generally discouraged, since it doesn't work reliably across different platforms and providers. Some providers may not support it at all.

A local path or path on the node that's running the container, to mount in the container, relative to the module source path (or absolute).

Type

Required

posixPath

No

Example:

tasks:
- volumes:
- hostPath: "/some/dir"

tasks[].volumes[].module

tasks > volumes > module

The name of a volume module that should be mounted at containerPath. The supported module types will depend on which provider you are using. The kubernetes provider supports the persistentvolumeclaim module, for example.

When a module is specified, the referenced module/volume will be automatically configured as a runtime dependency of this service, as well as a build dependency of this module.

Note: Make sure to pay attention to the supported accessModes of the referenced volume. Unless it supports the ReadWriteMany access mode, you'll need to make sure it is not configured to be mounted by multiple services at the same time. Refer to the documentation of the module type in question to learn more.

Type

Required

string

No

Outputs

Module Outputs

The following keys are available via the ${modules.<module-name>} template string key for container modules.

${modules.<module-name>.buildPath}

The build path of the module.

Type

string

Example:

my-variable: ${modules.my-module.buildPath}

${modules.<module-name>.path}

The local path of the module.

Type

string

Example:

my-variable: ${modules.my-module.path}

${modules.<module-name>.version}

The current version of the module.

Type

string

Example:

my-variable: ${modules.my-module.version}

${modules.<module-name>.outputs.local-image-name}

The name of the image (without tag/version) that the module uses for local builds and deployments.

Type

string

Example:

my-variable: ${modules.my-module.outputs.local-image-name}

${modules.<module-name>.outputs.deployment-image-name}

The name of the image (without tag/version) that the module will use during deployment.

Type

string

Example:

my-variable: ${modules.my-module.outputs.deployment-image-name}

Task Outputs

The following keys are available via the ${runtime.tasks.<task-name>} template string key for container module tasks. Note that these are only resolved when deploying/running dependants of the task, so they are not usable for every field.

${runtime.tasks.<task-name>.outputs.log}

The full log from the executed task. (Pro-tip: Make it machine readable so it can be parsed by dependant tasks and services!)

Type

Default

string

""

Contents
Description
Complete YAML Schema
Configuration Keys
apiVersion
kind
type
name
description
disabled
include[]
exclude[]
repositoryUrl
allowPublish
build
build.dependencies[]
build.dependencies[].name
build.dependencies[].copy[]
build.dependencies[].copy[].source
build.dependencies[].copy[].target
build.targetImage
build.timeout
buildArgs
extraFlags[]
image
hotReload
hotReload.sync[]
hotReload.sync[].source
hotReload.sync[].target
hotReload.postSyncCommand[]
dockerfile
services[]
services[].name
services[].dependencies[]
services[].disabled
services[].annotations
services[].command[]
services[].args[]
services[].daemon
services[].ingresses[]
services[].ingresses[].annotations
services[].ingresses[].hostname
services[].ingresses[].linkUrl
services[].ingresses[].path
services[].ingresses[].port
services[].env
services[].healthCheck
services[].healthCheck.httpGet
services[].healthCheck.httpGet.path
services[].healthCheck.httpGet.port
services[].healthCheck.httpGet.scheme
services[].healthCheck.command[]
services[].healthCheck.tcpPort
services[].hotReloadCommand[]
services[].hotReloadArgs[]
services[].limits
services[].limits.cpu
services[].limits.memory
services[].ports[]
services[].ports[].name
services[].ports[].protocol
services[].ports[].containerPort
services[].ports[].servicePort
services[].ports[].hostPort
services[].ports[].nodePort
services[].replicas
services[].volumes[]
services[].volumes[].name
services[].volumes[].containerPath
services[].volumes[].hostPath
services[].volumes[].module
tests[]
tests[].name
tests[].dependencies[]
tests[].disabled
tests[].timeout
tests[].args[]
tests[].artifacts[]
tests[].artifacts[].source
tests[].artifacts[].target
tests[].command[]
tests[].env
tests[].volumes[]
tests[].volumes[].name
tests[].volumes[].containerPath
tests[].volumes[].hostPath
tests[].volumes[].module
tasks[]
tasks[].name
tasks[].description
tasks[].dependencies[]
tasks[].disabled
tasks[].timeout
tasks[].args[]
tasks[].artifacts[]
tasks[].artifacts[].source
tasks[].artifacts[].target
tasks[].cacheResult
tasks[].command[]
tasks[].env
tasks[].volumes[]
tasks[].volumes[].name
tasks[].volumes[].containerPath
tasks[].volumes[].hostPath
tasks[].volumes[].module
Outputs
Module Outputs
${modules.<module-name>.buildPath}
${modules.<module-name>.path}
${modules.<module-name>.version}
${modules.<module-name>.outputs.local-image-name}
${modules.<module-name>.outputs.deployment-image-name}
Task Outputs
${runtime.tasks.<task-name>.outputs.log}