popoffvg/k8s-connection
harness/claude/skills/k8s-connection/SKILL.md
Use when connecting to a Platforma instance running in Kubernetes. Covers port-forwarding, endpoint checks, pod/job diagnostics, and a fast “find the issue” triage flow.
$ install --global
skillsauthnpx skillsauth add popoffvg/dotfiles k8s-connectionInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 16, 2026, 2:26 AM6.8s1 file scanned
SKILL.md
- name:
- k8s-connection
- description:
- Use when connecting to a Platforma instance running in Kubernetes. Covers port-forwarding, endpoint checks, pod/job diagnostics, and a fast “find the issue” triage flow.
K8s Connection & Triage
Connect to and debug a Platforma instance running in Kubernetes.
Use This Skill When
- User asks to connect to a k8s-hosted Platforma
- User asks to debug failures in CI or staging clusters
- User says “find the issue”, “why failed”, “what is broken”, or similar
Fast Triage (Use First for “find the issue”)
Run these checks in order and stop when the root cause is clear.
# 1) Confirm context/namespace
kubectl config current-context
kubectl get ns
# 2) Deployment and pod health
kubectl get deploy,pods -n <namespace> -o wide
kubectl get pods -n <namespace> --sort-by=.status.startTime
# 3) Recent warnings/errors
kubectl get events -n <namespace> --sort-by='.lastTimestamp' | tail -50
# 4) App logs (current + previous)
kubectl logs deployment/<platforma-deployment> -n <namespace> --tail=200
kubectl logs deployment/<platforma-deployment> -n <namespace> --previous --tail=200
If jobs are involved, immediately add:
kubectl get jobs -n <namespace>
kubectl describe job <job-name> -n <namespace>
kubectl logs job/<job-name> -n <namespace> --tail=200
Port-Forward Setup
# Forward debug API and metrics from Platforma deployment
kubectl port-forward deployment/<platforma-deployment> -n <namespace> 9091:9091 9090:9090
After this, use localhost:9091 for debug API and pl-db-cli calls.
Verify Endpoint Before Deeper Debugging
# If auth is disabled:
curl -sf http://localhost:9091/debug/health || true
# If service address is used in tests:
kubectl get svc -n <namespace>
If endpoint is unreachable, debug networking/readiness before test logic.
Enabling Debug API on Running Deployment
kubectl set env deployment/<platforma-deployment> -n <namespace> \
PL_DEBUG_ENABLED=true PL_DEBUG_PORT=9091 PL_DEBUG_IP=0.0.0.0
kubectl rollout status deployment/<platforma-deployment> -n <namespace>
Re-establish port-forward after rollout.
Requirement: PL_DEBUG_IP=0.0.0.0 is required for port-forward access.
Finding Correct Deployment/Pod
kubectl get deployments --all-namespaces | grep -i platforma
kubectl get pods -n <namespace> -l app=<label>
kubectl describe pod <pod-name> -n <namespace>
Common Failure Signatures
ImagePullBackOff/ErrImagePull→ wrong image/tag or registry authFailedScheduling/Insufficient cpu|memory→ cluster capacity or requests too highCrashLoopBackOff/OOMKilled→ app startup failure or memory limits too lowBackoffLimitExceededon Job → retry exhausted; inspect pod logs/eventsForbiddenon kubectl actions (pods/exec,secrets, etc.) → RBAC issue
Runner/Batch Diagnostics
kubectl get appwrappers -n <namespace> 2>/dev/null || true
kubectl get workloads -n <namespace> 2>/dev/null || true
kubectl get pvc -n <namespace>
kubectl describe pod <job-pod> -n <namespace>
Use these when Kueue or PVC/workdir behavior is suspected.
Port-Forward Drops
pkill -f "port-forward.*<platforma-deployment>" || true
kubectl port-forward deployment/<platforma-deployment> -n <namespace> 9091:9091 9090:9090
Multiple Replicas
If multiple replicas exist, target a fixed pod to avoid random routing:
kubectl port-forward pod/<pod-name> -n <namespace> 9091:9091
Response Contract
When reporting findings, always include:
- failing resource (
pod/job/deploy) and namespace - exact failure signal (event/log line)
- likely root cause in one sentence
- next command to confirm or fix
Related Skills
popoffvg/test-set-write
testing
VerifiedTrustedCommunity
Use when the user asks to create test sets, enumerate scenarios, generate edge cases, or draft a coverage matrix before implementation.
2SKILL.mdUpdated Jun 2, 2026
popoffvg/test-set-verify
testing
VerifiedTrustedCommunity
Use when the user asks to review, audit, score, or validate test sets for missed cases before execution or merge.
2SKILL.mdUpdated Jun 2, 2026
popoffvg/test-harness-plugin
tools
VerifiedTrustedCommunity
Test harness plugins in isolation using tmux panes. Runs MCP servers, unit tests, typecheck, and Claude plugin loading. Use when user says "test plugin", "check plugin", "run plugin tests", "validate plugin", or names a specific plugin to test.
2SKILL.mdUpdated Jun 2, 2026
popoffvg/test-bdd
development
VerifiedTrustedCommunity
Guide for designing integration and e2e tests using BDD (Behavior-Driven Development) methodology with Cucumber-style Given/When/Then scenarios. Use when writing or reviewing tests for any service, API, or component. Language-agnostic — covers scenario structure, step notation, assertion principles, async patterns, and common anti-patterns.
2SKILL.mdUpdated Jun 2, 2026