Advanced Template Placeholders & Compute Processors
Simple Container provides an advanced template placeholder system that automatically injects environment variables and secrets when resources are used in your deployments. This is powered by compute processors that understand how to connect your services to the resources they depend on.
Overview
When you reference resources in your client.yaml using the uses or dependencies sections, Simple Container's compute processors automatically:
- Inject environment variables with connection details, credentials, and configuration
- Inject secrets for sensitive data like passwords and API keys
- Resolve template placeholders like
${resource:name.property}and${dependency:name.property}
This eliminates the need to manually configure connection strings, credentials, and other resource-specific details.
Environment Variable Precedence
Simple Container follows a specific precedence order for environment variables:
- docker-compose.yaml - Base values for local development
- client.yaml
envsection - Overrides docker-compose values for deployment - client.yaml
secretssection - Highest precedence for sensitive values
This design allows you to have docker-compose.yaml files that work locally for development while automatically getting production values when deployed via Simple Container.
How It Works
Resource Usage (uses section)
When you reference a resource from your parent stack:
# client.yaml
stacks:
production:
type: cloud-compose
parent: myorg/infrastructure
config:
uses: [postgres-db, s3-storage]
runs: [web-app, worker]
The compute processors automatically inject the necessary environment variables and secrets into your containers.
Cross-Service Dependencies (dependencies section)
When you need to connect to another service's shared resources:
# client.yaml
stacks:
production:
type: cloud-compose
parent: myorg/infrastructure
config:
uses: [redis-cache]
runs: [api-service]
dependencies:
- name: billing-db
owner: myproject/billing-service
resource: postgres-cluster
Template Placeholders
Resource Placeholders
Access properties of resources defined in your parent stack in client.yaml:
# client.yaml - Using resource placeholders in env/secrets sections
stacks:
production:
type: cloud-compose
parent: myorg/infrastructure
config:
uses: [postgres-db, s3-storage, redis-cache]
runs: [web-app]
env:
DATABASE_URL: "${resource:postgres-db.url}"
S3_BUCKET: "${resource:s3-storage.bucket}"
REDIS_HOST: "${resource:redis-cache.host}"
Dependency Placeholders
Access properties of resources from other services in client.yaml:
# client.yaml - Using dependency placeholders in env/secrets sections
stacks:
production:
type: cloud-compose
parent: myorg/infrastructure
config:
uses: [redis-cache]
runs: [api-service]
dependencies:
- name: billing-db
owner: myproject/billing-service
resource: postgres-cluster
- name: shared-files
owner: myproject/file-service
resource: s3-storage
env:
BILLING_DB_URL: "${dependency:billing-db.url}"
SHARED_STORAGE: "${dependency:shared-files.bucket}"
Compute Processors by Resource Type
AWS Resources
S3 Bucket
AWS S3 bucket connection details and credentials.
Auto-injected Environment Variables:
S3_<BUCKET_NAME>_REGION- Bucket region (specific bucket)S3_<BUCKET_NAME>_BUCKET- Bucket name (specific bucket)S3_<BUCKET_NAME>_ACCESS_KEY- Access key ID (specific bucket, secret)S3_<BUCKET_NAME>_SECRET_KEY- Secret access key (specific bucket, secret)S3_REGION- Generic bucket regionS3_BUCKET- Generic bucket nameS3_ACCESS_KEY- Generic access key ID (secret)S3_SECRET_KEY- Generic secret access key (secret)
Template Placeholders:
${resource:bucket-name.bucket}- Bucket name${resource:bucket-name.region}- Bucket region${resource:bucket-name.access-key}- Access key ID${resource:bucket-name.secret-key}- Secret access key
RDS PostgreSQL
Auto-injected Environment Variables:
PGHOST_<NAME>- Database hostPGUSER_<NAME>- Database usernamePGPORT_<NAME>- Database portPGDATABASE_<NAME>- Database namePGPASSWORD_<NAME>- Database password (secret)PGHOST- Generic database hostPGUSER- Generic database usernamePGPORT- Generic database portPGDATABASE- Generic database namePGPASSWORD- Generic database password (secret)
Template Placeholders:
${resource:postgres-name.url}- Full connection URL${resource:postgres-name.host}- Database host${resource:postgres-name.port}- Database port${resource:postgres-name.user}- Database username${resource:postgres-name.database}- Database name${resource:postgres-name.password}- Database password
RDS MySQL
AWS RDS MySQL database connection details and credentials.
Auto-injected Environment Variables:
MYSQL_HOST_<NAME>- Database host (specific database)MYSQL_USER_<NAME>- Database username (specific database)MYSQL_PORT_<NAME>- Database port (specific database)MYSQL_DB_<NAME>- Database name (specific database)MYSQL_PASSWORD_<NAME>- Database password (specific database, secret)MYSQL_HOST- Generic database hostMYSQL_USER- Generic database usernameMYSQL_PORT- Generic database portMYSQL_DB- Generic database nameMYSQL_PASSWORD- Generic database password (secret)
Template Placeholders:
${resource:mysql-name.host}- Database host${resource:mysql-name.port}- Database port${resource:mysql-name.user}- Database username${resource:mysql-name.database}- Database name${resource:mysql-name.password}- Database password${resource:mysql-name.url}- Database endpoint URL
GCP Resources
GCP Bucket
Google Cloud Storage bucket with S3-compatible access via HMAC keys.
Auto-injected Environment Variables:
Bucket-Specific Variables (where BUCKET_NAME is the sanitized bucket name):
- GCS_<BUCKET_NAME>_BUCKET - Bucket name
- GCS_<BUCKET_NAME>_LOCATION - Bucket location/region
- GCS_<BUCKET_NAME>_ACCESS_KEY - HMAC access key ID (secret)
- GCS_<BUCKET_NAME>_SECRET_KEY - HMAC secret key (secret)
- GCS_<BUCKET_NAME>_ENDPOINT - GCS S3-compatible endpoint
S3-Compatible Variables (for applications expecting AWS S3):
- S3_<BUCKET_NAME>_BUCKET - Bucket name
- S3_<BUCKET_NAME>_REGION - Bucket location/region
- S3_<BUCKET_NAME>_ACCESS_KEY - HMAC access key ID (secret)
- S3_<BUCKET_NAME>_SECRET_KEY - HMAC secret key (secret)
- S3_<BUCKET_NAME>_ENDPOINT - GCS S3-compatible endpoint
Generic Variables (when only one bucket is used):
- GCS_BUCKET - Bucket name
- GCS_LOCATION - Bucket location
- GCS_ACCESS_KEY - HMAC access key ID (secret)
- GCS_SECRET_KEY - HMAC secret key (secret)
- GCS_ENDPOINT - GCS S3-compatible endpoint
AWS SDK Compatible Variables (for seamless AWS SDK integration):
- AWS_ACCESS_KEY_ID - HMAC access key ID (secret)
- AWS_SECRET_ACCESS_KEY - HMAC secret key (secret)
- S3_ENDPOINT - GCS S3-compatible endpoint
- S3_BUCKET - Bucket name
- S3_REGION - Bucket location
Template Placeholders:
- ${resource:bucket-name.bucket} - Bucket name
- ${resource:bucket-name.location} - Bucket location
- ${resource:bucket-name.access-key} - HMAC access key ID
- ${resource:bucket-name.secret-key} - HMAC secret key
- ${resource:bucket-name.endpoint} - S3-compatible endpoint
GKE Autopilot
Note: GKE Autopilot compute processor is currently not implemented. No environment variables are automatically injected for GKE Autopilot resources at this time.
PostgreSQL Cloud SQL
PostgreSQL database connection details similar to AWS RDS.
Auto-injected Environment Variables:
POSTGRES_HOST- Database host (localhost via Cloud SQL Proxy)POSTGRES_PORT- Database port (5432)POSTGRES_USERNAME- Database username (stack name)POSTGRES_DATABASE- Database name (stack name)POSTGRES_PASSWORD- Database password (auto-generated)PGHOST- PostgreSQL host (localhost via Cloud SQL Proxy)PGPORT- PostgreSQL port (5432)PGUSER- PostgreSQL usernamePGDATABASE- PostgreSQL database namePGPASSWORD- PostgreSQL password
Template Placeholders:
${resource:postgres-name.host}- Database host${resource:postgres-name.port}- Database port${resource:postgres-name.user}- Database username${resource:postgres-name.database}- Database name${resource:postgres-name.password}- Database password
Redis Memorystore
Redis cache connection details for Google Cloud Memorystore.
Auto-injected Environment Variables:
REDIS_HOST- Redis instance hostREDIS_PORT- Redis instance port (defaults to 6379 if not available)
Template Placeholders:
${resource:redis-name.host}- Redis host${resource:redis-name.port}- Redis port
Kubernetes Resources
Helm Postgres Operator
PostgreSQL database connections managed by Kubernetes operators.
Auto-injected Environment Variables:
POSTGRES_HOST- PostgreSQL service hostPOSTGRES_PORT- PostgreSQL service port (5432)POSTGRES_USERNAME- Database username (stack name)POSTGRES_DATABASE- Database name (stack name)POSTGRES_PASSWORD- Database password (auto-generated)PGHOST- PostgreSQL hostPGPORT- PostgreSQL portPGUSER- PostgreSQL usernamePGDATABASE- PostgreSQL database namePGPASSWORD- PostgreSQL password
Template Placeholders:
${resource:postgres-name.host}- Database host${resource:postgres-name.port}- Database port${resource:postgres-name.user}- Database username${resource:postgres-name.database}- Database name${resource:postgres-name.password}- Database password${resource:postgres-name.url}- Full connection URL
Helm RabbitMQ Operator
Message queue connection details and configuration.
Auto-injected Environment Variables:
RABBITMQ_HOST- RabbitMQ service hostRABBITMQ_PORT- RabbitMQ service portRABBITMQ_USERNAME- RabbitMQ usernameRABBITMQ_PASSWORD- RabbitMQ password (auto-generated)RABBITMQ_URI- Full AMQP connection string
Template Placeholders:
${resource:rabbitmq-name.host}- RabbitMQ host${resource:rabbitmq-name.port}- RabbitMQ port${resource:rabbitmq-name.user}- Username${resource:rabbitmq-name.password}- Password${resource:rabbitmq-name.uri}- Full AMQP connection string
Helm Redis Operator
Redis cache connection details and configuration.
Auto-injected Environment Variables:
REDIS_HOST- Redis service hostREDIS_PORT- Redis service port
Template Placeholders:
${resource:redis-name.host}- Redis host${resource:redis-name.port}- Redis port
MongoDB Atlas
MongoDB Atlas Cluster
MongoDB Atlas database cluster connection details and credentials.
Auto-injected Environment Variables:
MONGO_USER- Database username (stack name)MONGO_DATABASE- Database name (stack name)MONGO_PASSWORD- Database password (auto-generated, secret)MONGO_URI- Full MongoDB connection string with authentication (secret)MONGO_DEP_<OWNER>_USER- Dependency username (for dependency relationships)MONGO_DEP_<OWNER>_PASSWORD- Dependency password (for dependency relationships, secret)MONGO_DEP_<OWNER>_URI- Dependency connection string (for dependency relationships, secret)
Template Placeholders:
${resource:mongodb-name.uri}- Full MongoDB connection string${resource:mongodb-name.user}- Database username${resource:mongodb-name.password}- Database password${resource:mongodb-name.dbName}- Database name${resource:mongodb-name.oplogUri}- MongoDB oplog connection string
For Dependencies (when used via dependencies section):
- ${dependency:dep-name.uri} - Full MongoDB connection string for dependency
- ${dependency:dep-name.user} - Database username for dependency
- ${dependency:dep-name.password} - Database password for dependency
- ${dependency:dep-name.dbName} - Database name for dependency
- ${dependency:dep-name.oplogUri} - MongoDB oplog connection string for dependency
Practical Examples
Using S3 Storage
# parent stack (server.yaml)
resources:
resources:
production:
file-storage:
type: s3-bucket
config:
name: myapp-files
allowOnlyHttps: true
# service stack (client.yaml)
stacks:
production:
type: cloud-compose
parent: myorg/infrastructure
config:
uses: [file-storage]
runs: [web-app]
# docker-compose.yaml (for local development)
services:
web-app:
build: .
environment:
S3_BUCKET: "local-dev-bucket"
S3_REGION: "us-east-1"
S3_ACCESS_KEY: "dev-access-key"
S3_SECRET_KEY: "dev-secret-key"
# When deployed via Simple Container, these values are automatically
# overridden by compute processor environment variables
Using Database Connection
# parent stack (server.yaml)
resources:
resources:
production:
main-db:
type: aws-rds-postgres
config:
name: myapp-db
instanceClass: db.t3.micro
username: postgres
password: "${secret:DB_ROOT_PASSWORD}"
# service stack (client.yaml)
stacks:
production:
type: cloud-compose
parent: myorg/infrastructure
config:
uses: [main-db]
runs: [api-service]
# docker-compose.yaml (for local development)
services:
api-service:
build: .
environment:
PGHOST: "localhost"
PGUSER: "postgres"
PGPORT: "5432"
PGDATABASE: "myapp_dev"
PGPASSWORD: "dev-password"
# When deployed via Simple Container, these values are automatically
# overridden by compute processor environment variables
Using Template Placeholders in Client Configuration
# client.yaml - Custom environment variables using template placeholders
stacks:
production:
type: cloud-compose
parent: myorg/infrastructure
config:
uses: [main-db, redis-cache, file-storage]
runs: [api-service]
env:
# Custom environment variables using template placeholders
DATABASE_URL: "postgresql://${resource:main-db.user}:${resource:main-db.password}@${resource:main-db.host}:${resource:main-db.port}/${resource:main-db.database}"
DB_HOST: "${resource:main-db.host}"
REDIS_URL: "redis://${resource:redis-cache.host}:${resource:redis-cache.port}"
secrets:
# Custom secrets using template placeholders
API_SECRET_KEY: "${resource:main-db.password}"
S3_UPLOAD_KEY: "${resource:file-storage.access-key}"
Benefits
- Automatic Configuration - No manual connection string management
- Security - Sensitive data automatically handled as secrets
- Consistency - Standardized environment variable naming
- Flexibility - Use both auto-injected variables and explicit placeholders
- Cross-Service Integration - Easy sharing of resources between services
Best Practices
- Prefer Auto-injected Variables - Let compute processors handle standard environment variables
- Use Template Placeholders for Custom Config - When you need specific formatting or custom configuration files
- Leverage Dependencies - Share resources between services using the dependencies section
- Follow Naming Conventions - Use descriptive resource names that map to clear environment variables
This system makes Simple Container deployments truly declarative - you declare what resources you need, and Simple Container handles all the connection details automatically.