How to install devops-deployment
npx skills add https://github.com/yonatangross/orchestkit --skill devops-deploymentFull instructions (SKILL.md)
Source of truth, from yonatangross/orchestkit.
name: devops-deployment license: MIT compatibility: "Claude Code 2.1.183+." description: Use when setting up CI/CD pipelines, containerizing applications, deploying to Kubernetes, or writing infrastructure as code. DevOps & Deployment covers GitHub Actions, Docker, Helm, and Terraform patterns. tags: [devops, ci-cd, docker, kubernetes, terraform] context: fork agent: ci-cd-engineer version: 1.0.0 author: OrchestKit user-invocable: false disable-model-invocation: false complexity: medium persuasion-type: guidance metadata: category: workflow-automation allowed-tools:
- Read
- Glob
- Grep
- WebFetch
- WebSearch paths: [".github/workflows/", "Dockerfile*", "docker-compose*", "/k8s/", "/terraform/"] path_patterns: [".tf", ".tfvars", "/k8s/", "/helm/**", "Dockerfile*", ".github/workflows/*"] invocation_hooks:
- "command -v docker >/dev/null 2>&1 || echo 'Warning: docker not found — container operations will fail'"
DevOps & Deployment Skill
Comprehensive frameworks for CI/CD pipelines, containerization, deployment strategies, and infrastructure automation.
Note: If
disableSkillShellExecutionis enabled (CC 2.1.91), the Docker install check won't run. Verify Docker is available for container operations:docker --version.
Overview
- Setting up CI/CD pipelines
- Containerizing applications
- Deploying to Kubernetes or cloud platforms
- Implementing GitOps workflows
- Managing infrastructure as code
- Planning release strategies
Pipeline Architecture
┌─────────────┐ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐
│ Code │──>│ Build │──>│ Test │──>│ Deploy │
│ Commit │ │ & Lint │ │ & Scan │ │ & Release │
└─────────────┘ └─────────────┘ └─────────────┘ └─────────────┘
│ │ │ │
v v v v
Triggers Artifacts Reports Monitoring
Key Concepts
CI/CD Pipeline Stages
- Lint & Type Check - Code quality gates
- Unit Tests - Test coverage with reporting
- Security Scan - npm audit + Trivy vulnerability scanner
- Build & Push - Docker image to container registry
- Deploy Staging - Environment-gated deployment
- Deploy Production - Manual approval or automated
Container Best Practices
Multi-stage builds minimize image size:
- Stage 1: Install production dependencies only
- Stage 2: Build application with dev dependencies
- Stage 3: Production runtime with minimal footprint
Security hardening:
- Non-root user (uid 1001)
- Read-only filesystem where possible
- Health checks for orchestrator integration
Kubernetes Deployment
Essential manifests:
- Deployment with rolling update strategy
- Service for internal routing
- Ingress for external access with TLS
- HorizontalPodAutoscaler for scaling
Security context:
runAsNonRoot: trueallowPrivilegeEscalation: falsereadOnlyRootFilesystem: true- Drop all capabilities
Deployment Strategies
| Strategy | Use Case | Risk |
|---|---|---|
| Rolling | Default, gradual replacement | Low - automatic rollback |
| Blue-Green | Instant switch, easy rollback | Medium - double resources |
| Canary | Progressive traffic shift | Low - gradual exposure |
Rolling Update (Kubernetes default):
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 25%
maxUnavailable: 0 # Zero downtime
Secrets Management
Use External Secrets Operator to sync from cloud providers:
- AWS Secrets Manager
- HashiCorp Vault
- Azure Key Vault
- GCP Secret Manager
References
Docker Patterns
Load: Read("${CLAUDE_SKILL_DIR}/references/docker-patterns.md")
Key topics covered:
- Multi-stage build examples with 78% size reduction
- Layer caching optimization
- Security hardening (non-root, health checks)
- Trivy vulnerability scanning
- Docker Compose development setup
CI/CD Pipelines
Load: Read("${CLAUDE_SKILL_DIR}/references/ci-cd-pipelines.md")
Key topics covered:
- Branch strategy (Git Flow)
- GitHub Actions caching (85% time savings)
- Artifact management
- Matrix testing
- Complete backend CI/CD example
Kubernetes Basics
Load: Read("${CLAUDE_SKILL_DIR}/references/kubernetes-basics.md")
Key topics covered:
- Health probes (startup, liveness, readiness)
- Security context configuration
- PodDisruptionBudget
- Resource quotas
- StatefulSets for databases
- Helm chart structure
Environment Management
Load: Read("${CLAUDE_SKILL_DIR}/references/environment-management.md")
Key topics covered:
- External Secrets Operator
- GitOps with ArgoCD
- Terraform patterns (remote state, modules)
- Zero-downtime database migrations
- Alembic migration workflow
- Rollback procedures
Observability
Load: Read("${CLAUDE_SKILL_DIR}/references/observability.md")
Key topics covered:
- Prometheus metrics exposition
- Grafana dashboard queries (PromQL)
- Alerting rules for SLOs
- Golden signals (SRE)
- Structured logging
- Distributed tracing (OpenTelemetry)
Railway Deployment
Load: Read("${CLAUDE_SKILL_DIR}/rules/railway-deployment.md")
Key topics covered:
- railway.json configuration, Nixpacks builds
- Environment variable management, database provisioning
- Multi-service setups, Railway CLI workflows
- References:
${CLAUDE_SKILL_DIR}/references/railway-json-config.md,${CLAUDE_SKILL_DIR}/references/nixpacks-customization.md,${CLAUDE_SKILL_DIR}/references/multi-service-setup.md
Deployment Strategies
Load: Read("${CLAUDE_SKILL_DIR}/references/deployment-strategies.md")
Key topics covered:
- Rolling deployment
- Blue-green deployment
- Canary releases
- Traffic splitting with Istio
Deployment Checklist & Templates
Load: Read("${CLAUDE_SKILL_DIR}/references/checklists-and-templates.md") for pre/during/post-deployment checklists, Helm chart structure, template reference table, and extended thinking triggers.
Related Skills
zero-downtime-migration- Database migration patterns for zero-downtime deploymentssecurity-scanning- Security scanning integration for CI/CD pipelinesork:monitoring-observability- Monitoring and alerting for deployed applicationsork:database-patterns- Python/Alembic migration workflow for backend deploymentsportless(upstream) - Named.localhostURLs for multi-service local dev (portless alias api 8080)
Key Decisions
| Decision | Choice | Rationale |
|---|---|---|
| Container user | Non-root (uid 1001) | Security best practice, required by many orchestrators |
| Deployment strategy | Rolling update (default) | Zero downtime, automatic rollback, resource efficient |
| Secrets management | External Secrets Operator | Syncs from cloud providers, GitOps compatible |
| Health checks | Separate startup/liveness/readiness | Prevents premature traffic, enables graceful shutdown |
Capability Details
Load: Read("${CLAUDE_SKILL_DIR}/references/capability-details.md") for full keyword index and problem-solution mapping across all 6 capabilities (ci-cd, docker, kubernetes, infrastructure-as-code, deployment-strategies, observability).
Related skills
More from yonatangross/orchestkit and the wider catalog.
architecture-decision-record
Use this skill when documenting significant architectural decisions. Provides ADR templates following the Nygard format with sections for context, decision, consequences, and alternatives. Use when writing ADRs, recording decisions, or evaluating options.
ui-components
UI component library patterns for shadcn/ui and Radix Primitives. Use when building accessible component libraries, customizing shadcn components, using Radix unstyled primitives, or creating design system foundations.
responsive-patterns
Responsive design with Container Queries, fluid typography, cqi/cqb units, subgrid, intrinsic layouts, foldable devices, and mobile-first patterns for React applications. Use when building responsive layouts or container queries.
rag-retrieval
Retrieval-Augmented Generation patterns for grounded LLM responses. Use when building RAG pipelines, embedding documents, implementing hybrid search, contextual retrieval, HyDE, agentic RAG, multimodal RAG, query decomposition, reranking, or pgvector search.
agent-orchestration
Agent orchestration patterns for agentic loops, multi-agent coordination, alternative frameworks, and multi-scenario workflows. Use when building autonomous agent loops, coordinating multiple agents, evaluating CrewAI/AutoGen/Swarm, or orchestrating complex multi-step scenarios.
zustand-patterns
Reference for Zustand 5.x state management including slices, middleware, Immer, useShallow, persistence, selectors, and devtools integration. Documents 7 core patterns with TypeScript examples and anti-patterns. Use when building React state management with Zustand instead of Redux.