Workflow Configuration

Below is the schema reference for Workflow configuration files. For an introduction to configuring a Garden project, please look at our configuration guide.

The reference is divided into two sections:

YAML Schema

The values in the schema below are the default values.

kind: Workflow

# The name of this workflow.
name:

# A description of the workflow.
description:

# A map of environment variables to use for the workflow. These will be available to all steps in the workflow.
envVars: {}

# A list of files to write before starting the workflow.
#
# This is useful to e.g. create files required for provider authentication, and can be created from data stored in
# secrets or templated strings.
#
# Note that you cannot reference provider configuration in template strings within this field, since they are resolved
# after these files are generated. This means you can reference the files specified here in your provider
# configurations.
files:
  - # POSIX-style path to write the file to, relative to the project root (or absolute). If the path contains one
    # or more directories, they are created automatically if necessary.
    # If any of those directories conflict with existing file paths, or if the file path conflicts with an existing
    # directory path, an error will be thrown.
    # **Any existing file with the same path will be overwritten, so be careful not to accidentally overwrite files
    # unrelated to your workflow.**
    path:

    # The file data as a string.
    data:

    # The name of a Garden secret to copy the file data from (Garden Cloud only).
    secretName:

# The number of hours to keep the workflow pod running after completion.
keepAliveHours: 48

resources:
  requests:
    # The minimum amount of CPU the workflow needs in order to be scheduled, in millicpus (i.e. 1000 = 1 CPU).
    cpu:

    # The minimum amount of RAM the workflow needs in order to be scheduled, in megabytes (i.e. 1024 = 1 GB).
    memory:

  limits:
    # The maximum amount of CPU the workflow pod can use, in millicpus (i.e. 1000 = 1 CPU).
    cpu:

    # The maximum amount of RAM the workflow pod can use, in megabytes (i.e. 1024 = 1 GB).
    memory:

  # The maximum amount of CPU the workflow pod can use, in millicpus (i.e. 1000 = 1 CPU).
  cpu:

  # The maximum amount of RAM the workflow pod can use, in megabytes (i.e. 1024 = 1 GB).
  memory:

# The steps the workflow should run. At least one step is required. Steps are run sequentially. If a step fails,
# subsequent steps are skipped.
steps:
  - # An identifier to assign to this step. If none is specified, this defaults to "step-<number of step>", where
    # <number of step> is the sequential number of the step (first step being number 1).
    #
    # This identifier is useful when referencing command outputs in following steps. For example, if you set this
    # to "my-step", following steps can reference the ${steps.my-step.outputs.*} key in the `script` or `command`
    # fields.
    name:

    # A Garden command this step should run, followed by any required or optional arguments and flags.
    #
    # Note that commands that are _persistent_β€”e.g. the dev command, commands with a watch flag set, the logs command
    # with following enabled etc.β€”are not supported. In general, workflow steps should run to completion.
    #
    # Global options like --env, --log-level etc. are currently not supported for built-in commands, since they are
    # handled before the individual steps are run.
    command:

    # A description of the workflow step.
    description:

    # A map of environment variables to use when running script steps. Ignored for `command` steps.
    #
    # Note: Environment variables provided here take precedence over any environment variables configured at the
    # workflow level.
    envVars: {}

    # A bash script to run. Note that the host running the workflow must have bash installed and on path.
    # It is considered to have run successfully if it returns an exit code of 0. Any other exit code signals an error,
    # and the remainder of the workflow is aborted.
    #
    # The script may include template strings, including references to previous steps.
    script:

    # Set to true to skip this step. Use this with template conditionals to skip steps for certain environments or
    # scenarios.
    skip: false

    # If used, this step will be run under the following conditions (may use template strings):
    #
    # `onSuccess` (default): This step will be run if all preceding steps succeeded or were skipped.
    #
    # `onError`: This step will be run if a preceding step failed, or if its preceding step has `when: onError`.
    # If the next step has `when: onError`, it will also be run. Otherwise, all subsequent steps are ignored.
    #
    # `always`: This step will always be run, regardless of whether any preceding steps have failed.
    #
    # `never`: This step will always be ignored.
    #
    # See the [workflows guide](https://docs.garden.io/using-garden/workflows#the-skip-and-when-options) for details
    # and examples.
    when: onSuccess

# A list of triggers that determine when the workflow should be run, and which environment should be used (Garden
# Cloud only).
triggers:
  - # The environment name (from your project configuration) to use for the workflow when matched by this trigger.
    environment:

    # The namespace to use for the workflow when matched by this trigger. Follows the namespacing setting used for
    # this trigger's environment, as defined in your project's environment configs.
    namespace:

    # A list of [GitHub
    # events](https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads) that
    # should trigger this workflow.
    #
    # See the Garden Cloud documentation on [configuring
    # workflows](https://cloud.docs.garden.io/getting-started/workflows) for more details.
    #
    # Supported events:
    #
    # `pull-request`, `pull-request-closed`, `pull-request-merged`, `pull-request-opened`, `pull-request-reopened`,
    # `pull-request-updated`, `push`
    #
    #
    events:

    # If specified, only run the workflow for branches matching one of these filters. These filters refer to the
    # pull/merge request's head branch (e.g. `my-feature-branch`), not the base branch that the pull/merge request
    # would be merged into if approved (e.g. `main`).
    branches:

    # If specified, only run the workflow for pull/merge requests whose base branch matches one of these filters.
    baseBranches:

    # If specified, do not run the workflow for branches matching one of these filters. These filters refer to the
    # pull/merge request's head branch (e.g. `my-feature-branch`), not the base branch that the pull/merge request
    # would be merged into if approved (e.g. `main`).
    ignoreBranches:

    # If specified, do not run the workflow for pull/merge requests whose base branch matches one of these filters.
    ignoreBaseBranches:

Configuration Keys

kind

TypeAllowed ValuesDefaultRequired

string

"Workflow"

"Workflow"

Yes

name

The name of this workflow.

TypeRequired

string

Yes

Example:

name: "my-workflow"

description

A description of the workflow.

TypeRequired

string

No

envVars

A map of environment variables to use for the workflow. These will be available to all steps in the workflow.

TypeDefaultRequired

object

{}

No

files[]

A list of files to write before starting the workflow.

This is useful to e.g. create files required for provider authentication, and can be created from data stored in secrets or templated strings.

Note that you cannot reference provider configuration in template strings within this field, since they are resolved after these files are generated. This means you can reference the files specified here in your provider configurations.

TypeDefaultRequired

array[object]

[]

No

files[].path

files > path

POSIX-style path to write the file to, relative to the project root (or absolute). If the path contains one or more directories, they are created automatically if necessary. If any of those directories conflict with existing file paths, or if the file path conflicts with an existing directory path, an error will be thrown. Any existing file with the same path will be overwritten, so be careful not to accidentally overwrite files unrelated to your workflow.

TypeRequired

posixPath

No

Example:

files:
  - path: ".auth/kubeconfig.yaml"

files[].data

files > data

The file data as a string.

TypeRequired

string

No

files[].secretName

files > secretName

The name of a Garden secret to copy the file data from (Garden Cloud only).

TypeRequired

string

No

keepAliveHours

The number of hours to keep the workflow pod running after completion.

TypeDefaultRequired

number

48

No

resources

TypeRequired

object

No

resources.requests

resources > requests

TypeDefaultRequired

object

{"cpu":50,"memory":64}

No

resources.requests.cpu

resources > requests > cpu

The minimum amount of CPU the workflow needs in order to be scheduled, in millicpus (i.e. 1000 = 1 CPU).

TypeRequired

number

No

resources.requests.memory

resources > requests > memory

The minimum amount of RAM the workflow needs in order to be scheduled, in megabytes (i.e. 1024 = 1 GB).

TypeRequired

number

No

resources.limits

resources > limits

TypeDefaultRequired

object

{"cpu":1000,"memory":1024}

No

resources.limits.cpu

resources > limits > cpu

The maximum amount of CPU the workflow pod can use, in millicpus (i.e. 1000 = 1 CPU).

TypeRequired

number

No

resources.limits.memory

resources > limits > memory

The maximum amount of RAM the workflow pod can use, in megabytes (i.e. 1024 = 1 GB).

TypeRequired

number

No

limits

Deprecated: This field will be removed in a future release.

TypeRequired

object

No

limits.cpu

limits > cpu

The maximum amount of CPU the workflow pod can use, in millicpus (i.e. 1000 = 1 CPU).

TypeRequired

number

No

limits.memory

limits > memory

The maximum amount of RAM the workflow pod can use, in megabytes (i.e. 1024 = 1 GB).

TypeRequired

number

No

steps[]

The steps the workflow should run. At least one step is required. Steps are run sequentially. If a step fails, subsequent steps are skipped.

TypeDefaultRequired

array[object]

[]

Yes

steps[].name

steps > name

An identifier to assign to this step. If none is specified, this defaults to "step-", where is the sequential number of the step (first step being number 1).

This identifier is useful when referencing command outputs in following steps. For example, if you set this to "my-step", following steps can reference the ${steps.my-step.outputs.*} key in the script or command fields.

TypeRequired

string

No

steps[].command[]

steps > command

A Garden command this step should run, followed by any required or optional arguments and flags.

Note that commands that are persistentβ€”e.g. the dev command, commands with a watch flag set, the logs command with following enabled etc.β€”are not supported. In general, workflow steps should run to completion.

Global options like --env, --log-level etc. are currently not supported for built-in commands, since they are handled before the individual steps are run.

TypeRequired

array[string]

No

Example:

steps:
  - command:
      - run
      - my-task

steps[].description

steps > description

A description of the workflow step.

TypeRequired

string

No

steps[].envVars

steps > envVars

A map of environment variables to use when running script steps. Ignored for command steps.

Note: Environment variables provided here take precedence over any environment variables configured at the workflow level.

TypeDefaultRequired

object

{}

No

steps[].script

steps > script

A bash script to run. Note that the host running the workflow must have bash installed and on path. It is considered to have run successfully if it returns an exit code of 0. Any other exit code signals an error, and the remainder of the workflow is aborted.

The script may include template strings, including references to previous steps.

TypeRequired

string

No

steps[].skip

steps > skip

Set to true to skip this step. Use this with template conditionals to skip steps for certain environments or scenarios.

TypeDefaultRequired

boolean

false

No

Example:

steps:
  - skip: "${environment.name != 'prod'}"

steps[].when

steps > when

If used, this step will be run under the following conditions (may use template strings):

onSuccess (default): This step will be run if all preceding steps succeeded or were skipped.

onError: This step will be run if a preceding step failed, or if its preceding step has when: onError. If the next step has when: onError, it will also be run. Otherwise, all subsequent steps are ignored.

always: This step will always be run, regardless of whether any preceding steps have failed.

never: This step will always be ignored.

See the workflows guide for details and examples.

TypeDefaultRequired

string

"onSuccess"

No

triggers[]

A list of triggers that determine when the workflow should be run, and which environment should be used (Garden Cloud only).

TypeRequired

array[object]

No

triggers[].environment

triggers > environment

The environment name (from your project configuration) to use for the workflow when matched by this trigger.

TypeRequired

string

Yes

triggers[].namespace

triggers > namespace

The namespace to use for the workflow when matched by this trigger. Follows the namespacing setting used for this trigger's environment, as defined in your project's environment configs.

TypeRequired

string

No

triggers[].events[]

triggers > events

A list of GitHub events that should trigger this workflow.

See the Garden Cloud documentation on configuring workflows for more details.

Supported events:

pull-request, pull-request-closed, pull-request-merged, pull-request-opened, pull-request-reopened, pull-request-updated, push

TypeRequired

array[string]

No

triggers[].branches[]

triggers > branches

If specified, only run the workflow for branches matching one of these filters. These filters refer to the pull/merge request's head branch (e.g. my-feature-branch), not the base branch that the pull/merge request would be merged into if approved (e.g. main).

TypeRequired

array[string]

No

triggers[].baseBranches[]

triggers > baseBranches

If specified, only run the workflow for pull/merge requests whose base branch matches one of these filters.

TypeRequired

array[string]

No

triggers[].ignoreBranches[]

triggers > ignoreBranches

If specified, do not run the workflow for branches matching one of these filters. These filters refer to the pull/merge request's head branch (e.g. my-feature-branch), not the base branch that the pull/merge request would be merged into if approved (e.g. main).

TypeRequired

array[string]

No

triggers[].ignoreBaseBranches[]

triggers > ignoreBaseBranches

If specified, do not run the workflow for pull/merge requests whose base branch matches one of these filters.

TypeRequired

array[string]

No

Last updated