원클릭으로
gitlab-ci-validator
Validate, lint, audit, or fix .gitlab-ci.yml pipelines, stages, and jobs.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Validate, lint, audit, or fix .gitlab-ci.yml pipelines, stages, and jobs.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
| name | gitlab-ci-validator |
| description | Validate, lint, audit, or fix .gitlab-ci.yml pipelines, stages, and jobs. |
Comprehensive toolkit for validating, linting, testing, and securing .gitlab-ci.yml configurations.
Use this skill when requests include intent like:
.gitlab-ci.yml"All commands below assume repository root as current working directory.
# Ensure validator scripts are executable
chmod +x devops-skills-plugin/skills/gitlab-ci-validator/scripts/*.sh \
devops-skills-plugin/skills/gitlab-ci-validator/scripts/*.py
# Required runtime
python3 --version
Use one canonical command path for orchestration:
VALIDATOR="bash devops-skills-plugin/skills/gitlab-ci-validator/scripts/validate_gitlab_ci.sh"
Optional local execution tooling (for --test-only):
bash devops-skills-plugin/skills/gitlab-ci-validator/scripts/install_tools.sh
# 1) Full validation (syntax + best practices + security)
$VALIDATOR .gitlab-ci.yml
# 2) Syntax and schema only (required first gate)
$VALIDATOR .gitlab-ci.yml --syntax-only
# 3) Best-practices only (recommended)
$VALIDATOR .gitlab-ci.yml --best-practices
# 4) Security only (required before merge)
$VALIDATOR .gitlab-ci.yml --security-only
# 5) Optional local pipeline structure test (needs gitlab-ci-local + Docker)
$VALIDATOR .gitlab-ci.yml --test-only
# 6) Strict mode (treat best-practice warnings as failure)
$VALIDATOR .gitlab-ci.yml --strict
Follow these gates in order:
2 (--syntax-only).3 (--best-practices) and apply relevant improvements.4 (--security-only) and fix all critical/high findings before merge.5 (--test-only) for local execution checks.6 (--strict) for final merge gate.Required gates: syntax + security. Recommended gate: best practices. Optional gate: local execution test.
critical: Direct credential/secret exposure or high-confidence compromise path. Block merge.high: Exploitable unsafe behavior or strong security regression. Fix before merge.medium: Security hardening gap with realistic risk. Track and fix soon.low/suggestion: Optimization or maintainability improvement.yaml-syntax, job-stage-undefined, dependencies-undefined-job): prevent pipeline parse and dependency failures.cache-missing, artifact-no-expiration, dag-optimization): reduce runtime cost and improve pipeline throughput.hardcoded-password, curl-pipe-bash, include-remote-unverified): reduce credential leaks and supply-chain risk.devops-skills-plugin/skills/gitlab-ci-validator/docs/gitlab-ci-reference.mddevops-skills-plugin/skills/gitlab-ci-validator/docs/best-practices.mddevops-skills-plugin/skills/gitlab-ci-validator/docs/common-issues.mdpython3:
PyYAML:
python_wrapper.sh auto-creates .venv and installs pyyaml when possible.pyyaml from an internal mirror, then rerun.gitlab-ci-local, node, or docker:
--test-only reports warning/failure.chmod command from the Setup section.$VALIDATOR examples/basic-pipeline.gitlab-ci.yml --syntax-only
$VALIDATOR examples/basic-pipeline.gitlab-ci.yml --security-only
$VALIDATOR .gitlab-ci.yml --strict
stages:
- validate
validate_gitlab_ci:
stage: validate
script:
- chmod +x devops-skills-plugin/skills/gitlab-ci-validator/scripts/*.sh devops-skills-plugin/skills/gitlab-ci-validator/scripts/*.py
- bash devops-skills-plugin/skills/gitlab-ci-validator/scripts/validate_gitlab_ci.sh .gitlab-ci.yml --strict
# Syntax validator (via wrapper for PyYAML fallback)
bash devops-skills-plugin/skills/gitlab-ci-validator/scripts/python_wrapper.sh \
devops-skills-plugin/skills/gitlab-ci-validator/scripts/validate_syntax.py .gitlab-ci.yml
# Best-practices validator
bash devops-skills-plugin/skills/gitlab-ci-validator/scripts/python_wrapper.sh \
devops-skills-plugin/skills/gitlab-ci-validator/scripts/check_best_practices.py .gitlab-ci.yml
# Security validator
bash devops-skills-plugin/skills/gitlab-ci-validator/scripts/python_wrapper.sh \
devops-skills-plugin/skills/gitlab-ci-validator/scripts/check_security.py .gitlab-ci.yml
name and description unchanged.chmod prerequisites appear before workflow/use examples.gitlab-ci-local or GitLab CI Lint for runtime behavior confirmation.Generate, create, or scaffold Ansible playbooks, roles, tasks, handlers, inventory, vars.
Validate, lint, audit, or debug Ansible playbooks, roles, inventories, FQCN, tasks.
Generate/create/scaffold azure-pipelines.yml, stages, jobs, steps, or reusable templates.
Validate, lint, audit, or review azure-pipelines.yml — syntax, security, best practices.
Generate/create Fluent Bit configs — INPUT, FILTER, OUTPUT, parsers, log pipeline.
Validate, lint, audit, or check Fluent Bit configs (INPUT, FILTER, OUTPUT, tag routing).