원클릭으로
deploy-cicd
CI/CD pipeline, GitHub Actions, automated deployment, release management, production shipping, and software delivery.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
CI/CD pipeline, GitHub Actions, automated deployment, release management, production shipping, and software delivery.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Guide for conducting comprehensive accessibility audits of code to identify WCAG compliance issues and barriers to inclusive design. This skill should be used when reviewing accessibility, ARIA implementation, keyboard navigation, or screen reader compatibility.
Transform clarified user requests into structured delegation prompts optimized for specialist agents (cto-architect, strategic-cto-mentor, cv-ml-architect). Use after clarification is complete, before routing to specialist agents. Ensures agents receive complete context for effective work.
AGENTS.md dosyaları oluşturma, monorepo yapılandırma ve agent instruction yönetimi rehberi.
p5.js ile generative art, flow fields ve interactive visuals oluşturma rehberi.
API tasarımı, GraphQL schema, OpenAPI spec, versioning. ⚠️ Tasarım aşaması için kullan. Uygulama/security için → backend-api.
ADR template, database selection, capacity planning ve scalability.
| name | deploy_cicd |
| description | CI/CD pipeline, GitHub Actions, automated deployment, release management, production shipping, and software delivery. |
CI/CD pipeline ve automated deployment.
name: deploy_cicd
on:
push:
branches: [main]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
- run: npm ci && npm test
security:
runs-on: ubuntu-latest
steps:
- uses: snyk/actions/node@master
deploy:
needs: [test, security]
environment: production
steps:
- run: ./deploy.sh
# ✅ GitHub Secrets
env:
API_KEY: ${{ secrets.API_KEY }}
# ❌ ASLA hardcode
env:
API_KEY: "sk-12345" # YANLIŞ!
| Strateji | Açıklama |
|---|---|
| Blue-Green | İki ortam, anında switch |
| Canary | Kademeli rollout (%5→100) |
| Feature Flags | Kod bazlı toggle |
Deploy CI/CD v1.0
Create GitHub Actions workflows for CI/CD pipelines, automated testing, deployments, and repository automation using YAML-based configuration with native GitHub integration.
GitHub Actions is the native CI/CD platform for GitHub repositories. This skill covers workflow syntax, triggers, job orchestration, reusable patterns, optimization techniques, and security practices specific to GitHub Actions.
Core Focus:
Not Covered:
building-ci-pipelinesgitops-workflowsinfrastructure-as-codetesting-strategiesTrigger this skill when:
name: deploy_cicd
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
- run: npm ci
- run: npm test
Key Components:
name: Workflow display nameon: Trigger events (push, pull_request, schedule, workflow_dispatch)jobs: Job definitions (run in parallel by default)runs-on: Runner type (ubuntu-latest, windows-latest, macos-latest)steps: Sequential operations (uses actions or run commands)# Code events
on:
push:
branches: [main, develop]
paths: ['src/**']
pull_request:
types: [opened, synchronize, reopened]
# Manual trigger
on:
workflow_dispatch:
inputs:
environment:
type: choice
options: [dev, staging, production]
# Scheduled
on:
schedule:
- cron: '0 2 * * *' # Daily at 2 AM UTC
For complete trigger reference, see references/triggers-events.md.
Use Reusable Workflow when:
Use Composite Action when:
| Feature | Reusable Workflow | Composite Action |
|---|---|---|
| Scope | Complete job | Step sequence |
| Trigger | workflow_call | uses: in step |
| Secrets | Inherit by default | Must pass explicitly |
| File Sharing | Requires artifacts | Same runner/workspace |
For detailed patterns, see references/reusable-workflows.md and references/composite-actions.md.
Use Built-in Setup Action Caching (Recommended):
- uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm' # or 'yarn', 'pnpm'
Available for: Node.js, Python (pip), Java (maven/gradle), .NET, Go
Use Manual Caching when:
- uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-deps-${{ hashFiles('**/package-lock.json') }}
restore-keys: ${{ runner.os }}-deps-
For optimization techniques, see references/caching-strategies.md.
Use GitHub-Hosted Runners when:
Use Self-Hosted Runners when:
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- run: npm run build
- uses: actions/upload-artifact@v4
with:
name: dist
path: dist/
test:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@v5
with:
name: dist
- run: npm test
deploy:
needs: [build, test]
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
environment: production
steps:
- uses: actions/download-artifact@v5
- run: ./deploy.sh
Key Elements:
needs: creates job dependencies (sequential execution)if: enables conditional executionenvironment: enables protection rules and environment secretsjobs:
test:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
node: [18, 20, 22]
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
- run: npm test
Result: 9 jobs (3 OS × 3 Node versions)
For advanced matrix patterns, see examples/matrix-build.yml.
# Cancel in-progress runs on new push
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# Single deployment per environment
jobs:
deploy:
concurrency:
group: production-deployment
cancel-in-progress: false
steps: [...]
File: .github/workflows/reusable-build.yml
name: deploy_cicd
on:
workflow_call:
inputs:
node-version:
type: string
default: '20'
secrets:
NPM_TOKEN:
required: false
outputs:
artifact-name:
value: ${{ jobs.build.outputs.artifact }}
jobs:
build:
runs-on: ubuntu-latest
outputs:
artifact: build-output
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v4
with:
node-version: ${{ inputs.node-version }}
- run: npm ci && npm run build
- uses: actions/upload-artifact@v4
with:
name: build-output
path: dist/
jobs:
build:
uses: ./.github/workflows/reusable-build.yml
with:
node-version: '20'
secrets: inherit # Same org only
For complete reusable workflow guide, see references/reusable-workflows.md.
File: .github/actions/setup-project/action.yml
name: deploy_cicd
description: 'Install dependencies and setup environment'
inputs:
node-version:
description: 'Node.js version'
default: '20'
outputs:
cache-hit:
value: ${{ steps.cache.outputs.cache-hit }}
runs:
using: "composite"
steps:
- uses: actions/setup-node@v4
with:
node-version: ${{ inputs.node-version }}
cache: 'npm'
- id: cache
uses: actions/cache@v4
with:
path: node_modules
key: ${{ runner.os }}-deps-${{ hashFiles('**/package-lock.json') }}
- if: steps.cache.outputs.cache-hit != 'true'
shell: bash
run: npm ci
Key Requirements:
runs.using: "composite" marks action typeshell: required for all run steps${{ inputs.name }}steps:
- uses: actions/checkout@v5
- uses: ./.github/actions/setup-project
with:
node-version: '20'
- run: npm run build
For detailed composite action patterns, see references/composite-actions.md.
jobs:
deploy:
runs-on: ubuntu-latest
environment: production # Uses environment secrets
steps:
- env:
API_KEY: ${{ secrets.API_KEY }}
run: ./deploy.sh
jobs:
deploy:
runs-on: ubuntu-latest
permissions:
id-token: write # Required for OIDC
contents: read
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::123456789012:role/GitHubActionsRole
aws-region: us-east-1
- run: aws s3 sync ./dist s3://my-bucket
# Workflow-level
permissions:
contents: read
pull-requests: write
# Job-level
jobs:
deploy:
permissions:
contents: write
deployments: write
steps: [...]
# Pin to commit SHA (not tags)
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v5.0.0
Enable Dependabot:
File: .github/dependabot.yml
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
For comprehensive security guide, see references/security-practices.md.
Use built-in caching in setup actions (cache: 'npm'), run independent jobs in parallel, add conditional execution with if:, and minimize checkout depth (fetch-depth: 1).
For detailed optimization strategies, see references/caching-strategies.md.
Common contexts: github.*, secrets.*, inputs.*, matrix.*, runner.*
- run: echo "Branch: ${{ github.ref }}, Event: ${{ github.event_name }}"
For complete syntax reference, see references/workflow-syntax.md.
For comprehensive coverage of specific topics:
Complete workflow templates ready to use:
building-ci-pipelines - CI/CD pipeline design strategygitops-workflows - GitOps deployment patternsinfrastructure-as-code - Terraform/Pulumi integrationtesting-strategies - Test frameworks and coveragesecurity-hardening - SAST/DAST toolsgit-workflows - Understanding branches and PRsVercel deployment ve Next.js optimization rehberi.
# CLI kurulum
npm i -g vercel
# Deploy
vercel
# Production deploy
vercel --prod
{
"buildCommand": "npm run build",
"outputDirectory": ".next",
"framework": "nextjs",
"regions": ["fra1"],
"env": {
"DATABASE_URL": "@database-url"
},
"headers": [
{
"source": "/api/(.*)",
"headers": [
{ "key": "Cache-Control", "value": "s-maxage=60" }
]
}
]
}
// app/api/edge/route.ts
export const runtime = 'edge';
export async function GET(request: Request) {
return new Response('Hello from Edge!');
}
// app/blog/[slug]/page.tsx
export const revalidate = 60; // 60 saniye
export async function generateStaticParams() {
const posts = await getPosts();
return posts.map(post => ({ slug: post.slug }));
}
# CLI ile ekle
vercel env add DATABASE_URL production
# Pull to local
vercel env pull .env.local
Vercel Deploy v1.0
Railway container deployment rehberi.
# CLI kurulum
npm i -g @railway/cli
# Login
railway login
# Yeni proje
railway init
# Deploy
railway up
FROM node:20-alpine
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
RUN npm run build
EXPOSE 3000
CMD ["npm", "start"]
[build]
builder = "dockerfile"
dockerfilePath = "./Dockerfile"
[deploy]
startCommand = "npm start"
healthcheckPath = "/health"
healthcheckTimeout = 100
restartPolicyType = "on_failure"
# CLI ile
railway variables set DATABASE_URL=postgres://...
# Veya dashboard üzerinden
project/
├── apps/
│ ├── web/ # Frontend
│ └── api/ # Backend
├── packages/
│ └── shared/
└── railway.toml
Her servis için ayrı Railway service oluştur.
Kaynak: DORA Research (DORA.dev) & GitHub Actions Hardening Guide
permissions: read-all veya minimal izin prensibini uygula. 3. parti action'ları commit SHA ile sabitle.npm veya pip bağımlılıklarını cache'leyerek pipeline süresini %40+ iyileştir.environment protection rules (manuel onay) ekle.| Aşama | Doğrulama |
|---|---|
| 1 | Pipeline başarısız olduğunda sistem güvenli bir halde kalıyor mu? |
| 2 | Her PR'da otomatik "Linter" ve "Unit Test" çalışıyor mu? |
| 3 | Deploy sonrası otomatik bir "Smoke Test" mevcut mu? |
Deploy CI/CD v2.0 - With Workflow