bagelhole/circleci
devops/ci-cd/circleci/SKILL.md
Configure CircleCI workflows and orbs for continuous integration and deployment. Create config.yml pipelines, use orbs for reusable configurations, and optimize build performance. Use when working with CircleCI for CI/CD automation.
$ install --global
skillsauthnpx skillsauth add bagelhole/devops-security-agent-skills circleciInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 3, 2026, 5:01 PM18.4s1 file scanned
SKILL.md
- name:
- circleci
- description:
- Configure CircleCI workflows and orbs for continuous integration and deployment. Create config.yml pipelines, use orbs for reusable configurations, and optimize build performance. Use when working with CircleCI for CI/CD automation.
- license:
- MIT
- author:
- devops-skills
- version:
- 1.0
CircleCI
Build, test, and deploy applications using CircleCI's cloud-native CI/CD platform.
When to Use This Skill
Use this skill when:
- Setting up CI/CD pipelines with CircleCI
- Using orbs for reusable configuration
- Optimizing build times with caching and parallelism
- Configuring CircleCI workflows and approvals
- Managing CircleCI contexts and secrets
Prerequisites
- CircleCI account connected to repository
- Project enabled in CircleCI dashboard
- Basic YAML understanding
Configuration File
Create .circleci/config.yml:
version: 2.1
orbs:
node: circleci/[email protected]
docker: circleci/[email protected]
executors:
default:
docker:
- image: cimg/node:20.10
working_directory: ~/project
jobs:
build:
executor: default
steps:
- checkout
- node/install-packages:
pkg-manager: npm
- run:
name: Build application
command: npm run build
- persist_to_workspace:
root: .
paths:
- dist
test:
executor: default
steps:
- checkout
- node/install-packages:
pkg-manager: npm
- run:
name: Run tests
command: npm test
deploy:
executor: default
steps:
- checkout
- attach_workspace:
at: .
- run:
name: Deploy
command: ./deploy.sh
workflows:
build-test-deploy:
jobs:
- build
- test:
requires:
- build
- deploy:
requires:
- test
filters:
branches:
only: main
Executors
Docker Executor
executors:
node:
docker:
- image: cimg/node:20.10
- image: cimg/postgres:15.0
environment:
POSTGRES_USER: test
POSTGRES_DB: testdb
working_directory: ~/app
Machine Executor
executors:
linux-machine:
machine:
image: ubuntu-2204:current
resource_class: large
macOS Executor
executors:
macos:
macos:
xcode: "15.0.0"
resource_class: macos.m1.medium.gen1
Caching
Dependency Caching
jobs:
build:
steps:
- checkout
- restore_cache:
keys:
- v1-deps-{{ checksum "package-lock.json" }}
- v1-deps-
- run: npm ci
- save_cache:
key: v1-deps-{{ checksum "package-lock.json" }}
paths:
- node_modules
Multi-Key Caching
- restore_cache:
keys:
- v1-{{ .Branch }}-{{ checksum "package-lock.json" }}
- v1-{{ .Branch }}-
- v1-main-
- v1-
Workspaces
Persist Data
jobs:
build:
steps:
- checkout
- run: npm run build
- persist_to_workspace:
root: .
paths:
- dist
- node_modules
deploy:
steps:
- attach_workspace:
at: ~/project
- run: ./deploy.sh
Parallelism
Test Splitting
jobs:
test:
parallelism: 4
steps:
- checkout
- run:
name: Run tests
command: |
TESTFILES=$(circleci tests glob "test/**/*.test.js" | circleci tests split --split-by=timings)
npm test -- $TESTFILES
- store_test_results:
path: test-results
Workflows
Sequential Jobs
workflows:
pipeline:
jobs:
- build
- test:
requires:
- build
- deploy:
requires:
- test
Parallel Jobs
workflows:
pipeline:
jobs:
- build
- test-unit:
requires:
- build
- test-integration:
requires:
- build
- deploy:
requires:
- test-unit
- test-integration
Manual Approval
workflows:
deploy-prod:
jobs:
- build
- test
- hold:
type: approval
requires:
- test
- deploy-production:
requires:
- hold
Scheduled Workflows
workflows:
nightly:
triggers:
- schedule:
cron: "0 2 * * *"
filters:
branches:
only:
- main
jobs:
- build
- test
Branch Filtering
workflows:
build-deploy:
jobs:
- build:
filters:
branches:
only:
- main
- /feature-.*/
- deploy:
filters:
branches:
only: main
tags:
only: /^v.*/
Orbs
Using Orbs
version: 2.1
orbs:
aws-cli: circleci/[email protected]
kubernetes: circleci/[email protected]
jobs:
deploy:
executor: aws-cli/default
steps:
- aws-cli/setup:
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
- kubernetes/install-kubectl
- run: kubectl apply -f k8s/
Common Orbs
orbs:
node: circleci/[email protected] # Node.js
docker: circleci/[email protected] # Docker builds
aws-cli: circleci/[email protected] # AWS CLI
aws-ecr: circleci/[email protected] # ECR push
aws-ecs: circleci/[email protected] # ECS deploy
gcp-cli: circleci/[email protected] # GCP CLI
kubernetes: circleci/[email protected] # K8s deploy
slack: circleci/[email protected] # Notifications
Docker Builds
version: 2.1
orbs:
docker: circleci/[email protected]
jobs:
build-and-push:
executor: docker/docker
steps:
- setup_remote_docker:
version: 20.10.24
- checkout
- docker/check
- docker/build:
image: myorg/myapp
tag: $CIRCLE_SHA1
- docker/push:
image: myorg/myapp
tag: $CIRCLE_SHA1
Environment Variables
Project Variables
Set in CircleCI Project Settings > Environment Variables
Contexts
workflows:
deploy:
jobs:
- deploy-staging:
context: staging-secrets
- deploy-production:
context: production-secrets
Using Variables
jobs:
deploy:
steps:
- run:
name: Deploy
command: |
aws s3 sync dist/ s3://$S3_BUCKET
environment:
AWS_DEFAULT_REGION: us-east-1
Artifacts and Test Results
jobs:
test:
steps:
- run:
name: Run tests
command: npm test -- --coverage
- store_test_results:
path: test-results
- store_artifacts:
path: coverage
destination: coverage-report
Resource Classes
jobs:
build:
docker:
- image: cimg/node:20.10
resource_class: large # 4 vCPU, 8GB RAM
steps:
- checkout
- run: npm run build
# Available classes:
# small: 1 vCPU, 2GB RAM
# medium: 2 vCPU, 4GB RAM (default)
# large: 4 vCPU, 8GB RAM
# xlarge: 8 vCPU, 16GB RAM
Common Issues
Issue: Cache Not Restoring
Problem: Cache misses on every build Solution: Verify cache key format, ensure checksum file hasn't changed
Issue: Workspace Attach Fails
Problem: Cannot find persisted workspace Solution: Ensure persist_to_workspace job completed, check paths
Issue: Docker Layer Caching
Problem: Docker builds are slow Solution: Enable Docker Layer Caching in project settings (paid feature)
Best Practices
- Use orbs for common tasks
- Implement aggressive caching strategies
- Use workspaces for sharing data between jobs
- Split tests with parallelism for faster builds
- Use contexts for environment-specific secrets
- Define reusable executors
- Store test results for insights
Related Skills
- github-actions - GitHub CI/CD
- docker-management - Container builds
- aws-ecs-fargate - ECS deployments
Related Skills
bagelhole/sre-dashboards
development
VerifiedTrustedCommunity
Design and operationalize SRE dashboards that surface reliability, latency, error, saturation, and capacity signals across services. Use when building observability views for SLOs, incident response, and executive reliability reporting.
28SKILL.mdUpdated May 23, 2026
bagelhole/openclaw-security-hardening
testing
VerifiedTrustedCommunity
Harden OpenClaw self-hosted environments with baseline host controls, auth tightening, secret handling, network segmentation, and safe update/rollback workflows. Use when deploying OpenClaw in home labs, startups, or production-like local AI infrastructure.
28SKILL.mdUpdated Apr 3, 2026
bagelhole/vector-database-ops
devops
VerifiedTrustedCommunity
Deploy, manage, and optimize vector databases for AI applications. Covers Qdrant, Weaviate, pgvector, and Pinecone — collection management, indexing strategies, backup, and performance tuning for production RAG and semantic search workloads.
28SKILL.mdUpdated Apr 3, 2026
bagelhole/model-serving-kubernetes
testing
VerifiedTrustedCommunity
Deploy ML models on Kubernetes with KServe (formerly KFServing) and NVIDIA Triton Inference Server. Includes canary deployments, autoscaling, model versioning, A/B testing, and GPU resource management for production model serving.
28SKILL.mdUpdated Apr 3, 2026