container

kind: Module

# The type of this module.
type:

# The name of this module.
name:

# Specify how to build the module. Note that plugins may define additional keys on this object.
build:
  # A list of modules that must be built before this module is built.
  dependencies:
    - # Module name to build ahead of this module.
      name:

      # Specify one or more files or directories to copy from the built dependency to this module.
      copy:
        - # POSIX-style path or filename of the directory or file(s) to copy to the target.
          source:

          # POSIX-style path or filename to copy the directory or file(s), relative to the build directory.
          # Defaults to the same as source path.
          target:

  # Maximum time in seconds to wait for build to finish.
  timeout: 600

  # For multi-stage Dockerfiles, specify which image/stage to build (see
  # https://docs.docker.com/engine/reference/commandline/build/#specifying-target-build-stage---target for details).
  targetImage:

# If set to true, Garden will run the build command, services, tests, and tasks in the module source directory,
# instead of in the Garden build directory (under .garden/build/<module-name>).
#
# Garden will therefore not stage the build for local modules. This means that include/exclude filters
# and ignore files are not applied to local modules, except to calculate the module/action versions.
#
# If you use use `build.dependencies[].copy` for one or more build dependencies of this module, the copied files
# will be copied to the module source directory (instead of the build directory, as is the default case when
# `local = false`).
#
# Note: This maps to the `buildAtSource` option in this module's generated Build action (if any).
local: false

# A description of the module.
description:

# Set this to `true` to disable the module. You can use this with conditional template strings to disable modules
# based on, for example, the current environment or other variables (e.g. `disabled: ${environment.name == "prod"}`).
# This can be handy when you only need certain modules for specific environments, e.g. only for development.
#
# Disabling a module means that any services, tasks and tests contained in it will not be build, deployed or run.
#
# If you disable the module, and its services, tasks or tests are referenced as _runtime_ dependencies, Garden will
# automatically ignore those dependency declarations. Note however that template strings referencing the module's
# service or task outputs (i.e. runtime outputs) will fail to resolve when the module is disabled, so you need to make
# sure to provide alternate values for those if you're using them, using conditional expressions.
disabled: false

# Specify a list of POSIX-style paths or globs that should be regarded as the source files for this module. Files that
# do *not* match these paths or globs are excluded when computing the version of the module, when responding to
# filesystem watch events, and when staging builds.
#
# Note that you can also _exclude_ files using the `exclude` field or by placing `.gardenignore` files in your source
# tree, which use the same format as `.gitignore` files. See the [Configuration Files
# guide](https://docs.garden.io/cedar-0.14/using-garden/configuration-overview#including-excluding-files-and-directories)
# for details.
#
# Also note that specifying an empty list here means _no sources_ should be included.
#
# If neither `include` nor `exclude` is set, and the module has a Dockerfile, Garden
# will parse the Dockerfile and automatically set `include` to match the files and
# folders added to the Docker image (via the `COPY` and `ADD` directives in the Dockerfile).
#
# If neither `include` nor `exclude` is set, and the module
# specifies a remote image, Garden automatically sets `include` to `[]`.
include:

# Specify a list of POSIX-style paths or glob patterns that should be excluded from the module. Files that match these
# paths or globs are excluded when computing the version of the module, when responding to filesystem watch events,
# and when staging builds.
#
# Note that you can also explicitly _include_ files using the `include` field. If you also specify the `include`
# field, the files/patterns specified here are filtered from the files matched by `include`. See the [Configuration
# Files
# guide](https://docs.garden.io/cedar-0.14/using-garden/configuration-overview#including-excluding-files-and-directories)
# for details.
#
# Unlike the `scan.exclude` field in the project config, the filters here have _no effect_ on which files and
# directories are watched for changes. Use the project `scan.exclude` field to affect those, if you have large
# directories that should not be watched for changes.
exclude:

# A remote repository URL. Currently only supports git servers. Must contain a hash suffix pointing to a specific
# branch or tag, with the format: <git remote url>#<branch|tag>
#
# Garden will import the repository source code into this module, but read the module's config from the local
# garden.yml file.
repositoryUrl:

# When false, disables pushing this module to remote registries via the publish command.
allowPublish: true

# A list of files to write to the module directory when resolving this module. This is useful to automatically
# generate (and template) any supporting files needed for the module.
generateFiles:
  - # POSIX-style filename to read the source file contents from, relative to the path of the module (or the
    # ConfigTemplate configuration file if one is being applied).
    # This file may contain template strings, much like any other field in the configuration.
    sourcePath:

    # POSIX-style filename to write the resolved file contents to, relative to the path of the module source directory
    # (for remote modules this means the root of the module repository, otherwise the directory of the module
    # configuration).
    #
    # Note that any existing file with the same name will be overwritten. If the path contains one or more
    # directories, they will be automatically created if missing.
    targetPath:

    # By default, Garden will attempt to resolve any Garden template strings in source files. Set this to false to
    # skip resolving template strings. Note that this does not apply when setting the `value` field, since that's
    # resolved earlier when parsing the configuration.
    resolveTemplates: true

    # The desired file contents as a string.
    value:

# A map of variables scoped to this particular module. These are resolved before any other parts of the module
# configuration and take precedence over project-scoped variables. They may reference project-scoped variables, and
# generally use any template strings normally allowed when resolving modules.
variables:

# Specify a path (relative to the module root) to a file containing variables, that we apply on top of the
# module-level `variables` field.
#
# The format of the files is determined by the configured file's extension:
#
# * `.yaml`/`.yml` - YAML. The file must consist of a YAML document, which must be a map (dictionary). Keys may
# contain any value type. YAML format is used by default.
# * `.env` - Standard "dotenv" format, as defined by [dotenv](https://github.com/motdotla/dotenv#rules).
# * `.json` - JSON. Must contain a single JSON _object_ (not an array).
#
# _NOTE: The default varfile format was changed to YAML in Garden v0.13, since YAML allows for definition of nested
# objects and arrays._
#
# To use different module-level varfiles in different environments, you can template in the environment name
# to the varfile name, e.g. `varfile: "my-module.${environment.name}.env` (this assumes that the corresponding
# varfiles exist).
varfile:

# Specify build arguments to use when building the container image.
#
# Note: Garden will always set a `GARDEN_ACTION_VERSION` (alias `GARDEN_MODULE_VERSION`) argument with the
# module/build version at build time.
buildArgs: {}

# Specify extra flags to use when building the container image. Note that arguments may not be portable across
# implementations.
extraFlags:

# Specify the platforms to build the image for. This is useful when building multi-platform images.
# The format is `os/arch`, e.g. `linux/amd64`, `linux/arm64`, etc.
platforms:

# Secret values that can be mounted in the Dockerfile, but do not become part of the image filesystem or image
# manifest. This is useful e.g. for private registry auth tokens.
#
# Build arguments and environment variables are inappropriate for secrets, as they persist in the final image.
#
# The secret can later be consumed in the Dockerfile like so:
#   RUN --mount=type=secret,id=mytoken TOKEN=$(cat /run/secrets/mytoken) ...
#
# See also https://docs.docker.com/build/building/secrets/
secrets:

# Specify the image name for the container. Should be a valid Docker image identifier. If specified and the module
# does not contain a Dockerfile, this image will be used to deploy services for this module. If specified and the
# module does contain a Dockerfile, this identifier is used when pushing the built image.
image:

# POSIX-style name of a Dockerfile, relative to module root.
dockerfile:

# A list of services to deploy from this container module.
services:
  - # Valid RFC1035/RFC1123 (DNS) label (may contain lowercase letters, numbers and dashes, must start with a letter,
    # and cannot end with a dash), cannot contain consecutive dashes or start with `garden`, or be longer than 63
    # characters.
    name:

    # The names of any services that this service depends on at runtime, and the names of any tasks that should be
    # executed before this service is deployed.
    dependencies: []

    # Set this to `true` to disable the service. You can use this with conditional template strings to enable/disable
    # services based on, for example, the current environment or other variables (e.g. `enabled: ${environment.name !=
    # "prod"}`). This can be handy when you only need certain services for specific environments, e.g. only for
    # development.
    #
    # Disabling a service means that it will not be deployed, and will also be ignored if it is declared as a runtime
    # dependency for another service, test or task.
    #
    # Note however that template strings referencing the service's outputs (i.e. runtime outputs) will fail to resolve
    # when the service is disabled, so you need to make sure to provide alternate values for those if you're using
    # them, using conditional expressions.
    disabled: false

    # The command/entrypoint to run the container with.
    command:

    # The arguments (on top of the `command`, i.e. entrypoint) to run the container with.
    args:

    # Key/value map of environment variables. Keys must be valid POSIX environment variable names (must not start with
    # `GARDEN`) and values must be primitives or references to secrets.
    env: {}

    cpu:
      # The minimum amount of CPU the container needs to be available for it to be deployed, in millicpus (i.e. 1000 =
      # 1 CPU)
      min: 10

      # The maximum amount of CPU the container can use, in millicpus (i.e. 1000 = 1 CPU). If set to null will result
      # in no limit being set.
      max: 1000

    memory:
      # The minimum amount of RAM the container needs to be available for it to be deployed, in megabytes (i.e. 1024 =
      # 1 GB)
      min: 90

      # The maximum amount of RAM the container can use, in megabytes (i.e. 1024 = 1 GB) If set to null will result in
      # no limit being set.
      max: 1024

    # List of volumes that should be mounted when starting the container.
    #
    # Note: If neither `hostPath` nor `module` is specified,
    # an empty ephemeral volume is created and mounted when deploying the container.
    volumes:
      - # The name of the allocated volume.
        name:

        # The path where the volume should be mounted in the container.
        containerPath:

        # _NOTE: Usage of hostPath is generally discouraged, since it doesn't work reliably across different platforms
        # and providers. Some providers may not support it at all._
        #
        # A local path or path on the node that's running the container, to mount in the container, relative to the
        # config source directory (or absolute).
        hostPath:

    # If true, run the main container in privileged mode. Processes in privileged containers are essentially
    # equivalent to root on the host. Defaults to false.
    privileged:

    # POSIX capabilities to add when running the container.
    addCapabilities:

    # POSIX capabilities to remove when running the container.
    dropCapabilities:

    # Specify if containers in this action have TTY support enabled (which implies having stdin support enabled).
    tty: false

    # Specifies the container's deployment strategy.
    deploymentStrategy: RollingUpdate

    # Annotations to attach to the service _(note: May not be applicable to all providers)_.
    #
    # When using the Kubernetes provider, these annotations are applied to both Service and Pod resources. You can
    # generally specify the annotations intended for both Pods or Services here, and the ones that don't apply on
    # either side will be ignored (i.e. if you put a Service annotation here, it'll also appear on Pod specs but will
    # be safely ignored there, and vice versa).
    annotations: {}

    # Whether to run the service as a daemon (to ensure exactly one instance runs per node). May not be supported by
    # all providers.
    daemon: false

    # Specifies which files or directories to sync to which paths inside the running containers of the service when
    # it's in sync mode, and overrides for the container command and/or arguments.
    #
    # Sync is enabled e.g. by setting the `--sync` flag on the `garden deploy` command.
    #
    # See the [Code Synchronization guide](https://docs.garden.io/cedar-0.14/guides/code-synchronization) for more
    # information.
    sync:
      # Override the default container arguments when in sync mode.
      args:

      # Override the default container command (i.e. entrypoint) when in sync mode.
      command:

      # Specify one or more source files or directories to automatically sync with the running container.
      paths:
        - # Path to a local directory to be synchronized with the target.
          # This should generally be a templated path to another action's source path (e.g.
          # `${actions.build.my-container-image.sourcePath}`), or a relative path.
          # If a path is hard-coded, we recommend sticking with relative paths here, and using forward slashes (`/`)
          # as a delimiter, as Windows-style paths with back slashes (`\`) and absolute paths will work on some
          # platforms, but they are not portable and will not work for users on other platforms.
          # Defaults to the Deploy action's config's directory if no value is provided.
          source: .

          # POSIX-style absolute path to sync to inside the container. The root path (i.e. "/") is not allowed.
          target:

          # Specify a list of POSIX-style paths or glob patterns that should be excluded from the sync.
          #
          # `.git` directories and `.garden` directories are always ignored.
          exclude:

          # The sync mode to use for the given paths. See the [Code Synchronization
          # guide](https://docs.garden.io/cedar-0.14/guides/code-synchronization) for details.
          mode: one-way-safe

          # The default permission bits, specified as an octal, to set on files at the sync target. Defaults to 0o644
          # (user can read/write, everyone else can read). See the [Mutagen
          # docs](https://mutagen.io/documentation/synchronization/permissions#permissions) for more information.
          defaultFileMode: 420

          # The default permission bits, specified as an octal, to set on directories at the sync target. Defaults to
          # 0o755 (user can read/write, everyone else can read). See the [Mutagen
          # docs](https://mutagen.io/documentation/synchronization/permissions#permissions) for more information.
          defaultDirectoryMode: 493

          # Set the default owner of files and directories at the target. Specify either an integer ID or a string
          # name. See the [Mutagen
          # docs](https://mutagen.io/documentation/synchronization/permissions#owners-and-groups) for more
          # information.
          defaultOwner:

          # Set the default group on files and directories at the target. Specify either an integer ID or a string
          # name. See the [Mutagen
          # docs](https://mutagen.io/documentation/synchronization/permissions#owners-and-groups) for more
          # information.
          defaultGroup:

    # Specify an image ID to deploy. Should be a valid Docker image identifier. Not required if the module has a
    # Dockerfile.
    image:

    # List of ingress endpoints that the service exposes.
    ingresses:
      - # Annotations to attach to the ingress (Note: May not be applicable to all providers)
        annotations: {}

        # The hostname that should route to this service. Defaults to the default hostname configured in the provider
        # configuration.
        #
        # Note that if you're developing locally you may need to add this hostname to your hosts file.
        hostname:

        # The link URL for the ingress to show in the console and in dashboards. Also used when calling the service
        # with the `call` command.
        #
        # Use this if the actual URL is different from what's specified in the ingress, e.g. because there's a load
        # balancer in front of the service that rewrites the paths.
        #
        # Otherwise Garden will construct the link URL from the ingress spec.
        linkUrl:

        # The path which should be routed to the service.
        path: /

        # The name of the container port where the specified paths should be routed.
        port:

    # Specify how the service's health should be checked after deploying.
    healthCheck:
      # Set this to check the service's health by making an HTTP request.
      httpGet:
        # The path of the service's health check endpoint.
        path:

        # The name of the port where the service's health check endpoint should be available.
        port:

        scheme: HTTP

      # Set this to check the service's health by running a command in its container.
      command:

      # Set this to check the service's health by checking if this TCP port is accepting connections.
      tcpPort:

      # The maximum number of seconds to wait until the readiness check counts as failed.
      readinessTimeoutSeconds: 3

      # The maximum number of seconds to wait until the liveness check counts as failed.
      livenessTimeoutSeconds: 3

    # The maximum duration (in seconds) to wait for resources to deploy and become healthy.
    timeout: 300

    # Specify resource limits for the service.
    limits:
      # The maximum amount of CPU the service can use, in millicpus (i.e. 1000 = 1 CPU)
      cpu:

      # The maximum amount of RAM the service can use, in megabytes (i.e. 1024 = 1 GB)
      memory:

    # List of ports that the service container exposes.
    ports:
      - # The name of the port (used when referencing the port elsewhere in the service configuration).
        name:

        # The protocol of the port.
        protocol: TCP

        # The port exposed on the container by the running process. This will also be the default value for
        # `servicePort`.
        # This is the port you would expose in your Dockerfile and that your process listens on. This is commonly a
        # non-privileged port like 8080 for security reasons.
        # The service port maps to the container port:
        # `servicePort:80 -> containerPort:8080 -> process:8080`
        containerPort:

        # Specify a preferred local port to attach to when creating a port-forward to the service port. If this port
        # is
        # busy, a warning will be shown and an alternative port chosen.
        localPort:

        # The port exposed on the service. Defaults to `containerPort` if not specified.
        # This is the port you use when calling a service from another service within the cluster. For example, if
        # your service name is my-service and the service port is 8090, you would call it with:
        # http://my-service:8090/some-endpoint.
        # It is common to use port 80, the default port number, so that you can call the service directly with
        # http://my-service/some-endpoint.
        # The service port maps to the container port:
        # `servicePort:80 -> containerPort:8080 -> process:8080`
        servicePort:

        # Number of port to expose on the pod's IP address.
        hostPort:

        # Set this to expose the service on the specified port on the host node (may not be supported by all
        # providers). Set to `true` to have the cluster pick a port automatically, which is most often advisable if
        # the cluster is shared by multiple users.
        # This allows you to call the service from the outside by the node's IP address and the port number set in
        # this field.
        nodePort:

    # The number of instances of the service to deploy. Defaults to 3 for environments configured with `production:
    # true`, otherwise 1.
    # Note: This setting may be overridden or ignored in some cases. For example, when running with `daemon: true` or
    # if the provider doesn't support multiple replicas.
    replicas:

# A list of tests to run in the module.
tests:
  - # The name of the test.
    name:

    # The names of any services that must be running, and the names of any tasks that must be executed, before the
    # test is run.
    dependencies: []

    # Set this to `true` to disable the test. You can use this with conditional template strings to
    # enable/disable tests based on, for example, the current environment or other variables (e.g.
    # `enabled: ${environment.name != "prod"}`). This is handy when you only want certain tests to run in
    # specific environments, e.g. only during CI.
    disabled: false

    # Maximum duration (in seconds) of the test run.
    timeout: 600

    # The command/entrypoint to run the container with.
    command:

    # The arguments (on top of the `command`, i.e. entrypoint) to run the container with.
    args:

    # Key/value map of environment variables. Keys must be valid POSIX environment variable names (must not start with
    # `GARDEN`) and values must be primitives or references to secrets.
    env: {}

    cpu:
      # The minimum amount of CPU the container needs to be available for it to be deployed, in millicpus (i.e. 1000 =
      # 1 CPU)
      min: 10

      # The maximum amount of CPU the container can use, in millicpus (i.e. 1000 = 1 CPU). If set to null will result
      # in no limit being set.
      max: 1000

    memory:
      # The minimum amount of RAM the container needs to be available for it to be deployed, in megabytes (i.e. 1024 =
      # 1 GB)
      min: 90

      # The maximum amount of RAM the container can use, in megabytes (i.e. 1024 = 1 GB) If set to null will result in
      # no limit being set.
      max: 1024

    # List of volumes that should be mounted when starting the container.
    #
    # Note: If neither `hostPath` nor `module` is specified,
    # an empty ephemeral volume is created and mounted when deploying the container.
    volumes:
      - # The name of the allocated volume.
        name:

        # The path where the volume should be mounted in the container.
        containerPath:

        # _NOTE: Usage of hostPath is generally discouraged, since it doesn't work reliably across different platforms
        # and providers. Some providers may not support it at all._
        #
        # A local path or path on the node that's running the container, to mount in the container, relative to the
        # config source directory (or absolute).
        hostPath:

    # If true, run the main container in privileged mode. Processes in privileged containers are essentially
    # equivalent to root on the host. Defaults to false.
    privileged:

    # POSIX capabilities to add when running the container.
    addCapabilities:

    # POSIX capabilities to remove when running the container.
    dropCapabilities:

    # Specify if containers in this action have TTY support enabled (which implies having stdin support enabled).
    tty: false

    # Specifies the container's deployment strategy.
    deploymentStrategy: RollingUpdate

    # Specify artifacts to copy out of the container after the run. The artifacts are stored locally under the
    # `.garden/artifacts` directory.
    #
    # Note: Depending on the provider, this may require the container image to include `sh` `tar`, in order to enable
    # the file transfer.
    artifacts:
      - # A POSIX-style path or glob to copy. Must be an absolute path. May contain wildcards.
        source:

        # A POSIX-style path to copy the artifacts to, relative to the project artifacts directory at
        # `.garden/artifacts`.
        target: .

    # Specify an image ID to deploy. Should be a valid Docker image identifier. Not required if the module has a
    # Dockerfile.
    image:

    # Set to false if you don't want the Test action result to be cached. Use this if the Test action needs to be run
    # any time your project (or one or more of the Test action's dependants) is deployed. Otherwise the Test action is
    # only re-run when its version changes, or when you run `garden run`.
    cacheResult: true

# A list of tasks that can be run from this container module. These can be used as dependencies for services (executed
# before the service is deployed) or for other tasks.
tasks:
  - # The name of the task.
    name:

    # A description of the task.
    description:

    # The names of any tasks that must be executed, and the names of any services that must be running, before this
    # task is executed.
    dependencies: []

    # Set this to `true` to disable the task. You can use this with conditional template strings to enable/disable
    # tasks based on, for example, the current environment or other variables (e.g. `enabled: ${environment.name !=
    # "prod"}`). This can be handy when you only want certain tasks to run in specific environments, e.g. only for
    # development.
    #
    # Disabling a task means that it will not be run, and will also be ignored if it is declared as a runtime
    # dependency for another service, test or task.
    #
    # Note however that template strings referencing the task's outputs (i.e. runtime outputs) will fail to resolve
    # when the task is disabled, so you need to make sure to provide alternate values for those if you're using them,
    # using conditional expressions.
    disabled: false

    # Maximum duration (in seconds) of the task's execution.
    timeout: 600

    # The command/entrypoint to run the container with.
    command:

    # The arguments (on top of the `command`, i.e. entrypoint) to run the container with.
    args:

    # Key/value map of environment variables. Keys must be valid POSIX environment variable names (must not start with
    # `GARDEN`) and values must be primitives or references to secrets.
    env: {}

    cpu:
      # The minimum amount of CPU the container needs to be available for it to be deployed, in millicpus (i.e. 1000 =
      # 1 CPU)
      min: 10

      # The maximum amount of CPU the container can use, in millicpus (i.e. 1000 = 1 CPU). If set to null will result
      # in no limit being set.
      max: 1000

    memory:
      # The minimum amount of RAM the container needs to be available for it to be deployed, in megabytes (i.e. 1024 =
      # 1 GB)
      min: 90

      # The maximum amount of RAM the container can use, in megabytes (i.e. 1024 = 1 GB) If set to null will result in
      # no limit being set.
      max: 1024

    # List of volumes that should be mounted when starting the container.
    #
    # Note: If neither `hostPath` nor `module` is specified,
    # an empty ephemeral volume is created and mounted when deploying the container.
    volumes:
      - # The name of the allocated volume.
        name:

        # The path where the volume should be mounted in the container.
        containerPath:

        # _NOTE: Usage of hostPath is generally discouraged, since it doesn't work reliably across different platforms
        # and providers. Some providers may not support it at all._
        #
        # A local path or path on the node that's running the container, to mount in the container, relative to the
        # config source directory (or absolute).
        hostPath:

    # If true, run the main container in privileged mode. Processes in privileged containers are essentially
    # equivalent to root on the host. Defaults to false.
    privileged:

    # POSIX capabilities to add when running the container.
    addCapabilities:

    # POSIX capabilities to remove when running the container.
    dropCapabilities:

    # Specify if containers in this action have TTY support enabled (which implies having stdin support enabled).
    tty: false

    # Specifies the container's deployment strategy.
    deploymentStrategy: RollingUpdate

    # Specify artifacts to copy out of the container after the run. The artifacts are stored locally under the
    # `.garden/artifacts` directory.
    #
    # Note: Depending on the provider, this may require the container image to include `sh` `tar`, in order to enable
    # the file transfer.
    artifacts:
      - # A POSIX-style path or glob to copy. Must be an absolute path. May contain wildcards.
        source:

        # A POSIX-style path to copy the artifacts to, relative to the project artifacts directory at
        # `.garden/artifacts`.
        target: .

    # Specify an image ID to deploy. Should be a valid Docker image identifier. Not required if the module has a
    # Dockerfile.
    image:

    # Set to false if you don't want the Run action result to be cached. Use this if the Run action needs to be run
    # any time your project (or one or more of the Run action's dependants) is deployed. Otherwise the Run action is
    # only re-run when its version changes, or when you run `garden run`.
    cacheResult: true

type: "container"

name: "my-sweet-module"

build:
  ...
  dependencies:
    - name: some-other-module-name

include:
  - Dockerfile
  - my-app.js

exclude:
  - tmp/**/*
  - '*.log'

repositoryUrl: "git+https://github.com/org/repo.git#v2.0"

varfile: "my-module.env"

  RUN --mount=type=secret,id=mytoken TOKEN=$(cat /run/secrets/mytoken) ...

secrets:
    mytoken: supersecret

services:
  - command:
      - /bin/sh
      - '-c'

services:
  - args:
      - npm
      - start

services:
  - env:
        - MY_VAR: some-value
          MY_SECRET_VAR:
            secretRef:
              name: my-secret
              key: some-key
        - {}

services:
  - volumes:
      - hostPath: "/some/dir"

services:
  - annotations:
        nginx.ingress.kubernetes.io/proxy-body-size: '0'

services:
  - sync:
      ...
      paths:
        - source: "src"

services:
  - sync:
      ...
      paths:
        - target: "/app/src"

services:
  - sync:
      ...
      paths:
        - exclude:
            - dist/**/*
            - '*.log'

services:
  - ingresses:
      - path: /api
        port: http

services:
  - ingresses:
      - path: /api
        port: http
      - annotations:
            nginx.ingress.kubernetes.io/proxy-body-size: '0'

services:
  - ports:
      - containerPort: 8080

services:
  - ports:
      - localPort: 10080

services:
  - ports:
      - servicePort: 80

tests:
  - command:
      - /bin/sh
      - '-c'

tests:
  - args:
      - npm
      - start

tests:
  - env:
        - MY_VAR: some-value
          MY_SECRET_VAR:
            secretRef:
              name: my-secret
              key: some-key
        - {}

tests:
  - volumes:
      - hostPath: "/some/dir"

tests:
  - artifacts:
      - source: /report/**/*

tests:
  - artifacts:
      - source: /report/**/*
      - source: "/output/**/*"

tests:
  - artifacts:
      - source: /report/**/*
      - target: "outputs/foo/"

tasks:
  - command:
      - /bin/sh
      - '-c'

tasks:
  - args:
      - npm
      - start

tasks:
  - env:
        - MY_VAR: some-value
          MY_SECRET_VAR:
            secretRef:
              name: my-secret
              key: some-key
        - {}

tasks:
  - volumes:
      - hostPath: "/some/dir"

tasks:
  - artifacts:
      - source: /report/**/*

tasks:
  - artifacts:
      - source: /report/**/*
      - source: "/output/**/*"

tasks:
  - artifacts:
      - source: /report/**/*
      - target: "outputs/foo/"

my-variable: ${modules.my-module.buildPath}

my-variable: ${modules.my-module.path}

my-variable: ${modules.my-module.version}

my-variable: ${runtime.services.my-service.version}

my-variable: ${runtime.tasks.my-tasks.version}