// Set up Port integrations to sync Kubernetes resources and GitHub Actions to Port.io
Create changelog fragment for release notes. Invoke during /prd-done workflow during the first push to the PR.
Generate intelligent CI/CD workflows through interactive conversation by analyzing repository structure and user preferences
Generate production-ready, secure, multi-stage Dockerfile and .dockerignore for any project
Manage the knowledge base: ingest documents, search with natural language, or delete chunks. Use "ingest" to store organizational documentation, "search" to find relevant content semantically, or "deleteByUri" to remove all chunks for a document. TIP: For complex questions, you can call search multiple times with different phrasings to gather comprehensive information before synthesizing your answer.
Unified tool for managing cluster data: organizational patterns, policy intents, and resource capabilities. For patterns and policies: supports create, list, get, delete, deleteAll, and search operations (patterns also support step-by-step creation workflow). For capabilities: supports scan, list, get, delete, deleteAll, and progress operations for cluster resource capability discovery and management. Use dataType parameter to specify what to manage: "pattern" for organizational patterns, "policy" for policy intents, "capabilities" for resource capabilities.
AI-powered Kubernetes application operations tool for Day 2 operations. Handles updates, scaling, enhancements, rollbacks, and deletions through natural language intents. Analyzes current state, applies organizational patterns and policies, validates changes via dry-run, and executes approved operations safely.
| name | dot-ai-port-setup |
| description | Set up Port integrations to sync Kubernetes resources and GitHub Actions to Port.io |
| user-invocable | true |
Set up Port integrations to sync Kubernetes resources and GitHub Actions to Port.io.
Check the following and instruct the user to install/configure if missing:
PORT_CLIENT_IDPORT_CLIENT_SECREThelm search repo or check the official documentation.Before starting, discover what tools are available and gather configuration:
argocd namespace) or Flux (flux-system namespace)apps/, manifests/, k8s/)| GitOps Tool | Deployment Method | Self-Service Actions |
|---|---|---|
| ArgoCD | ArgoCD Application manifests in Git | Commit YAML to Git → ArgoCD syncs |
| Flux | Flux HelmRelease/Kustomization in Git | Commit YAML to Git → Flux syncs |
| Neither | Manifests in Git + kubectl apply | Commit YAML to Git → kubectl apply |
| ESO Status | Secrets Method |
|---|---|
| Installed with ClusterSecretStore | Use ExternalSecret to pull from secret manager |
| Not installed | Create Secret directly with kubectl create secret |
Note: Always store manifests in Git for auditability, regardless of GitOps availability.
IMPORTANT: When ArgoCD or Flux is detected, NEVER run kubectl apply on application manifests.
Instead, follow this workflow:
kubectl get applications -n argocd (ArgoCD) or flux get all (Flux)For GitOps resources (ArgoCD Applications, Flux Kustomizations/HelmReleases):
For Secrets without ESO:
kubectl create secret directly (secrets cannot be stored unencrypted in Git)Create a Secret named port-credentials in the port-k8s-exporter namespace with keys PORT_CLIENT_ID and PORT_CLIENT_SECRET.
kubectl create secretDeploy the port-k8s-exporter Helm chart from https://port-labs.github.io/helm-charts.
Key Helm values:
secret.useExistingSecret: true and secret.name: port-credentialsoverwriteConfigurationOnRestart: true (forces use of configMap config)stateKey and extraEnv[].CLUSTER_NAME set to cluster identifierconfigMap.config with resource mappings (see Step 4)Deployment method based on discovery:
helm install then commit values to GitDefault blueprints (always created by the exporter):
cluster (Port concept, not a K8s resource)namespace (from namespaces)workload (from deployments, daemonsets, statefulsets)Discover and recommend:
kubectl api-resources to list all available resourcesCreate selected blueprints using Port MCP tools. All blueprints should have:
namespace blueprintcreationTimestamp propertyIn the Helm values configMap.config, define mappings for the resources selected in Step 3.
For nested resources (arrays inside a resource spec), use itemsToParse:
- kind: your.api/v1/yourresource
selector:
query: "true"
port:
itemsToParse: .spec.items
entity:
mappings:
- identifier: .item.name + "-" + .metadata.namespace + "-" + env.CLUSTER_NAME
blueprint: '"child-blueprint"'
properties:
name: .item.name
relations:
Parent: .metadata.name + "-" + .metadata.namespace + "-" + env.CLUSTER_NAME
Analyze exported resources and establish relations:
For each relation:
Sync GitHub workflows, workflow runs, and pull requests to Port.
Create blueprints for githubWorkflow, githubWorkflowRun, and githubPullRequest (if not exists) using Port MCP tools. Inspect integration kinds to determine appropriate properties.
Use Port REST API to update the integration config with mappings for pull-request, workflow, and workflow-run kinds.
After creating blueprints, trigger a resync so the integration populates them with data. Use the Port API:
# Get access token
curl -s -X POST 'https://api.getport.io/v1/auth/access_token' \
-H 'Content-Type: application/json' \
-d '{"clientId": "'"$PORT_CLIENT_ID"'", "clientSecret": "'"$PORT_CLIENT_SECRET"'"}' \
| jq -r '.accessToken' > ./port_access_token.txt
# Trigger resync (replace INTEGRATION_ID with actual ID)
curl -s -X PATCH 'https://api.getport.io/v1/integration/INTEGRATION_ID' \
-H "Authorization: Bearer $(cat ./port_access_token.txt)" \
-H 'Content-Type: application/json' \
-d '{}'
# Cleanup
rm -f ./port_access_token.txt
Get the integration ID from mcp__port-vscode-eu__list_integrations.
Create Port self-service actions that trigger GitHub workflows to manage CRD manifests.
Use gh secret set to add required secrets:
PORT_CLIENT_ID - Port client IDPORT_CLIENT_SECRET - Port client secretKUBE_CONFIG - (Only for non-GitOps) Base64-encoded kubeconfigCreate workflow for each CRD with workflow_dispatch trigger accepting:
action (create/update/delete)name, namespaceport_run_idWorkflow steps:
port-labs/port-github-action@v1kubectl apply or kubectl deleteCreate 3 actions per CRD using Port MCP tools:
Key template expressions:
{{ .inputs.fieldName }} - User input value{{ .run.id }} - Port action run ID{{ .entity.identifier }} - Entity identifier (for DAY-2/DELETE){{ .entity.identifier | split("-") | last }} - Extract resource name from identifierFor DAY-2 actions, pre-populate inputs with current entity values:
"default": {
"jqQuery": ".entity.properties.someField // \"default_value\""
}