liulixiang1988/ado-lumina-pipeline
skills/ado-lumina-pipeline/SKILL.md
Trigger the Lumina-SandboxAKSProvider-Service-Dev-Deploy pipeline in Azure DevOps. Use this skill when the user wants to run/trigger/deploy the Lumina sandbox AKS pipeline, deploy sandbox orchestrator, deploy sandbox components, trigger a dev deploy, or run the dev pipeline. Also use when the user asks to re-run or reproduce a specific pipeline build.
development
Updated Apr 23, 2026
$ install --global
skillsauthnpx skillsauth add liulixiang1988/agent-skills ado-lumina-pipelineInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 23, 2026, 12:22 PM44.7s2 files scanned
SKILL.md
- name:
- ado-lumina-pipeline
- description:
- Trigger the Lumina-SandboxAKSProvider-Service-Dev-Deploy pipeline in Azure DevOps. Use this skill when the user wants to run/trigger/deploy the Lumina sandbox AKS pipeline, deploy sandbox orchestrator, deploy sandbox components, trigger a dev deploy, or run the dev pipeline. Also use when the user asks to re-run or reproduce a specific pipeline build.
Lumina Sandbox AKS Provider - Dev Deploy Pipeline
Trigger the Lumina-SandboxAKSProvider-Service-Dev-Deploy pipeline via Azure CLI or the PowerShell helper script for CopilotLumina.
Pipeline Info
| Item | Value |
|------|-------|
| Org | https://dev.azure.com/O365exchange |
| Project | O365 Core |
| Pipeline Name | Lumina-SandboxAKSProvider-Service-Dev-Deploy |
| Pipeline ID | 53278 |
| Default Region | westus2 |
Quick Start — PowerShell Script
The helper script is at scripts/Invoke-LuminaSandboxAKSProviderDevDeploy.ps1 (relative to this skill's directory).
# Deploy with default builds (orchestrator + otel collector), upstream branch, westus2
.\Invoke-LuminaSandboxAKSProviderDevDeploy.ps1 -Profile "a-1"
# Also build control plane and skills agent
.\Invoke-LuminaSandboxAKSProviderDevDeploy.ps1 -Profile "g-2" -BuildControlPlane $true -BuildSkillsAgent $true
# Build all components
.\Invoke-LuminaSandboxAKSProviderDevDeploy.ps1 -Profile "b-2" -BuildAll
# Use a BYO (bring-your-own) image
.\Invoke-LuminaSandboxAKSProviderDevDeploy.ps1 -Profile "c-1" -ByoControlPlaneImage "myacr.azurecr.io/cp:v1"
Quick Start — Azure CLI
az pipelines run \
--id 53278 \
--branch "<branch>" \
--organization "https://o365exchange.visualstudio.com/DefaultCollection" \
--project "O365 Core" \
--parameters \
profile=<profile> \
region=<region> \
build_lumina_sandbox_orchestrator=true \
build_lumina_sandbox_otel_collector=true
Parameters
Required
| Parameter | Description |
|-----------|-------------|
| profile | Dev profile name, e.g. a-1 through g-5 (35 total). |
Optional
| Parameter | Default | Description |
|-----------|---------|-------------|
| region | westus2 | Deployment region. |
| Branch (--branch) | upstream tracking branch | Git branch to run the pipeline on. Defaults to the upstream tracking branch of the current local branch (via git rev-parse --abbrev-ref @{upstream}). |
Build Flags
All default to False except Orchestrator and OTel Collector which default to True. Set to true/false to toggle building that component's container image.
| Pipeline Parameter | PowerShell Switch | Component |
|--------------------|-------------------|-----------|
| build_lumina_service_api | -BuildServiceApi | Service API |
| build_lumina_proxy_api | -BuildProxyApi | Proxy API |
| build_lumina_sandbox_control_plane | -BuildControlPlane | Control Plane |
| build_lumina_sandbox_controller_main | -BuildControllerMain | Controller Main |
| build_lumina_sandbox_operator | -BuildOperator | Operator |
| build_lumina_sandbox_terminal_shell | -BuildTerminalShell | Terminal Shell |
| build_lumina_sandbox_desktop_browser | -BuildDesktopBrowser | Desktop Browser |
| build_lumina_sandbox_desktop_libreoffice | -BuildDesktopLibreOffice | Desktop LibreOffice |
| build_lumina_sandbox_skills_agent | -BuildSkillsAgent | Skills Agent |
| build_lumina_sandbox_egress_proxy | -BuildEgressProxy | Egress Proxy |
| build_lumina_sandbox_egress_llm | -BuildEgressLlm | Egress LLM |
| build_lumina_sandbox_otel_collector | -BuildOtelCollector | OTel Collector |
| build_lumina_sandbox_orchestrator | -BuildOrchestrator | Orchestrator |
| build_lumina_sandbox_workspace_manager | -BuildWorkspaceManager | Workspace Manager |
| -BuildAll (PowerShell only) | | Build all components |
BYO (Bring Your Own) Images
Skip building and use a pre-built image:
| Pipeline Parameter | PowerShell Flag | Default |
|--------------------|-----------------|---------|
| byo_lumina_service_api_image | -ByoServiceApiImage | none |
| byo_lumina_proxy_api_image | -ByoProxyApiImage | none |
| byo_lumina_sandbox_control_plane_image | -ByoControlPlaneImage | none |
| byo_lumina_nginx_appservice_image | N/A | luminadevaks.azurecr.io/lumina-nginx-appservice:latest |
Reproducing a Previous Build
To reproduce a previous pipeline run, use az pipelines build show to extract its parameters, then re-trigger:
# 1. Get the parameters from a previous build
az pipelines build show --id <BUILD_ID> \
--org "https://o365exchange.visualstudio.com/DefaultCollection" \
--project "O365 Core" \
--query "{branch: sourceBranch, params: templateParameters}" -o json
# 2. Re-trigger with the same parameters
az pipelines run --id 53278 --branch "<branch>" \
--org "https://o365exchange.visualstudio.com/DefaultCollection" \
--project "O365 Core" \
--parameters <key=value ...>
Reserved Profiles
Do NOT use these profiles — they are reserved for automation:
| Profile | Purpose |
|---------|---------|
| z | Automation Scheduled Deploy |
| it-3141592653 | Pi Integration Test |
| it-271828 | Euler Integration Test |
| orphan-cleanup | Orphan Resource Cleanup |
| all-cleanup | Clean All Dev Namespaces |
Prerequisites
- Install Azure CLI
- Install the Azure DevOps extension:
az extension add --name azure-devops - Login:
az login
Related Skills
liulixiang1988/lumina-app-proxy-register
development
VerifiedTrustedCommunity
Register and verify a sandbox-hosted HTTP service through Lumina App Proxy (LuminaProxyAPI). Use when the user wants to spin up a tiny FastAPI server inside a Lumina sandbox, expose it under {appId}.{BaseDomain}, hand the resulting URL to teammates, or compare access_scope=owner vs access_scope=all behavior of the AppProxyAuthHandler. Pairs with lumina-eps-token to acquire the bearer token and create the sandbox first.
SKILL.mdUpdated May 30, 2026
liulixiang1988/lumina-eps-token
tools
VerifiedTrustedCommunity
Acquire and validate Lumina EPS/LuminaServiceAPI bearer tokens using the CopilotLumina eps_client.py and get-lumina-token.ts helpers. Use when the user asks about Lumina token acquisition, EPS client authentication, testing luminaserviceapi hosts, running eps_client.py, validating v1/v3 EPS routes, resolving bundled helper script paths across .agents/.claude/.copilot installs, or fixing local Bun/Python/uv environment issues for these flows.
SKILL.mdUpdated May 29, 2026
liulixiang1988/stock-financials-analysis
testing
VerifiedTrustedCommunity
Pulls 3-year financial statements (income, balance sheet, cash flow) for a single stock and produces a deep Chinese-language report, OR compares multiple peers head-to-head. Use whenever the user asks to 分析/解读/看一下 a company's 财报/财务/营收/利润/资产负债/现金流, asks for 三年/近三年/最近几年 financials, or wants to compare multiple stocks 对比/PK/比较 on financial metrics. Triggers on phrases like "帮我看下 X 的财报"、"分析 X 这三年的财务"、"X 和 Y 哪个更好"、"对比 A B C 三家". Covers US/HK/KR/A-share stocks via stockanalysis.com.
SKILL.mdUpdated May 15, 2026
liulixiang1988/connect-draft
tools
VerifiedTrustedCommunity
End-to-end Microsoft Connect (half-yearly performance review) drafting + inject into the Connect tool. Trigger when user mentions Connect, connect draft, 绩效盘点, Microsoft performance review, "write my connect", "draft my connect", "帮我写 connect", or asks to populate v2.msconnect.microsoft.com. Gathers evidence (ADO work items + PRs, SharePoint-authored docs via workiq, historical Connects via Playwright for style), builds a local sign-off flow chart for the user to review, then injects HTML-formatted content (with hyperlinks, nested lists, underlines) directly into the Roosterjs rich-text editor fields via simulated paste events. Asks the user for period dates, repos, SharePoint URLs, and historical Connect IDs at runtime because these vary per person.
SKILL.mdUpdated Apr 28, 2026