一键在 Manus 中运行任何 Skill

$pwd:

iac-common

Name: Iac Common
Author: jonathan-vella

// Shared IaC deploy patterns for Bicep and Terraform deploy agents: deployment strategies, circuit breaker, known deploy issues. For preflight validation (auth, governance, stop rules), see azure-validate. USE FOR: Phased deployment, circuit breaker, deploy-specific known issues. DO NOT USE FOR: Preflight validation (use azure-validate), code generation (use azure-bicep-patterns or terraform-patterns).

在 Manus 中运行

$ git log --oneline --stat

stars:3

forks:1

updated:2026年4月15日 13:57

文件资源管理器

10 个文件

SKILL.md

readonly

name

iac-common

description

Shared IaC deploy patterns for Bicep and Terraform deploy agents: deployment strategies, circuit breaker, known deploy issues. For preflight validation (auth, governance, stop rules), see azure-validate. USE FOR: Phased deployment, circuit breaker, deploy-specific known issues. DO NOT USE FOR: Preflight validation (use azure-validate), code generation (use azure-bicep-patterns or terraform-patterns).

IaC Common Skill

Shared deployment patterns used by both Bicep and Terraform deploy agents (07b, 07t) and review subagents.

Preflight validation (CLI auth, governance mapping, stop rules, known issues) has moved to the azure-validate skill. See azure-validate/references/infraops-preflight.md.

Deployment Strategies

azd Deployment (recommended for projects with azure.yaml)

Use azd when the project has an azure.yaml manifest. Each project is a self-contained azd project with azure.yaml and .azure/ inside infra/{iac}/{project}/.

# Navigate to the project directory (azure.yaml must be here)
cd infra/{iac}/{project}

# Or use -C flag from repo root
azd -C infra/{iac}/{project} env list

# Create/select environment (use {project}-{env} naming to avoid collisions)
azd env new {project}-{env}
azd env set AZURE_LOCATION swedencentral

# Preview changes (replaces what-if)
azd provision --preview

# Deploy infrastructure
azd provision

# Full provision + deploy in one step
azd up

azd hooks replace custom deploy.ps1 pre/post steps:

preprovision — auth validation, banner, prerequisite checks
postprovision — resource verification, diagnostic setup

Environment management replaces manual parameterization:

azd env new prod / azd env new dev
azd env set AZURE_LOCATION swedencentral

azd Environment Preflight (MANDATORY for --no-prompt Deploys)

Before azd provision --no-prompt, verify these environment values are set:

AZURE_SUBSCRIPTION_ID — from az account show --query id -o tsv
AZURE_RESOURCE_GROUP — target resource group name
AZURE_ENV_NAME — environment name
AZURE_LOCATION — target region

Run azd env get-values and check for missing values. If any are empty, set them via azd env set {KEY} {VALUE} before attempting --no-prompt.

Phased Deployment via deploy.ps1 (legacy, backward-compatible)

Phase	Resources	Gate
Foundation	Resource group, networking, Key Vault	User approval
Security	Identity, RBAC, certificates	User approval
Data	Storage, databases, messaging	User approval
Compute	App Service, Functions, containers	User approval
Edge	CDN, Front Door, DNS	User approval

Bicep: Pass -Phase {name} to deploy.ps1
Terraform: Pass -var deployment_phase={name} to plan/apply

Single Deployment (only for <5 resources, dev/test)

Deploy everything in one operation. Still requires user approval.

Decision: azd vs deploy.ps1

Full guide: azd-vs-deploy-guide.md — comparison, per-project conventions, workflow, hooks, troubleshooting.

Factor	azd	deploy.ps1
Cross-platform	Yes	PowerShell only
Environment management	Built-in (`azd env`)	Manual parameters
Hooks (pre/post)	`azure.yaml` hooks	Custom script logic
Phased deployment	Single provision	Fine-grained phases
New projects	Use azd	Not generated
Existing projects	Use azd if `azure.yaml` exists	Fallback if no `azure.yaml`
Project isolation	Per-project: `infra/{iac}/{project}/azure.yaml` + `.azure/`	Per-project: `infra/{iac}/{project}/deploy.ps1`
Env naming	`{project}-{env}` (e.g., `hub-spoke-dev`)	Manual parameter per invocation

Reference Index

Reference	Location
azd vs deploy.ps1 guide	`references/azd-vs-deploy-guide.md`
Preflight validation	`azure-validate/references/infraops-preflight.md`
CLI auth validation procedure	`azure-defaults/references/azure-cli-auth-validation.md`
Policy effect decision tree	`azure-defaults/references/policy-effect-decision-tree.md`
IaC policy compliance	`.github/instructions/iac-bicep-best-practices.instructions.md` / `.github/instructions/iac-terraform-best-practices.instructions.md`
Bootstrap backend templates	`terraform-patterns/references/bootstrap-backend-template.md`
Deploy script templates	`terraform-patterns/references/deploy-script-template.md`
Circuit breaker	`references/circuit-breaker.md`

Circuit Breaker

Deploy agents MUST read references/circuit-breaker.md before starting any deployment. It defines:

Failure taxonomy: 6 categories (build, validation, deployment, empty, timeout, auth)
Anomaly patterns: detection thresholds for repetitive failures
Stopping rule: 3 consecutive same-type failures → halt + escalate
Escalation protocol: write to session state, notify user, wait for guidance

related-skills.json

同仓库

azure-artifacts.md

from "jonathan-vella/bmit-2026"

Artifact template structures, H2 compliance rules, and documentation styling for agent outputs (Steps 1-7). USE FOR: generating any agent artifact, checking H2 structure compliance. DO NOT USE FOR: Azure resource configuration (use azure-defaults), Bicep/Terraform patterns (use bicep-patterns or terraform-patterns).

2026-04-153

azure-bicep-patterns.md

from "jonathan-vella/bmit-2026"

Reusable Azure Bicep patterns: hub-spoke, private endpoints, diagnostics, AVM composition. USE FOR: Bicep template design, hub-spoke networking, private endpoint patterns, AVM modules. DO NOT USE FOR: Terraform code, architecture decisions, troubleshooting, diagram generation.

2026-04-153

azure-prepare.md

from "jonathan-vella/bmit-2026"

Prepare Azure apps for deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Use for create/modernize or create+deploy; not cross-cloud migration (use azure-cloud-migrate). WHEN: "create app", "build web app", "create API", "create serverless HTTP API", "create frontend", "create back end", "build a service", "modernize application", "update application", "add authentication", "add caching", "host on Azure", "create and deploy", "deploy to Azure", "deploy to Azure using Terraform", "deploy to Azure App Service", "deploy to Azure App Service using Terraform", "deploy to Azure Container Apps", "deploy to Azure Container Apps using Terraform", "generate Terraform", "generate Bicep", "function app", "timer trigger", "service bus trigger", "event-driven function", "containerized Node.js app", "social media app", "static portfolio website", "todo list with frontend and API", "prepare my Azure application to use Key Vault", "managed identity".

2026-04-153

terraform-patterns.md

from "jonathan-vella/bmit-2026"

Reusable Azure Terraform patterns: hub-spoke, private endpoints, diagnostics, AVM-TF modules. USE FOR: Terraform template design, hub-spoke networking, AVM modules, plan interpretation. DO NOT USE FOR: Bicep code, architecture decisions, troubleshooting, diagram generation.

2026-04-153

package.json

"author": "jonathan-vella"

"repository": "jonathan-vella/bmit-2026"

打开 GitHub 仓库查看创作者相关仓库

$ install --global

$ download --local

在 Manus 中运行

$ useful --forSOC

网络与计算机系统管理员计算机与数学类职业15-1244L4

name

iac-common

description

IaC Common Skill

Shared deployment patterns used by both Bicep and Terraform deploy agents (07b, 07t) and review subagents.

Preflight validation (CLI auth, governance mapping, stop rules, known issues) has moved to the azure-validate skill. See azure-validate/references/infraops-preflight.md.

Deployment Strategies

azd Deployment (recommended for projects with azure.yaml)

Use azd when the project has an azure.yaml manifest. Each project is a self-contained azd project with azure.yaml and .azure/ inside infra/{iac}/{project}/.

# Navigate to the project directory (azure.yaml must be here)
cd infra/{iac}/{project}

# Or use -C flag from repo root
azd -C infra/{iac}/{project} env list

# Create/select environment (use {project}-{env} naming to avoid collisions)
azd env new {project}-{env}
azd env set AZURE_LOCATION swedencentral

# Preview changes (replaces what-if)
azd provision --preview

# Deploy infrastructure
azd provision

# Full provision + deploy in one step
azd up

azd hooks replace custom deploy.ps1 pre/post steps:

preprovision — auth validation, banner, prerequisite checks
postprovision — resource verification, diagnostic setup

Environment management replaces manual parameterization:

azd env new prod / azd env new dev
azd env set AZURE_LOCATION swedencentral

azd Environment Preflight (MANDATORY for --no-prompt Deploys)

Before azd provision --no-prompt, verify these environment values are set:

AZURE_SUBSCRIPTION_ID — from az account show --query id -o tsv
AZURE_RESOURCE_GROUP — target resource group name
AZURE_ENV_NAME — environment name
AZURE_LOCATION — target region

Run azd env get-values and check for missing values. If any are empty, set them via azd env set {KEY} {VALUE} before attempting --no-prompt.

Phased Deployment via deploy.ps1 (legacy, backward-compatible)

Phase	Resources	Gate
Foundation	Resource group, networking, Key Vault	User approval
Security	Identity, RBAC, certificates	User approval
Data	Storage, databases, messaging	User approval
Compute	App Service, Functions, containers	User approval
Edge	CDN, Front Door, DNS	User approval

Bicep: Pass -Phase {name} to deploy.ps1
Terraform: Pass -var deployment_phase={name} to plan/apply

Single Deployment (only for <5 resources, dev/test)

Deploy everything in one operation. Still requires user approval.

Decision: azd vs deploy.ps1

Full guide: azd-vs-deploy-guide.md — comparison, per-project conventions, workflow, hooks, troubleshooting.

Factor	azd	deploy.ps1
Cross-platform	Yes	PowerShell only
Environment management	Built-in (`azd env`)	Manual parameters
Hooks (pre/post)	`azure.yaml` hooks	Custom script logic
Phased deployment	Single provision	Fine-grained phases
New projects	Use azd	Not generated
Existing projects	Use azd if `azure.yaml` exists	Fallback if no `azure.yaml`
Project isolation	Per-project: `infra/{iac}/{project}/azure.yaml` + `.azure/`	Per-project: `infra/{iac}/{project}/deploy.ps1`
Env naming	`{project}-{env}` (e.g., `hub-spoke-dev`)	Manual parameter per invocation

Reference Index

Reference	Location
azd vs deploy.ps1 guide	`references/azd-vs-deploy-guide.md`
Preflight validation	`azure-validate/references/infraops-preflight.md`
CLI auth validation procedure	`azure-defaults/references/azure-cli-auth-validation.md`
Policy effect decision tree	`azure-defaults/references/policy-effect-decision-tree.md`
IaC policy compliance	`.github/instructions/iac-bicep-best-practices.instructions.md` / `.github/instructions/iac-terraform-best-practices.instructions.md`
Bootstrap backend templates	`terraform-patterns/references/bootstrap-backend-template.md`
Deploy script templates	`terraform-patterns/references/deploy-script-template.md`
Circuit breaker	`references/circuit-breaker.md`

Circuit Breaker

Deploy agents MUST read references/circuit-breaker.md before starting any deployment. It defines:

Failure taxonomy: 6 categories (build, validation, deployment, empty, timeout, auth)
Anomaly patterns: detection thresholds for repetitive failures
Stopping rule: 3 consecutive same-type failures → halt + escalate
Escalation protocol: write to session state, notify user, wait for guidance

iac-common

IaC Common Skill

Deployment Strategies

azd Deployment (recommended for projects with azure.yaml)

azd Environment Preflight (MANDATORY for --no-prompt Deploys)

Phased Deployment via deploy.ps1 (legacy, backward-compatible)

Single Deployment (only for <5 resources, dev/test)

Decision: azd vs deploy.ps1

Reference Index

Circuit Breaker

同仓库更多 Skills

IaC Common Skill

Deployment Strategies

azd Deployment (recommended for projects with azure.yaml)

azd Environment Preflight (MANDATORY for --no-prompt Deploys)

Phased Deployment via deploy.ps1 (legacy, backward-compatible)

Single Deployment (only for <5 resources, dev/test)

Decision: azd vs deploy.ps1

Reference Index

Circuit Breaker

同仓库更多 Skills