DiscordSign up
SKILLS.SH

devops-deployment

Use when setting up CI/CD pipelines, containerizing applications, deploying to Kubernetes, or writing infrastructure as code. DevOps & Deployment covers GitHub…

INSTALLATION
npx skills add https://github.com/yonatangross/orchestkit --skill devops-deployment
Run in your project or agent environment. Adjust flags if your CLI version differs.

SKILL.md

DevOps & Deployment Skill

Comprehensive frameworks for CI/CD pipelines, containerization, deployment strategies, and infrastructure automation.

Note: If disableSkillShellExecution is enabled (CC 2.1.91), the Docker install check won't run. Verify Docker is available for container operations: docker --version.

Overview

  • Setting up CI/CD pipelines
  • Containerizing applications
  • Deploying to Kubernetes or cloud platforms
  • Implementing GitOps workflows
  • Managing infrastructure as code
  • Planning release strategies

Pipeline Architecture

┌─────────────┐   ┌─────────────┐   ┌─────────────┐   ┌─────────────┐

│    Code     │──>│    Build    │──>│    Test     │──>│   Deploy    │

│   Commit    │   │   & Lint    │   │   & Scan    │   │  & Release  │

└─────────────┘   └─────────────┘   └─────────────┘   └─────────────┘

       │                 │                 │                 │

       v                 v                 v                 v

   Triggers         Artifacts          Reports          Monitoring

Key Concepts

CI/CD Pipeline Stages

  • Lint & Type Check - Code quality gates
  • Unit Tests - Test coverage with reporting
  • Security Scan - npm audit + Trivy vulnerability scanner
  • Build & Push - Docker image to container registry
  • Deploy Staging - Environment-gated deployment
  • Deploy Production - Manual approval or automated

Container Best Practices

Multi-stage builds minimize image size:

  • Stage 1: Install production dependencies only
  • Stage 2: Build application with dev dependencies
  • Stage 3: Production runtime with minimal footprint

Security hardening:

  • Non-root user (uid 1001)
  • Read-only filesystem where possible
  • Health checks for orchestrator integration

Kubernetes Deployment

Essential manifests:

  • Deployment with rolling update strategy
  • Service for internal routing
  • Ingress for external access with TLS
  • HorizontalPodAutoscaler for scaling

Security context:

  • runAsNonRoot: true
  • allowPrivilegeEscalation: false
  • readOnlyRootFilesystem: true
  • Drop all capabilities

Deployment Strategies

Strategy

Use Case

Risk

Rolling

Default, gradual replacement

Low - automatic rollback

Blue-Green

Instant switch, easy rollback

Medium - double resources

Canary

Progressive traffic shift

Low - gradual exposure

Rolling Update (Kubernetes default):

strategy:

  type: RollingUpdate

  rollingUpdate:

    maxSurge: 25%

    maxUnavailable: 0  # Zero downtime

Secrets Management

Use External Secrets Operator to sync from cloud providers:

  • AWS Secrets Manager
  • HashiCorp Vault
  • Azure Key Vault
  • GCP Secret Manager

References

Docker Patterns

**Load: Read("${CLAUDE_SKILL_DIR}/references/docker-patterns.md")**

Key topics covered:

  • Multi-stage build examples with 78% size reduction
  • Layer caching optimization
  • Security hardening (non-root, health checks)
  • Trivy vulnerability scanning
  • Docker Compose development setup

CI/CD Pipelines

**Load: Read("${CLAUDE_SKILL_DIR}/references/ci-cd-pipelines.md")**

Key topics covered:

  • Branch strategy (Git Flow)
  • GitHub Actions caching (85% time savings)
  • Artifact management
  • Matrix testing
  • Complete backend CI/CD example

Kubernetes Basics

**Load: Read("${CLAUDE_SKILL_DIR}/references/kubernetes-basics.md")**

Key topics covered:

  • Health probes (startup, liveness, readiness)
  • Security context configuration
  • PodDisruptionBudget
  • Resource quotas
  • StatefulSets for databases
  • Helm chart structure

Environment Management

**Load: Read("${CLAUDE_SKILL_DIR}/references/environment-management.md")**

Key topics covered:

  • External Secrets Operator
  • GitOps with ArgoCD
  • Terraform patterns (remote state, modules)
  • Zero-downtime database migrations
  • Alembic migration workflow
  • Rollback procedures

Observability

**Load: Read("${CLAUDE_SKILL_DIR}/references/observability.md")**

Key topics covered:

  • Prometheus metrics exposition
  • Grafana dashboard queries (PromQL)
  • Alerting rules for SLOs
  • Golden signals (SRE)
  • Structured logging
  • Distributed tracing (OpenTelemetry)

Railway Deployment

**Load: Read("${CLAUDE_SKILL_DIR}/rules/railway-deployment.md")**

Key topics covered:

  • railway.json configuration, Nixpacks builds
  • Environment variable management, database provisioning
  • Multi-service setups, Railway CLI workflows
  • References: ${CLAUDE_SKILL_DIR}/references/railway-json-config.md, ${CLAUDE_SKILL_DIR}/references/nixpacks-customization.md, ${CLAUDE_SKILL_DIR}/references/multi-service-setup.md

Deployment Strategies

**Load: Read("${CLAUDE_SKILL_DIR}/references/deployment-strategies.md")**

Key topics covered:

  • Rolling deployment
  • Blue-green deployment
  • Canary releases
  • Traffic splitting with Istio

Deployment Checklist & Templates

Load: Read("${CLAUDE_SKILL_DIR}/references/checklists-and-templates.md") for pre/during/post-deployment checklists, Helm chart structure, template reference table, and extended thinking triggers.

Related Skills

  • zero-downtime-migration - Database migration patterns for zero-downtime deployments
  • security-scanning - Security scanning integration for CI/CD pipelines
  • ork:monitoring-observability - Monitoring and alerting for deployed applications
  • ork:database-patterns - Python/Alembic migration workflow for backend deployments
  • portless (upstream) - Named .localhost URLs for multi-service local dev (portless alias api 8080)

Key Decisions

Decision

Choice

Rationale

Container user

Non-root (uid 1001)

Security best practice, required by many orchestrators

Deployment strategy

Rolling update (default)

Zero downtime, automatic rollback, resource efficient

Secrets management

External Secrets Operator

Syncs from cloud providers, GitOps compatible

Health checks

Separate startup/liveness/readiness

Prevents premature traffic, enables graceful shutdown

Capability Details

Load: Read("${CLAUDE_SKILL_DIR}/references/capability-details.md") for full keyword index and problem-solution mapping across all 6 capabilities (ci-cd, docker, kubernetes, infrastructure-as-code, deployment-strategies, observability).

BrowserAct

Let your agent run on any real-world website

Bypass CAPTCHA & anti-bot for free. Start local, scale to cloud.

Explore BrowserAct Skills →

Related skills

find-skills
2/3

Discover and install specialized agent skills from the open ecosystem when users need extended capabilities. Helps identify relevant skills by domain and task when users ask "how do I do X" or "find a skill for X" Integrates with the Skills CLI ( npx skills find , npx skills add ) to search, verify, and install packages from the skills.sh directory Recommends skills based on install count, source reputation, and GitHub stars to ensure quality before suggesting installation Presents skill options with install commands and links to skills.sh for user review and one-click installation

Verified authorvercel-labs
SKILLS.SH
1.5M19.6K
2026-05-22
vercel-react-best-practices
3/3

React and Next.js performance optimization guide with 64 prioritized rules across 8 categories. Organized by impact level, from critical waterfalls and bundle optimization down to advanced patterns, each rule includes incorrect/correct code examples and explanations Covers eight domains: async patterns, bundle size, server-side caching, client-side data fetching, re-render optimization, rendering performance, JavaScript efficiency, and advanced patterns Designed for use during component writing, code review, refactoring, and performance audits on React and Next.js applications Each rule has a prefix code (e.g., async-parallel , bundle-barrel-imports ) for easy reference in automated tooling and documentation

Verified authorvercel-labs
SKILLS.SH
389K26.9K
2026-05-22
azure-validate
2/3

Pre-deployment validation for Azure infrastructure, configuration, and permissions before deployment. Requires .azure/plan.md from a prior azure-prepare run; stops immediately if the plan is missing Executes recipe-specific validation commands (azd provision, bicep build, terraform validate) and records proof in the plan document Performs build verification, configuration checks, and permission validation; blocks deployment if any check fails Only authorized method to set plan status to Validated ; must be followed by azure-deploy skill to execute the actual deployment

Verified authormicrosoft
SKILLS.SH
324K1.1K
2026-05-22
appinsights-instrumentation
3/3

Guidance and reference material for instrumenting webapps with Azure Application Insights. Covers SDK setup, telemetry patterns, and configuration for ASP.NET Core and Node.js applications hosted in Azure Distinguishes between this skill (reference and guidance) and azure-prepare (actual implementation); invoke azure-prepare when the user wants to add instrumentation to their project Provides auto-instrumentation guidance for C# ASP.NET Core apps in Azure App Service, plus manual instrumentation paths for creating App Insights resources via Bicep templates or Azure CLI Includes language-specific code modification guides for ASP.NET Core, Node.js, and Python, plus quick references for OpenTelemetry SDKs and exporters

Verified authormicrosoft
SKILLS.SH
324K1.1K
2026-05-22

Stop writing automation&scrapers

Install the CLI. Run your first Skill in 30 seconds. Scale when you're ready.

Start free
free · no credit card