一键导入
deploy
Use when setting up deployment pipelines, Kubernetes manifests, environment promotion, or production infrastructure for Go, Python, or React applications
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Use when setting up deployment pipelines, Kubernetes manifests, environment promotion, or production infrastructure for Go, Python, or React applications
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Use when the user wants to free disk space, investigate disk usage, clean caches, remove unused artifacts, or when disk capacity is high. Also use when asked to "clean up", "free space", "disk full", or "what's using disk space". Always uses AskUserQuestion for every deletion decision.
Use at the start of every conversation and for every user message — orchestrates the full engineering skills suite by understanding intent, clarifying requirements interactively, and invoking the right skills
Use when refactoring Go code, cleaning up legacy codebases, optimizing performance, or enforcing clean architecture boundaries in a Go/Fiber backend
Use when refactoring Python code, cleaning up legacy codebases, optimizing performance, enforcing type safety, or improving clean architecture in a FastAPI backend
Use when refactoring React components, cleaning up legacy frontends, optimizing performance, improving component architecture, or reducing bundle size
Use when reviewing changed code before committing or after completing a feature — checks performance, architecture, type safety, and code quality against project standards
| name | deploy |
| description | Use when setting up deployment pipelines, Kubernetes manifests, environment promotion, or production infrastructure for Go, Python, or React applications |
Get code from CI to production safely. Covers environment setup, deployment strategies, and rollback procedures.
Core principle: Every deploy must be reversible. If you can't rollback in under 2 minutes, your deploy process is broken.
docker-build and ci-pipeline are readylocal (Docker Compose) -> staging -> production
| Environment | Purpose | Deploy trigger |
|---|---|---|
| Local | Development | docker compose up |
| Staging | Testing, QA | Push to staging branch |
| Production | Users | Push to main or manual promote |
Environment parity: staging should mirror production as closely as possible (same DB engine, same Redis version, same env var structure).
# .github/workflows/deploy.yml
deploy:
runs-on: ubuntu-latest
needs: [lint, test]
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v4
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/build-push-action@v5
with:
context: .
push: true
tags: |
ghcr.io/${{ github.repository }}:${{ github.sha }}
ghcr.io/${{ github.repository }}:latest
cache-from: type=gha
cache-to: type=gha,mode=max
# docker-compose.prod.yml
services:
api:
image: ghcr.io/org/api:latest
restart: unless-stopped
environment:
APP_ENV: production
DATABASE_URL: ${DATABASE_URL}
REDIS_URL: ${REDIS_URL}
ports: ["8000:8000"]
healthcheck:
test: wget -q --spider http://localhost:8000/health || exit 1
interval: 10s
retries: 3
web:
image: ghcr.io/org/web:latest
restart: unless-stopped
ports: ["80:80", "443:443"]
postgres:
image: postgres:16-alpine
restart: unless-stopped
volumes: [pgdata:/var/lib/postgresql/data]
environment:
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
volumes:
pgdata:
Deploy script:
#!/bin/bash
set -euo pipefail
echo "Pulling latest images..."
docker compose -f docker-compose.prod.yml pull
echo "Running migrations..."
docker compose -f docker-compose.prod.yml run --rm api migrate up
echo "Deploying..."
docker compose -f docker-compose.prod.yml up -d --remove-orphans
echo "Verifying health..."
sleep 5
curl -sf http://localhost:8000/health || { echo "Health check failed!"; exit 1; }
echo "Deploy complete."
# k8s/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: api
spec:
replicas: 2
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
selector:
matchLabels:
app: api
template:
metadata:
labels:
app: api
spec:
containers:
- name: api
image: ghcr.io/org/api:TAG
ports:
- containerPort: 8000
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: api-secrets
key: database-url
readinessProbe:
httpGet:
path: /health
port: 8000
initialDelaySeconds: 5
periodSeconds: 10
livenessProbe:
httpGet:
path: /health
port: 8000
initialDelaySeconds: 15
periodSeconds: 20
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
---
apiVersion: v1
kind: Service
metadata:
name: api
spec:
selector:
app: api
ports:
- port: 80
targetPort: 8000
Always run migrations before deploying new code:
# In CI/CD pipeline
# 1. Run migration
docker run --rm api migrate up
# 2. Deploy new code
kubectl set image deployment/api api=ghcr.io/org/api:$SHA
# 3. Verify
kubectl rollout status deployment/api
Zero-downtime migration rules (from db-migrate / py-migrate):
# Docker Compose
docker compose -f docker-compose.prod.yml pull ghcr.io/org/api:PREVIOUS_TAG
docker compose -f docker-compose.prod.yml up -d
# Kubernetes
kubectl rollout undo deployment/api
# Database (if needed)
# Go
migrate -path migrations -database "$DATABASE_URL" down 1
# Python
alembic downgrade -1
# .env.example (committed — shows structure, no secrets)
APP_ENV=development
DATABASE_URL=postgres://app:secret@localhost:5432/app
REDIS_URL=redis://localhost:6379
JWT_SECRET=change-me
SENTRY_DSN=
# Production: use platform's secret management
# GitHub Actions: Settings -> Secrets
# K8s: kubectl create secret generic api-secrets --from-env-file=.env.prod
# AWS: Parameter Store or Secrets Manager
claude-md)docker-build for Dockerfiles, ci-pipeline for CIobservability for monitoringincident-response for handling failures