CONTAINER APPS · GUIDE
Deploy from Git
Point us at a git repository that contains a docker-compose.yml. We clone it,
build every service's image on our own infrastructure — you don't need a
container registry — and deploy the whole stack, wired together, on the CDN.com.tr managed
container platform. It's the fastest path from “my repo” to “running in production”.
A repository with a docker-compose.yml. Services with a build: section
are built from their Dockerfile; services that reference a public image:
(databases, caches, queues) are used as-is and wired in as managed add-ons or apps. That's it —
no registry account, no image pushing, no CI setup.
1 · Open “Deploy from Git”
In your CDN account open Platforms → Container Apps, expand App creation, and click Deploy from Git (next to Import from Docker Compose).
2 · Fill in your repository
- Repository URL — the
https://clone URL, e.g.https://github.com/your-org/your-app.git. - Branch — the branch to deploy (defaults to
main). - Compose file — path to the compose file inside the repo (defaults to
docker-compose.yml). Build contexts are resolved relative to this file, so a compose kept in a subfolder works fine.
3 · Private repositories & access
If the repository is private, tick This is a private repository and paste an access token. Give it the least access it needs:
- GitHub — a fine-grained Personal Access Token scoped to this one repository with Contents: Read-only.
- GitLab — a project or personal access token with the read_repository scope.
The token is used only to clone your repository during the build. It is stored write-only for the duration of the build and is never shown back or reused — revoke it any time.
4 · Build & deploy
Click Build & deploy. A live progress bar shows each step:
- Reading compose — we clone your repo and parse the compose file.
- Building <service> — each
build:service's image is built from its Dockerfile in a sandboxed builder and pushed to our private registry. - Deploying — every service becomes a container app, wired to the others by
service name (exactly like
docker-compose), with databases/caches attached.
When it finishes, open Your apps to see the running services and
Expose the ones that should be public on an instant
<uid>.cdn.com.tr subdomain (or your own domain).
How it works (and why it's safe)
- We build your images from your Dockerfiles — no registry account needed.
Multi-stage builds,
target:andbuild.argsare honored. - Sandboxed builds & runtime. Both the build and your running containers execute under a hardened gVisor sandbox, isolated from other tenants and the host.
- Service discovery — apps in your account reach each other by service name, just like compose. Databases, Redis and NATS are provisioned as managed add-ons.
- Ship safely. Combine this with Blue/Green preprod to test a copy on its own URL before taking it live.