Containers | JetBrains Space

How does it work

To run a step in a container, use the container block:
job("Example"){ // displayName is optional // it will be shown in the job run results container(displayName = "Say Hello", image = "alpine") { shellScript { content = "echo Hello" } } }
You can use container images either from Docker Hub or from your own Space Packages registries.
Depending on your task, in a container, you can run a shell script, arbitrary Kotlin code, or a container image command.
All these three options are mutually exclusive.
During the run, the container has access to the project repository.
You can adjust container resources for resource-consuming steps.
If your job requires additional network services like MySQL or Redis, you can run them in service containers.
The environment where a job will eventually run (cloud or self-hosted workers) depends on the Default worker pool parameter and job requirements. Learn more about how to specify job run environment.
Containers are billed for each minute of work based on the run environment. Learn more

Selecting a container image

You can use two sources of container images:

Docker Hub.
To use an image from Docker Hub, specify the image name:
container(image = "hello-world")
Note that Space caches the images downloaded from Docker Hub. The cache lifetime is no longer than three hours. The disk space required for storing cached images is provided free of charge.
Your Space Packages registry.
To use an image from Space Packages, specify the full image URL:
container(image = "mycompany.registry.jetbrains.space/p/projectkey/mydocker/hello-world")
Important: If you want to use an image from a private registry created in another project, you must first attach this private registry to the current project.

Directory structure

Automation stores the project data in a separate directory inside /mnt:

            /
            ├─── mnt
            │   └─── space
            │       ├─── share // file share
            │       ├─── system // non-user system files
            │       └─── work
            │           ├─── {git-repo-name} // cloned git repository (working directory)
            │           ├─── ... // other project repos (only if specified in the script)
            │           └─── ...
            ...
        

In more detail: Before running user jobs, Automation runs a hidden "bootstrap" job that

creates a disk volume,
clones the project sources from the Git server to the volume,
mounts the volume to the container. By default, the volume is mounted to /mnt/space:
- You can change the default location with the mountDir variable.
- Inside the mountDir, Automation creates the work directory – the parent directory for storing project sources (the default full path is /mnt/space/work).
- By default, the project sources location is /mnt/space/work/{git-repo-name}. Here {git-repo-name} stands for the project's Git repository name. It is also the container's default working directory. For details on how to work with project repositories, refer to Check out Source Code.
- The volume also contains $mountDir/share: external storage used for file sharing.

What can you run in a container

Shell scripts:
job("Run shell script") { container(displayName = "Show dir contents", image = "ubuntu") { shellScript { interpreter = "/bin/bash" content = """ echo Working dir contents ls /mnt/space/work """ } } }
Learn more
Arbitrary Kotlin code:
job("Run Kotlin code") { container(displayName = "Say Hello", image = "openjdk:latest") { kotlinScript { api -> println("Hello world!") } } }
Learn more
Container image commands:
job("Run container command") { container(displayName = "Say Hello", image = "alpine") { args("echo", "Hello World!") } }
Learn more

Is it possible to run kotlinScript, shellScript, and entrypoint in the same container?

No, it's not possible. The kotlinScript, shellScript, and args | entrypoint items are mutually exclusive. If you specify more than one inside a container, the job will fail.

Correct	Wrong
job("This job works") { container(image = "openjdk") { kotlinScript { api -> // Do smth. } } container(image = "alpine") { shellScript { content = """ echo Do smth. """ } } }	job("This job fails") { container(image = "openjdk") { kotlinScript { api -> // Do smth. } shellScript { content = """ echo Do smth. """ } } }

Container resources

A job can contain not more than 50 containers (steps). Each container has the following resources constraints:

	Default	Max	Min
Virtual CPUs	2 vCPU	8 vCPU, 4 vCPU for the Free plan	0.363 vCPU
Memory	7800 MB	31200 MB, 15600 MB for the Free plan	–

Note that all containers within a job use the same disk volume (it contains the project repository). The default volume size is 5 GB and the maximum allowed size is 30 GB. To specify resources and volume size, you should use resources and volumeSize correspondingly. Note that all items support units:

cpu: You can set a value in .cpu or .mcpu (millicpu), for example, cpu = 250.mcpu is the same as cpu = 0.25.cpu.
memory and volumeSize: You can set their values in .mb (MB) and .gb (GB), for example, volumeSize = 10.gb.

            job("Example") {
                // 10 GB
                volumeSize = 10.gb

                container(image = "alpine") {
                    resources {
                        // 500.mcpu = 0.5.cpu
                        cpu = 0.5.cpu
                        // 2000 MB
                        memory = 2000.mb
                    }
                }
            }
        

Destination ports for outbound connections

Allowed	Blocked
All types of ICMP 0 – 1024/UDP and TCP 9418/UDP and TCP (Git pack transfer service)	1025 – 65535/UDP and TCP Any kind of SMTP and IMAP: 25/TCP, 25/UDP, 587/TCP, 465/TCP, 993/TCP, 993/UDP, 143/TCP, 143/UDP