sawrus/areas/software/platform/skills/ci-cd-pipelines
areas/software/platform/skills/ci-cd-pipelines/SKILL.md
# Skill: CI/CD Pipeline Patterns ## When to load When designing GitHub Actions workflows, optimizing pipeline speed, implementing deployment gates. ## Pipeline Structure ``` .github/workflows/ ├── ci.yml # Every PR: lint, test, build, security scan ├── deploy-stg.yml # Merge to main: deploy to staging └── deploy-prd.yml # Release tag: deploy to production (with approval) ``` ## CI Template ```yaml jobs: validate: steps: - uses: actions/cache@v4 with:
$ install --global
skillsauthnpx skillsauth add sawrus/agent-guides areas/software/platform/skills/ci-cd-pipelinesInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 18, 2026, 4:32 AM53.8s1 file scanned
SKILL.md
Skill: CI/CD Pipeline Patterns
When to load
When designing GitHub Actions workflows, optimizing pipeline speed, implementing deployment gates.
Pipeline Structure
.github/workflows/
├── ci.yml # Every PR: lint, test, build, security scan
├── deploy-stg.yml # Merge to main: deploy to staging
└── deploy-prd.yml # Release tag: deploy to production (with approval)
CI Template
jobs:
validate:
steps:
- uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
- run: npm ci
- run: npm run lint && npm run typecheck && npm test -- --coverage
terraform-validate:
steps:
- uses: hashicorp/setup-terraform@v3
- run: terraform init -backend=false && terraform validate && terraform fmt -check -recursive
working-directory: terraform/
security:
steps:
- uses: aquasecurity/trivy-action@master
with: { scan-type: fs, severity: HIGH,CRITICAL, exit-code: 1 }
Deployment Gate
jobs:
deploy:
environment: production # Requires reviewer approval in GitHub Environments
steps:
- run: kubectl set image deployment/api api=$IMAGE
- run: npm run test:smoke -- --env production
Pipeline Optimization Checklist
- [ ] Dependencies cached with hash-based keys
- [ ] Independent jobs parallelized (lint + test + security)
- [ ] Docker layer caching enabled
- [ ] Matrix builds for multi-version testing
- [ ] Concurrency groups prevent redundant runs on same branch
Related Skills
sawrus/qa_expert
testing
VerifiedTrustedCommunity
QA Expert for writing E2E tests, test scenarios, test plans, and ensuring test coverage quality.
12SKILL.mdUpdated Apr 18, 2026
sawrus/design_expert
development
VerifiedTrustedCommunity
Expert UI/UX design intelligence for creating distinctive, high-craft, and mobile-first interfaces. Focuses on premium aesthetics, touch-first ergonomics, and Flutter performance.
12SKILL.mdUpdated Apr 18, 2026
sawrus/code_review_expert
development
VerifiedTrustedCommunity
Code Review Expert for static analysis, security auditing, architecture review, and ensuring code quality standards.
12SKILL.mdUpdated Apr 18, 2026
sawrus/babysit-pr
development
VerifiedTrustedCommunity
Babysit a GitHub pull request after creation by continuously polling review comments, CI checks/workflow runs, and mergeability state until the PR is merged/closed or user help is required. Diagnose failures, retry likely flaky failures up to 3 times, auto-fix/push branch-related issues when appropriate, and keep watching open PRs so fresh review feedback is surfaced promptly. Use when the user asks Codex to monitor a PR, watch CI, handle review comments, or keep an eye on failures and feedback on an open PR.
12SKILL.mdUpdated Apr 18, 2026