Run any Skill in Manus with one click

devops-deployment

Stars193

Forks15

UpdatedJune 20, 2026 at 10:50

Use when setting up CI/CD pipelines, containerizing applications, deploying to Kubernetes, or writing infrastructure as code. DevOps & Deployment covers GitHub Actions, Docker, Helm, and Terraform patterns.

Installation

Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.

Run Skill in Manus

Source

yonatangross

yonatangross/orchestkit

View GitHub Repository View Creator Repositories

Download

Run Skill in Manus

Related occupationsSOC

Based on SOC occupation classification

Software DevelopersComputer and Mathematical Occupations·SOC 15-1252

File Explorer

33 files

SKILL.md

readonly

More from this repository

same repository

doctor

yonatangross/orchestkit

OrchestKit doctor for health diagnostics across manifest integrity, hook configuration, skill validation, agent frontmatter, MCP server connectivity, CC version compatibility, and permission rules. Reports issues with severity levels and auto-remediation suggestions. Validates component counts, detects orphaned entries, and checks CC version matrix compliance. Use when diagnosing plugin health, troubleshooting configuration issues, or running pre-release checks.

2026-06-23193

mcp-visual-output

yonatangross/orchestkit

Interactive MCP visual output via @json-render/mcp. Upgrade plain JSON tool responses to interactive dashboards rendered in sandboxed iframes inside Claude, Cursor, ChatGPT, VS Code Copilot, Goose, and Postman conversations. Covers createMcpApp(), registerJsonRenderTool(), registerJsonRenderResource(), CSP config, JSON Patch streaming, and dashboard component patterns. Use when building MCP servers that return visual output, upgrading existing MCP tools with interactive UI, or creating eval/monitoring dashboards.

2026-06-22193

multi-surface-render

yonatangross/orchestkit

Multi-surface rendering with json-render — same JSON spec produces React web, Next.js apps, React Native, Ink terminal UIs, PDFs, emails, Remotion videos, OG images, and 3D scenes. Covers renderer target selection, registry mapping, and platform-specific APIs (renderToBuffer, renderToStream, renderToFile). Use when generating output for multiple platforms, creating PDF reports, email templates, demo videos, or social media images from a single component spec.

2026-06-22193

validate-counts

yonatangross/orchestkit

Validates hook, skill, and agent counts are consistent across CLAUDE.md, hooks.json, manifests, and source directories. Use when counts may be stale after adding or removing components, before releases, or when CLAUDE.md Project Overview looks wrong.

2026-06-22193

browser-tools

yonatangross/orchestkit

OrchestKit security wrapper for browser automation. Adds URL blocklisting, rate limiting, robots.txt enforcement, and ethical scraping guardrails on top of the upstream agent-browser skill. Use when automating browser workflows that need safety guardrails.

2026-06-22193

dev

yonatangross/orchestkit

One-command dev loop boot. Spins up portless (named HTTPS subdomain), emulate (stateful API mocks), the project's dev server, and an agent-browser session — all using the current git branch as the namespace key. Replaces the 4-terminal manual setup with a single `/ork:dev` invocation. Use when starting a new feature branch, switching worktrees, or returning to a project after a break. Skip silently when prerequisite binaries (portless, emulate, agent-browser) are missing — emits install hints.

2026-06-22193

name	devops-deployment
license	MIT
compatibility	Claude Code 2.1.183+.
description	Use when setting up CI/CD pipelines, containerizing applications, deploying to Kubernetes, or writing infrastructure as code. DevOps & Deployment covers GitHub Actions, Docker, Helm, and Terraform patterns.
tags	["devops","ci-cd","docker","kubernetes","terraform"]
context	fork
agent	ci-cd-engineer
version	1.0.0
author	OrchestKit
user-invocable	false
disable-model-invocation	false
complexity	medium
persuasion-type	guidance
metadata	{"category":"workflow-automation"}
allowed-tools	["Read","Glob","Grep","WebFetch","WebSearch"]
paths	[".github/workflows/*","Dockerfile","docker-compose","/k8s/","/terraform/*"]
path_patterns	[".tf",".tfvars","/k8s/","/helm/","Dockerfile",".github/workflows/"]
invocation_hooks	["command -v docker >/dev/null 2>&1 \|\| echo 'Warning: docker not found — container operations will fail'"]

DevOps & Deployment Skill

Comprehensive frameworks for CI/CD pipelines, containerization, deployment strategies, and infrastructure automation.

Note: If disableSkillShellExecution is enabled (CC 2.1.91), the Docker install check won't run. Verify Docker is available for container operations: docker --version.

Overview

Setting up CI/CD pipelines
Containerizing applications
Deploying to Kubernetes or cloud platforms
Implementing GitOps workflows
Managing infrastructure as code
Planning release strategies

Pipeline Architecture

┌─────────────┐   ┌─────────────┐   ┌─────────────┐   ┌─────────────┐
│    Code     │──>│    Build    │──>│    Test     │──>│   Deploy    │
│   Commit    │   │   & Lint    │   │   & Scan    │   │  & Release  │
└─────────────┘   └─────────────┘   └─────────────┘   └─────────────┘
       │                 │                 │                 │
       v                 v                 v                 v
   Triggers         Artifacts          Reports          Monitoring

Key Concepts

CI/CD Pipeline Stages

Lint & Type Check - Code quality gates
Unit Tests - Test coverage with reporting
Security Scan - npm audit + Trivy vulnerability scanner
Build & Push - Docker image to container registry
Deploy Staging - Environment-gated deployment
Deploy Production - Manual approval or automated

Container Best Practices

Multi-stage builds minimize image size:

Stage 1: Install production dependencies only
Stage 2: Build application with dev dependencies
Stage 3: Production runtime with minimal footprint

Security hardening:

Non-root user (uid 1001)
Read-only filesystem where possible
Health checks for orchestrator integration

Kubernetes Deployment

Essential manifests:

Deployment with rolling update strategy
Service for internal routing
Ingress for external access with TLS
HorizontalPodAutoscaler for scaling

Security context:

runAsNonRoot: true
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
Drop all capabilities

Deployment Strategies

Strategy	Use Case	Risk
Rolling	Default, gradual replacement	Low - automatic rollback
Blue-Green	Instant switch, easy rollback	Medium - double resources
Canary	Progressive traffic shift	Low - gradual exposure

Rolling Update (Kubernetes default):

strategy:
  type: RollingUpdate
  rollingUpdate:
    maxSurge: 25%
    maxUnavailable: 0  # Zero downtime

Secrets Management

Use External Secrets Operator to sync from cloud providers:

AWS Secrets Manager
HashiCorp Vault
Azure Key Vault
GCP Secret Manager

References

Docker Patterns

Load: Read("${CLAUDE_SKILL_DIR}/references/docker-patterns.md")

Key topics covered:

Multi-stage build examples with 78% size reduction
Layer caching optimization
Security hardening (non-root, health checks)
Trivy vulnerability scanning
Docker Compose development setup

CI/CD Pipelines

Load: Read("${CLAUDE_SKILL_DIR}/references/ci-cd-pipelines.md")

Key topics covered:

Branch strategy (Git Flow)
GitHub Actions caching (85% time savings)
Artifact management
Matrix testing
Complete backend CI/CD example

Kubernetes Basics

Load: Read("${CLAUDE_SKILL_DIR}/references/kubernetes-basics.md")

Key topics covered:

Health probes (startup, liveness, readiness)
Security context configuration
PodDisruptionBudget
Resource quotas
StatefulSets for databases
Helm chart structure

Environment Management

Load: Read("${CLAUDE_SKILL_DIR}/references/environment-management.md")

Key topics covered:

External Secrets Operator
GitOps with ArgoCD
Terraform patterns (remote state, modules)
Zero-downtime database migrations
Alembic migration workflow
Rollback procedures

Observability

Load: Read("${CLAUDE_SKILL_DIR}/references/observability.md")

Key topics covered:

Prometheus metrics exposition
Grafana dashboard queries (PromQL)
Alerting rules for SLOs
Golden signals (SRE)
Structured logging
Distributed tracing (OpenTelemetry)

Railway Deployment

Load: Read("${CLAUDE_SKILL_DIR}/rules/railway-deployment.md")

Key topics covered:

railway.json configuration, Nixpacks builds
Environment variable management, database provisioning
Multi-service setups, Railway CLI workflows
References: ${CLAUDE_SKILL_DIR}/references/railway-json-config.md, ${CLAUDE_SKILL_DIR}/references/nixpacks-customization.md, ${CLAUDE_SKILL_DIR}/references/multi-service-setup.md

Deployment Strategies

Load: Read("${CLAUDE_SKILL_DIR}/references/deployment-strategies.md")

Key topics covered:

Rolling deployment
Blue-green deployment
Canary releases
Traffic splitting with Istio

Deployment Checklist & Templates

Load: Read("${CLAUDE_SKILL_DIR}/references/checklists-and-templates.md") for pre/during/post-deployment checklists, Helm chart structure, template reference table, and extended thinking triggers.

Related Skills

zero-downtime-migration - Database migration patterns for zero-downtime deployments
security-scanning - Security scanning integration for CI/CD pipelines
ork:monitoring-observability - Monitoring and alerting for deployed applications
ork:database-patterns - Python/Alembic migration workflow for backend deployments
portless (upstream) - Named .localhost URLs for multi-service local dev (portless alias api 8080)

Key Decisions

Decision	Choice	Rationale
Container user	Non-root (uid 1001)	Security best practice, required by many orchestrators
Deployment strategy	Rolling update (default)	Zero downtime, automatic rollback, resource efficient
Secrets management	External Secrets Operator	Syncs from cloud providers, GitOps compatible
Health checks	Separate startup/liveness/readiness	Prevents premature traffic, enables graceful shutdown

Capability Details

Load: Read("${CLAUDE_SKILL_DIR}/references/capability-details.md") for full keyword index and problem-solution mapping across all 6 capabilities (ci-cd, docker, kubernetes, infrastructure-as-code, deployment-strategies, observability).