Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

FerranGuardia/ci-cd-pipelines

Name: ci-cd-pipelines
Author: FerranGuardia

skills/devops/ci-cd-pipelines/SKILL.md

npx skillsauth add FerranGuardia/claude-autonomous-setup ci-cd-pipelines

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

CI/CD Pipelines

GitHub Actions Workflow

name: CI
on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: 22
          cache: npm
      - run: npm ci
      - run: npm run lint
      - run: npm run typecheck

  test:
    runs-on: ubuntu-latest
    needs: lint
    services:
      postgres:
        image: postgres:16
        env:
          POSTGRES_DB: test
          POSTGRES_USER: test
          POSTGRES_PASSWORD: test
        ports: ["5432:5432"]
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: 22
          cache: npm
      - run: npm ci
      - run: npm test -- --coverage
        env:
          DATABASE_URL: postgres://test:test@localhost:5432/test
      - uses: codecov/codecov-action@v4

  deploy:
    runs-on: ubuntu-latest
    needs: test
    if: github.ref == 'refs/heads/main'
    environment: production
    steps:
      - uses: actions/checkout@v4
      - run: ./scripts/deploy.sh

Use concurrency to cancel stale runs. Use needs to define job dependencies.

GitLab CI Pipeline

stages:
  - validate
  - test
  - build
  - deploy

variables:
  NODE_IMAGE: node:22-alpine

lint:
  stage: validate
  image: $NODE_IMAGE
  cache:
    key: $CI_COMMIT_REF_SLUG
    paths: [node_modules/]
  script:
    - npm ci
    - npm run lint
    - npm run typecheck

test:
  stage: test
  image: $NODE_IMAGE
  services:
    - postgres:16
  variables:
    POSTGRES_DB: test
    DATABASE_URL: postgres://runner:@postgres:5432/test
  script:
    - npm ci
    - npm test -- --coverage
  coverage: '/Statements\s*:\s*(\d+\.?\d*)%/'
  artifacts:
    reports:
      junit: coverage/junit.xml
      coverage_report:
        coverage_format: cobertura
        path: coverage/cobertura.xml

build:
  stage: build
  image: docker:24
  services: [docker:24-dind]
  script:
    - docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA .
    - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
  rules:
    - if: $CI_COMMIT_BRANCH == "main"

deploy:
  stage: deploy
  environment:
    name: production
    url: https://app.example.com
  script:
    - ./deploy.sh $CI_COMMIT_SHA
  rules:
    - if: $CI_COMMIT_BRANCH == "main"
      when: manual

Reusable GitHub Action

# .github/actions/setup/action.yml
name: Setup
description: Install dependencies and cache
inputs:
  node-version:
    default: "22"
runs:
  using: composite
  steps:
    - uses: actions/setup-node@v4
      with:
        node-version: ${{ inputs.node-version }}
        cache: npm
    - run: npm ci
      shell: bash

# Usage in workflow
steps:
  - uses: actions/checkout@v4
  - uses: ./.github/actions/setup
  - run: npm test

Matrix Strategy

test:
  strategy:
    fail-fast: false
    matrix:
      node: [20, 22]
      os: [ubuntu-latest, macos-latest]
  runs-on: ${{ matrix.os }}
  steps:
    - uses: actions/checkout@v4
    - uses: actions/setup-node@v4
      with:
        node-version: ${{ matrix.node }}
    - run: npm ci && npm test

Anti-Patterns

Not caching dependencies (npm, pip, cargo) between runs
Running all jobs sequentially when lint and test can parallelize
Storing secrets in workflow files instead of repository/environment secrets
Missing concurrency groups causing redundant CI runs on rapid pushes
Not using fail-fast: false in matrix builds (one failure cancels others)
Deploying without an approval gate or environment protection rule

Checklist

[ ] Dependencies cached between CI runs
[ ] Concurrency groups cancel stale pipeline runs
[ ] Lint, typecheck, and test run as separate parallelizable jobs
[ ] Database services use health checks before tests start
[ ] Coverage reports uploaded and tracked
[ ] Deploy job requires approval for production
[ ] Reusable actions/templates extract common setup steps
[ ] Secrets stored in CI platform, never in code

FerranGuardia/ci-cd-pipelines

skills/devops/ci-cd-pipelines/SKILL.md

CI/CD pipeline patterns for GitHub Actions, GitLab CI, testing strategies, and deployment automation

tools

Updated Apr 21, 2026

$ install --global

skillsauth

npx skillsauth add FerranGuardia/claude-autonomous-setup ci-cd-pipelines

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 19, 2026, 3:32 AM6.6s1 file scanned

SKILL.md

name:: ci-cd-pipelines
description:: CI/CD pipeline patterns for GitHub Actions, GitLab CI, testing strategies, and deployment automation

CI/CD Pipelines

GitHub Actions Workflow

name: CI
on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: 22
          cache: npm
      - run: npm ci
      - run: npm run lint
      - run: npm run typecheck

  test:
    runs-on: ubuntu-latest
    needs: lint
    services:
      postgres:
        image: postgres:16
        env:
          POSTGRES_DB: test
          POSTGRES_USER: test
          POSTGRES_PASSWORD: test
        ports: ["5432:5432"]
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: 22
          cache: npm
      - run: npm ci
      - run: npm test -- --coverage
        env:
          DATABASE_URL: postgres://test:test@localhost:5432/test
      - uses: codecov/codecov-action@v4

  deploy:
    runs-on: ubuntu-latest
    needs: test
    if: github.ref == 'refs/heads/main'
    environment: production
    steps:
      - uses: actions/checkout@v4
      - run: ./scripts/deploy.sh

Use concurrency to cancel stale runs. Use needs to define job dependencies.

GitLab CI Pipeline

stages:
  - validate
  - test
  - build
  - deploy

variables:
  NODE_IMAGE: node:22-alpine

lint:
  stage: validate
  image: $NODE_IMAGE
  cache:
    key: $CI_COMMIT_REF_SLUG
    paths: [node_modules/]
  script:
    - npm ci
    - npm run lint
    - npm run typecheck

test:
  stage: test
  image: $NODE_IMAGE
  services:
    - postgres:16
  variables:
    POSTGRES_DB: test
    DATABASE_URL: postgres://runner:@postgres:5432/test
  script:
    - npm ci
    - npm test -- --coverage
  coverage: '/Statements\s*:\s*(\d+\.?\d*)%/'
  artifacts:
    reports:
      junit: coverage/junit.xml
      coverage_report:
        coverage_format: cobertura
        path: coverage/cobertura.xml

build:
  stage: build
  image: docker:24
  services: [docker:24-dind]
  script:
    - docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA .
    - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
  rules:
    - if: $CI_COMMIT_BRANCH == "main"

deploy:
  stage: deploy
  environment:
    name: production
    url: https://app.example.com
  script:
    - ./deploy.sh $CI_COMMIT_SHA
  rules:
    - if: $CI_COMMIT_BRANCH == "main"
      when: manual

Reusable GitHub Action

# .github/actions/setup/action.yml
name: Setup
description: Install dependencies and cache
inputs:
  node-version:
    default: "22"
runs:
  using: composite
  steps:
    - uses: actions/setup-node@v4
      with:
        node-version: ${{ inputs.node-version }}
        cache: npm
    - run: npm ci
      shell: bash

# Usage in workflow
steps:
  - uses: actions/checkout@v4
  - uses: ./.github/actions/setup
  - run: npm test

Matrix Strategy

test:
  strategy:
    fail-fast: false
    matrix:
      node: [20, 22]
      os: [ubuntu-latest, macos-latest]
  runs-on: ${{ matrix.os }}
  steps:
    - uses: actions/checkout@v4
    - uses: actions/setup-node@v4
      with:
        node-version: ${{ matrix.node }}
    - run: npm ci && npm test

Anti-Patterns

Not caching dependencies (npm, pip, cargo) between runs
Running all jobs sequentially when lint and test can parallelize
Storing secrets in workflow files instead of repository/environment secrets
Missing concurrency groups causing redundant CI runs on rapid pushes
Not using fail-fast: false in matrix builds (one failure cancels others)
Deploying without an approval gate or environment protection rule

Checklist

[ ] Dependencies cached between CI runs
[ ] Concurrency groups cancel stale pipeline runs
[ ] Lint, typecheck, and test run as separate parallelizable jobs
[ ] Database services use health checks before tests start
[ ] Coverage reports uploaded and tracked
[ ] Deploy job requires approval for production
[ ] Reusable actions/templates extract common setup steps
[ ] Secrets stored in CI platform, never in code

Related Skills

FerranGuardia/skills/testing/vitest-api-testing

development

VerifiedTrustedCommunity

# API Test Suite Builder **Tier:** POWERFUL **Category:** Engineering **Domain:** Testing / API Quality --- ## Overview Scans API route definitions across frameworks (Next.js App Router, Express, FastAPI, Django REST) and auto-generates comprehensive test suites covering auth, input validation, error codes, pagination, file uploads, and rate limiting. Outputs ready-to-run test files for Vitest+Supertest (Node) or Pytest+httpx (Python). --- ## Core Capabilities - **Route detection** — scan

SKILL.mdUpdated Apr 22, 2026

FerranGuardia/skills/testing/vitest-api-testing

FerranGuardia/test-driven-development

development

VerifiedTrustedCommunity

Use when implementing any feature or bugfix, before writing implementation code

SKILL.mdUpdated Apr 22, 2026

FerranGuardia/test-driven-development

FerranGuardia/webapp-testing

tools

VerifiedTrustedCommunity

Toolkit for interacting with and testing local web applications using Playwright. Supports verifying frontend functionality, debugging UI behavior, capturing browser screenshots, and viewing browser logs.

SKILL.mdUpdated Apr 22, 2026

FerranGuardia/webapp-testing

FerranGuardia/security-hardening

testing

VerifiedTrustedCommunity

Application security covering input validation, auth, headers, secrets management, and dependency auditing

SKILL.mdUpdated Apr 22, 2026

FerranGuardia/security-hardening

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/FerranGuardia/claude-autonomous-setup.git

# Copy into Claude Code skills folder (global)
cp -r claude-autonomous-setup/skills/devops/ci-cd-pipelines ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

FerranGuardia/claude-autonomous-setup

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT