一键在 Manus 中运行任何 Skill

$pwd:

iac-common

Name: Iac Common
Author: jonathan-vella

// Shared IaC deploy patterns for Bicep and Terraform deploy agents: deployment strategies, circuit breaker, known deploy issues. For preflight validation (auth, governance, stop rules), see azure-validate. USE FOR: Phased deployment, circuit breaker, deploy-specific known issues. DO NOT USE FOR: Preflight validation (use azure-validate), code generation (use azure-bicep-patterns or terraform-patterns).

在 Manus 中运行

$ git log --oneline --stat

stars:0

forks:1

updated:2026年4月23日 04:54

文件资源管理器

10 个文件

SKILL.md

readonly

name

iac-common

description

Shared IaC deploy patterns for Bicep and Terraform deploy agents: deployment strategies, circuit breaker, known deploy issues. For preflight validation (auth, governance, stop rules), see azure-validate. USE FOR: Phased deployment, circuit breaker, deploy-specific known issues. DO NOT USE FOR: Preflight validation (use azure-validate), code generation (use azure-bicep-patterns or terraform-patterns).

IaC Common Skill

Shared deployment patterns used by both Bicep and Terraform deploy agents (07b, 07t) and review subagents.

Preflight validation (CLI auth, governance mapping, stop rules, known issues) has moved to the azure-validate skill. See azure-validate/references/infraops-preflight.md.

Deployment Strategies

azd Deployment (default for all projects)

Use azd for all projects. Each project is a self-contained azd project with azure.yaml and .azure/ inside infra/{iac}/{project}/.

# Navigate to the project directory (azure.yaml must be here)
cd infra/{iac}/{project}

# Or use -C flag from repo root
azd -C infra/{iac}/{project} env list

# Create/select environment (use {project}-{env} naming to avoid collisions)
azd env new {project}-{env}
azd env set AZURE_LOCATION swedencentral

# Preview changes (replaces what-if)
azd provision --preview

# Deploy infrastructure
azd provision

# Full provision + deploy in one step
azd up

azd hooks replace the deprecated deploy.ps1 pre/post steps:

preprovision — auth validation, banner, prerequisite checks
postprovision — resource verification, diagnostic setup

Environment management replaces manual parameterization:

azd env new prod / azd env new dev
azd env set AZURE_LOCATION swedencentral

azd Environment Preflight (MANDATORY for --no-prompt Deploys)

Before azd provision --no-prompt, verify these environment values are set:

AZURE_SUBSCRIPTION_ID — from az account show --query id -o tsv
AZURE_RESOURCE_GROUP — target resource group name
AZURE_ENV_NAME — environment name
AZURE_LOCATION — target region

Run azd env get-values and check for missing values. If any are empty, set them via azd env set {KEY} {VALUE} before attempting --no-prompt.

Phased Deployment via deploy.ps1 (deprecated)

⚠️ Deprecated. Use azd hooks (preprovision/postprovision) for phased deployment workflows instead. deploy.ps1 is retained only for backward compatibility with projects that predate azure.yaml adoption.

Phase	Resources	Gate
Foundation	Resource group, networking, Key Vault	User approval
Security	Identity, RBAC, certificates	User approval
Data	Storage, databases, messaging	User approval
Compute	App Service, Functions, containers	User approval
Edge	CDN, Front Door, DNS	User approval

Bicep: Pass -Phase {name} to deploy.ps1
Terraform: Pass -var deployment_phase={name} to plan/apply

Single Deployment (only for <5 resources, dev/test)

Deploy everything in one operation. Still requires user approval.

Decision: azd vs deploy.ps1

Full guide: azd-vs-deploy-guide.md — comparison, per-project conventions, workflow, hooks, troubleshooting.

Factor	azd	deploy.ps1
Cross-platform	Yes	PowerShell only
Environment management	Built-in (`azd env`)	Manual parameters
Hooks (pre/post)	`azure.yaml` hooks	Custom script logic
Phased deployment	Use hooks (`preprovision`/`postprovision`)	Fine-grained phases (deprecated)
New projects	Use azd	Deprecated — do not use for new projects
Existing projects	Use azd (generate `azure.yaml` if missing)	Deprecated fallback if no `azure.yaml`
Project isolation	Per-project: `infra/{iac}/{project}/azure.yaml` + `.azure/`	Per-project: `infra/{iac}/{project}/deploy.ps1`
Env naming	`{project}-{env}` (e.g., `hub-spoke-dev`)	Manual parameter per invocation

Reference Index

Reference	Location
azd vs deploy.ps1 guide	`references/azd-vs-deploy-guide.md`
Preflight validation	`azure-validate/references/infraops-preflight.md`
CLI auth validation procedure	`azure-defaults/references/azure-cli-auth-validation.md`
Policy effect decision tree	`azure-defaults/references/policy-effect-decision-tree.md`
IaC policy compliance	`.github/instructions/iac-bicep-best-practices.instructions.md` / `.github/instructions/iac-terraform-best-practices.instructions.md`
Bootstrap backend templates	`terraform-patterns/references/bootstrap-backend-template.md`
Deploy script templates	`terraform-patterns/references/deploy-script-template.md`
Circuit breaker	`references/circuit-breaker.md`

Circuit Breaker

Deploy agents MUST read references/circuit-breaker.md before starting any deployment. It defines:

Failure taxonomy: 6 categories (build, validation, deployment, empty, timeout, auth)
Anomaly patterns: detection thresholds for repetitive failures
Stopping rule: 3 consecutive same-type failures → halt + escalate
Escalation protocol: write to session state, notify user, wait for guidance

related-skills.json

同仓库

azure-artifacts.md

from "jonathan-vella/dc2fabric"

Artifact template structures, H2 compliance rules, and documentation styling for agent outputs (Steps 1-7). USE FOR: generating any agent artifact, checking H2 structure compliance. DO NOT USE FOR: Azure resource configuration (use azure-defaults), Bicep/Terraform patterns (use bicep-patterns or terraform-patterns).

2026-04-240

azure-governance-discovery.md

from "jonathan-vella/dc2fabric"

Deterministic Azure Policy discovery: lists effective policy assignments at subscription scope (including MG-inherited), pulls definitions and exemptions, classifies effects, filters Defender auto-assignments, and emits the governance-constraints JSON envelope via a Python script. USE FOR: 04g-Governance Phase 1 discovery, refreshing `04-governance-constraints.json`. DO NOT USE FOR: artifact writing, architecture mapping, traffic-light rendering, challenger orchestration — those stay in the parent agent.

2026-04-240

copilot-customization.md

from "jonathan-vella/dc2fabric"

Authoritative reference for VS Code Copilot customization mechanisms: instructions, prompt files, custom agents, agent skills, MCP servers, hooks, and plugins. Use when deciding which customization type to use, creating new .instructions.md/.prompt.md/.agent.md/SKILL.md/mcp.json files from scratch, or debugging why a customization is not loading. DO NOT USE FOR: routine file edits where the format is already known.

2026-04-240

azure-defaults.md

from "jonathan-vella/dc2fabric"

Azure infrastructure defaults: regions, tags, naming (CAF), AVM-first policy, security baseline, unique suffix patterns. USE FOR: any agent generating or planning Azure resources. DO NOT USE FOR: artifact template structures (use azure-artifacts), pricing lookups (read references/pricing-guidance.md on demand).

2026-04-230

context-shredding.md

from "jonathan-vella/dc2fabric"

Runtime context compression for agents approaching model context limits. Defines 3 compression tiers (full/summarized/minimal) with per-artifact templates. USE FOR: reducing artifact loading size at runtime, context budget management. DO NOT USE FOR: diagnostic context auditing (use context-optimizer), Azure infrastructure.

2026-04-230

workflow-engine.md

from "jonathan-vella/dc2fabric"

Machine-readable workflow DAG for the multi-step agent pipeline. Defines node types, edge conditions, gates, and fan-out patterns. USE FOR: Orchestrator step routing, resume-from-graph, workflow validation. DO NOT USE FOR: Azure infrastructure, code generation, troubleshooting.

2026-04-230

package.json

"author": "jonathan-vella"

"repository": "jonathan-vella/dc2fabric"

打开 GitHub 仓库查看创作者相关仓库

$ install --global

$ download --local

在 Manus 中运行

$ useful --forSOC

技术写作员艺术、设计、娱乐、体育与媒体类职业27-3042L4

name

iac-common

description

IaC Common Skill

Shared deployment patterns used by both Bicep and Terraform deploy agents (07b, 07t) and review subagents.

Preflight validation (CLI auth, governance mapping, stop rules, known issues) has moved to the azure-validate skill. See azure-validate/references/infraops-preflight.md.

Deployment Strategies

azd Deployment (default for all projects)

Use azd for all projects. Each project is a self-contained azd project with azure.yaml and .azure/ inside infra/{iac}/{project}/.

# Navigate to the project directory (azure.yaml must be here)
cd infra/{iac}/{project}

# Or use -C flag from repo root
azd -C infra/{iac}/{project} env list

# Create/select environment (use {project}-{env} naming to avoid collisions)
azd env new {project}-{env}
azd env set AZURE_LOCATION swedencentral

# Preview changes (replaces what-if)
azd provision --preview

# Deploy infrastructure
azd provision

# Full provision + deploy in one step
azd up

azd hooks replace the deprecated deploy.ps1 pre/post steps:

preprovision — auth validation, banner, prerequisite checks
postprovision — resource verification, diagnostic setup

Environment management replaces manual parameterization:

azd env new prod / azd env new dev
azd env set AZURE_LOCATION swedencentral

azd Environment Preflight (MANDATORY for --no-prompt Deploys)

Before azd provision --no-prompt, verify these environment values are set:

AZURE_SUBSCRIPTION_ID — from az account show --query id -o tsv
AZURE_RESOURCE_GROUP — target resource group name
AZURE_ENV_NAME — environment name
AZURE_LOCATION — target region

Run azd env get-values and check for missing values. If any are empty, set them via azd env set {KEY} {VALUE} before attempting --no-prompt.

Phased Deployment via deploy.ps1 (deprecated)

⚠️ Deprecated. Use azd hooks (preprovision/postprovision) for phased deployment workflows instead. deploy.ps1 is retained only for backward compatibility with projects that predate azure.yaml adoption.

Phase	Resources	Gate
Foundation	Resource group, networking, Key Vault	User approval
Security	Identity, RBAC, certificates	User approval
Data	Storage, databases, messaging	User approval
Compute	App Service, Functions, containers	User approval
Edge	CDN, Front Door, DNS	User approval

Bicep: Pass -Phase {name} to deploy.ps1
Terraform: Pass -var deployment_phase={name} to plan/apply

Single Deployment (only for <5 resources, dev/test)

Deploy everything in one operation. Still requires user approval.

Decision: azd vs deploy.ps1

Full guide: azd-vs-deploy-guide.md — comparison, per-project conventions, workflow, hooks, troubleshooting.

Factor	azd	deploy.ps1
Cross-platform	Yes	PowerShell only
Environment management	Built-in (`azd env`)	Manual parameters
Hooks (pre/post)	`azure.yaml` hooks	Custom script logic
Phased deployment	Use hooks (`preprovision`/`postprovision`)	Fine-grained phases (deprecated)
New projects	Use azd	Deprecated — do not use for new projects
Existing projects	Use azd (generate `azure.yaml` if missing)	Deprecated fallback if no `azure.yaml`
Project isolation	Per-project: `infra/{iac}/{project}/azure.yaml` + `.azure/`	Per-project: `infra/{iac}/{project}/deploy.ps1`
Env naming	`{project}-{env}` (e.g., `hub-spoke-dev`)	Manual parameter per invocation

Reference Index

Reference	Location
azd vs deploy.ps1 guide	`references/azd-vs-deploy-guide.md`
Preflight validation	`azure-validate/references/infraops-preflight.md`
CLI auth validation procedure	`azure-defaults/references/azure-cli-auth-validation.md`
Policy effect decision tree	`azure-defaults/references/policy-effect-decision-tree.md`
IaC policy compliance	`.github/instructions/iac-bicep-best-practices.instructions.md` / `.github/instructions/iac-terraform-best-practices.instructions.md`
Bootstrap backend templates	`terraform-patterns/references/bootstrap-backend-template.md`
Deploy script templates	`terraform-patterns/references/deploy-script-template.md`
Circuit breaker	`references/circuit-breaker.md`

Circuit Breaker

Deploy agents MUST read references/circuit-breaker.md before starting any deployment. It defines:

Failure taxonomy: 6 categories (build, validation, deployment, empty, timeout, auth)
Anomaly patterns: detection thresholds for repetitive failures
Stopping rule: 3 consecutive same-type failures → halt + escalate
Escalation protocol: write to session state, notify user, wait for guidance

iac-common

IaC Common Skill

Deployment Strategies

azd Deployment (default for all projects)

azd Environment Preflight (MANDATORY for --no-prompt Deploys)

Phased Deployment via deploy.ps1 (deprecated)

Single Deployment (only for <5 resources, dev/test)

Decision: azd vs deploy.ps1

Reference Index

Circuit Breaker

同仓库更多 Skills

IaC Common Skill

Deployment Strategies

azd Deployment (default for all projects)

azd Environment Preflight (MANDATORY for --no-prompt Deploys)

Phased Deployment via deploy.ps1 (deprecated)

Single Deployment (only for <5 resources, dev/test)

Decision: azd vs deploy.ps1

Reference Index

Circuit Breaker

同仓库更多 Skills