| name | infra-deploy |
| description | Infrastructure as Code workflows with Terraform, Ansible, Docker, and Kubernetes. Use when provisioning, configuring, deploying, or managing infrastructure. |
| paths | **/*.tf,**/*.tfvars,**/*.hcl,**/ansible*,**/playbooks/**,**/*.yaml,**/*.yml,**/k8s/**,**/helm/** |
Infrastructure Workflows
Terraform
terraform fmt -recursive — format all .tf filestflint — lint for errors and best practicesterraform validate — syntax validationterraform plan -out=plan.tfplan — preview changes (ALWAYS do this first)infracost breakdown --path=plan.tfplan — estimate cost impact- Only after review:
terraform apply plan.tfplan
NEVER run terraform apply -auto-approve or terraform destroy without explicit operator approval.
Ansible
ansible-lint — lint playbooksansible-playbook --check -i inventory site.yml — dry runansible-playbook -i inventory site.yml — actual run
Docker
hadolint Dockerfile — lint before buildingdocker build -t <name>:<tag> . — build imagetrivy image <name>:<tag> — scan for vulnerabilitiesdive <name>:<tag> — analyze layer efficiencydocker compose up -d — deploy
Kubernetes
kubectl get pods -A — cluster overviewk9s — interactive managementstern <pod-prefix> — tail logs from multiple podshelm list -A — check installed charts
Hetzner Cloud
Run hcloud --help for available commands.
Common: hcloud server list, hcloud server create, hcloud firewall list
Rules
- ALWAYS plan before apply
- ALWAYS scan images before deploying
- ALWAYS lint IaC files before committing
- Use
sops or age for secrets, never plaintext
