timequity/ci-cd-pipelines
vibe-coder/skills/infra/ci-cd-pipelines/SKILL.md
CI/CD pipeline design with GitHub Actions, GitLab CI, and best practices.
$ install --global
skillsauthnpx skillsauth add timequity/plugins ci-cd-pipelinesInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 17, 2026, 8:22 AM7.0s1 file scanned
SKILL.md
- name:
- ci-cd-pipelines
- description:
- CI/CD pipeline design with GitHub Actions, GitLab CI, and best practices.
CI/CD Pipelines
GitHub Actions
name: CI/CD
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
- run: npm ci
- run: npm test
build:
needs: test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/build-push-action@v5
with:
push: true
tags: ghcr.io/${{ github.repository }}:${{ github.sha }}
deploy:
needs: build
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
environment: production
steps:
- name: Deploy to Kubernetes
run: |
kubectl set image deployment/app \
app=ghcr.io/${{ github.repository }}:${{ github.sha }}
Pipeline Stages
Commit → Build → Test → Security → Deploy → Smoke Test
│ │ │
└───────┴───────┴── Parallel
Best Practices
- Fast feedback - Tests < 10 min
- Fail fast - Critical checks first
- Cache dependencies - Avoid re-downloading
- Immutable artifacts - Tag with commit SHA
- Environment parity - Same image everywhere
- Rollback ready - Quick revert capability
Secrets Management
# GitHub Actions
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
# With OIDC (no secrets)
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::123456789:role/github-actions
aws-region: us-east-1
Deployment Strategies
| Strategy | Risk | Rollback | |----------|------|----------| | Rolling | Low | Slow | | Blue-Green | Low | Fast | | Canary | Very Low | Fast | | Recreate | High | Fast |
Related Skills
timequity/disaster-recovery
tools
VerifiedTrustedCommunity
Backup strategies, disaster recovery planning, and business continuity.
6SKILL.mdUpdated Apr 21, 2026
timequity/cost-optimization
devops
VerifiedTrustedCommunity
Cloud cost management, rightsizing, and FinOps practices.
6SKILL.mdUpdated Apr 21, 2026
timequity/idea-validation
development
VerifiedTrustedCommunity
Validate idea and create detailed PRD. Saves docs/PRD.md to project. Use when: user describes an app idea, wants to create something new. Triggers: "I want to build", "create app", "make website", "build MVP", "хочу создать", "сделать приложение".
6SKILL.mdUpdated Apr 21, 2026
timequity/graphql-api
development
VerifiedTrustedCommunity
Build GraphQL APIs with schema design, resolvers, and subscriptions. Use when: creating GraphQL server, API with complex queries. Triggers: "graphql", "gql", "apollo", "async-graphql", "strawberry".
6SKILL.mdUpdated Apr 21, 2026