markus41/harness-eks-deployments
plugins/aws-eks-helm-keycloak/skills/harness-eks-deployments/SKILL.md
AWS EKS deployment patterns via Harness CD - Native Helm, Kubernetes manifests, and GitOps strategies with rolling, canary, and blue-green deployments
$ install --global
skillsauthnpx skillsauth add markus41/claude harness-eks-deploymentsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 7, 2026, 2:17 AM62.7s1 file scanned
SKILL.md
- name:
- harness-eks-deployments
- description:
- AWS EKS deployment patterns via Harness CD - Native Helm, Kubernetes manifests, and GitOps strategies with rolling, canary, and blue-green deployments
Harness EKS Deployments Skill
Deploy to AWS EKS via Harness CD with Native Helm, Kubernetes manifests, or GitOps.
Use For
- EKS deployment pipelines, deployment strategies (Rolling/Canary/Blue-Green)
- Native Helm deployments, GitOps with ArgoCD, multi-environment promotion
Deployment Types
Native Helm Deployment
service:
name: my-service
serviceDefinition:
type: NativeHelm
spec:
manifests:
- manifest:
identifier: helm_chart
type: HelmChart
spec:
store:
type: HarnessCode
spec:
repoName: my-app
branch: main
folderPath: charts/my-service
chartName: my-service
chartVersion: <+input>
helmVersion: V3
artifacts:
primary:
primaryArtifactRef: ecr_image
sources:
- identifier: ecr_image
type: Ecr
spec:
connectorRef: aws_connector
region: us-west-2
imagePath: my-service
tag: <+input>
Kubernetes Manifest Deployment
service:
name: my-service
serviceDefinition:
type: Kubernetes
spec:
manifests:
- manifest:
identifier: k8s_manifests
type: K8sManifest
spec:
store:
type: HarnessCode
spec:
repoName: my-app
branch: main
paths:
- k8s/base
- k8s/overlays/<+env.name>
Deployment Strategies
Rolling (Zero-Downtime Default)
execution:
steps:
- step:
type: K8sRollingDeploy
name: Rolling Deploy
identifier: rolling_deploy
spec:
skipDryRun: false
timeout: 10m
rollbackSteps:
- step:
type: K8sRollingRollback
name: Rollback
identifier: rollback
Canary (Progressive Traffic Shift)
execution:
steps:
- step:
type: K8sCanaryDeploy
name: Canary 10%
identifier: canary_10
spec:
instanceSelection:
type: Percentage
spec:
percentage: 10
- step:
type: HarnessApproval
name: Approve Canary
spec:
approvers:
userGroups:
- account.DevOpsTeam
- step:
type: K8sCanaryDeploy
name: Canary 50%
identifier: canary_50
spec:
instanceSelection:
type: Percentage
spec:
percentage: 50
- step:
type: K8sCanaryDeploy
name: Full Rollout
identifier: full_rollout
spec:
instanceSelection:
type: Percentage
spec:
percentage: 100
rollbackSteps:
- step:
type: K8sCanaryDelete
name: Canary Delete
identifier: canary_delete
Blue-Green (Instant Cutover)
execution:
steps:
- step:
type: K8sBGStageDeployment
name: Stage Deployment
identifier: stage_deployment
- step:
type: HarnessApproval
name: Approve Switch
spec:
approvers:
userGroups:
- account.ProductionApprovers
- step:
type: K8sBGSwapServices
name: Swap Services
identifier: swap_services
rollbackSteps:
- step:
type: K8sBGSwapServices
name: Rollback Swap
identifier: rollback_swap
EKS Infrastructure Definition
infrastructureDefinition:
name: EKS Production
identifier: eks_production
type: KubernetesDirect
spec:
connectorRef: eks_connector
namespace: <+service.name>-<+env.name>
releaseName: <+service.name>
allowSimultaneousDeployments: false
AWS EKS Connector
connector:
name: EKS Production
identifier: eks_production
type: K8sCluster
spec:
credential:
type: InheritFromDelegate
delegateSelectors:
- eks-delegate
Environment Configuration
Development
environment:
name: Development
identifier: development
type: PreProduction
overrides:
manifests:
- manifest:
identifier: values_override
type: Values
spec:
store:
type: HarnessCode
spec:
repoName: my-app
branch: main
paths:
- charts/my-service/values-dev.yaml
Production
environment:
name: Production
identifier: production
type: Production
overrides:
manifests:
- manifest:
identifier: values_override
type: Values
spec:
store:
type: HarnessCode
spec:
repoName: my-app
branch: main
paths:
- charts/my-service/values-prod.yaml
Verification & Health Checks
- step:
type: Verify
name: Deployment Verification
spec:
type: Canary
monitoredService:
type: Default
spec:
sensitivity: MEDIUM
duration: 5m
- step:
type: Http
name: Health Check
spec:
url: http://<+service.name>.<+infra.namespace>.svc.cluster.local/health
method: GET
assertion: <+httpResponseCode> == 200
Multi-Environment Promotion Pipeline
pipeline:
name: EKS Promotion Pipeline
stages:
- stage:
name: Deploy Dev
type: Deployment
spec:
deploymentType: NativeHelm
environment:
environmentRef: development
execution:
steps:
- step:
type: HelmDeploy
name: Helm Deploy
- stage:
name: Deploy Staging
type: Deployment
spec:
environment:
environmentRef: staging
when:
pipelineStatus: Success
- stage:
name: Deploy Production
type: Deployment
spec:
environment:
environmentRef: production
when:
pipelineStatus: Success
condition: <+pipeline.stages.deploy_staging.status> == "SUCCEEDED"
Common Expressions
| Expression | Purpose |
|------------|---------|
| <+service.name> | Service name |
| <+env.name> | Environment name |
| <+env.type> | Environment type (Production/PreProduction) |
| <+infra.namespace> | Kubernetes namespace |
| <+infra.releaseName> | Helm release name |
| <+artifact.image> | Full image path |
| <+artifact.tag> | Image tag |
| <+pipeline.executionId> | Pipeline execution ID |
Troubleshooting
| Issue | Solution | |-------|----------| | Helm release failed | Check values file syntax, verify chart dependencies | | Pod stuck in Pending | Check node resources, PVC availability | | Image pull error | Verify ECR connector, check image exists | | Namespace not found | Ensure namespace exists or set createNamespace: true | | Rollback failed | Check rollback steps, verify previous release exists | | Verification failed | Adjust sensitivity, extend duration |
References
- Harness EKS Tutorial
- Native Helm Deployments
Related Skills
markus41/writing-plans-enhanced
development
VerifiedTrustedCommunity
Enhanced plan-authoring skill with Pre-Writing context gathering, task metadata, non-TDD templates, Red Flags, telemetry, and an automated plan linter. Use when you have a spec or requirements for a multi-step task, before touching code.
13SKILL.mdUpdated Apr 25, 2026
markus41/plugins/scrapin-aint-easy
tools
VerifiedTrustedCommunity
Documentation intelligence engine with graph-based API docs, algorithm library, and drift detection
13SKILL.mdUpdated Apr 17, 2026
markus41/ultraplan
tools
VerifiedTrustedCommunity
Ultraplan cloud planning — kick off a plan in the cloud from your terminal, review and revise in the browser, then execute remotely or send back to CLI
13SKILL.mdUpdated Apr 17, 2026
markus41/plugins/claude-code-expert/skills/mcp
tools
VerifiedTrustedCommunity
--- name: mcp description: Configure MCP servers for Claude Code — stdio vs HTTP, authentication, Tools/Resources/Prompts distinction, channels (CI webhook, mobile relay, Discord bridge, fakechat), and cost of always-loaded tools. Use this skill whenever adding an MCP server, debugging connection issues, choosing between MCP Tools vs Prompts vs Resources, installing channel servers, or managing .mcp.json. Triggers on: "MCP server", "mcp config", "add Obsidian MCP", "install context7", "channels"
13SKILL.mdUpdated Apr 17, 2026