zhongwei/gh-dotclaude-marketplace-plugins-infra-pipeline
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d5d29628081b1981b2817aaa1f5041183aa5058b
gh-dotclaude-marketplace-pl…/commands/deploy.md
Zhongwei Li d5d2962808 Initial commit
2025-11-29 18:24:03 +08:00

7.1 KiB
Raw Blame History

model, allowed-tools, argument-hint, description
model allowed-tools argument-hint description
claude-sonnet-4-0 Task, Bash, Read, Write <environment> [strategy] Orchestrate deployments with rollback strategies and health checks

Infrastructure Deployment Command

Orchestrate sophisticated infrastructure deployments with CI/CD best practices, automated rollback strategies, and comprehensive health checks. Manage blue-green, canary, rolling, and recreate deployment patterns across environments.

SECURITY WARNING

CRITICAL: Deployment operations have high-privilege access and can modify production systems.

Deployment scripts will:

  • Execute commands on production infrastructure
  • Modify load balancer configurations
  • Update database schemas or trigger migrations
  • Handle sensitive environment variables and secrets
  • Potentially cause service disruptions if misconfigured

Pre-Deployment Security Checklist

BEFORE executing any deployment, verify:

  • Credentials Management: No secrets in code, use vaults or secret managers
  • Access Control: Deployment executed by authorized personnel only
  • Change Approval: Required approvals obtained for production deployments
  • Rollback Plan: Tested rollback procedure available
  • Secrets Rotation: No hardcoded credentials, proper secret injection
  • Audit Logging: All deployment actions logged with who/what/when
  • Validation Gates: Pre-deployment health checks passed
  • Backup Verification: Recent backup available before destructive operations
  • Blast Radius: Impact scope understood and limited
  • Communication: Relevant teams notified of deployment window

Deployment Security Best Practices

  1. Secret Management

    • Use AWS Secrets Manager, HashiCorp Vault, or similar
    • Rotate secrets regularly, especially after deployments
    • Never log or echo secrets in deployment scripts
    • Use scoped, short-lived credentials when possible

  2. Least Privilege Deployment

    • Use service accounts with minimum required permissions
    • Avoid deploying as root or with admin privileges
    • Scope IAM roles to specific resources and actions
    • Review and audit deployment permissions quarterly

  3. Secure Communication

    • All deployment traffic over TLS/HTTPS
    • Verify TLS certificates, don't disable validation
    • Use VPN or bastion hosts for production access
    • Implement network segmentation and firewalls

  4. Validation & Safety

    • Dry-run mode to preview changes before execution
    • Health checks at every stage of deployment
    • Automated rollback triggers on error thresholds
    • Database migrations in transactions when possible
    • Blue-green keeps previous version running until validated

Red Flags to Never Ignore

STOP IMMEDIATELY if you see:

  • Secrets hardcoded in deployment scripts
  • Deployment scripts with 777 permissions
  • Root credentials used for deployment
  • Deployment bypassing change approval process
  • No rollback strategy for production changes
  • Untested deployment to production
  • Missing health checks or monitoring

How It Works

This command invokes the deployment-coordinator agent to:

  1. Validate deployment readiness and environment configuration
  2. Execute pre-deployment checks and dependency verification
  3. Orchestrate the selected deployment strategy
  4. Monitor health checks and performance metrics
  5. Manage automated rollback if issues are detected
  6. Generate deployment reports and audit trails

Arguments

$1 (Required): Deployment target or environment

  • staging: Staging environment deployment
  • production: Production environment deployment
  • dev: Development environment deployment
  • Custom environment names as configured

$2 (Optional): Deployment strategy

  • blue-green: Zero-downtime deployment with instant rollback capability (default for production)
  • canary: Progressive rollout with traffic shifting
  • rolling: Gradual instance replacement with configurable batch size
  • recreate: Simple stop-start deployment (default for staging/dev)

Examples

Blue-Green Production Deployment

/deploy production blue-green

Orchestrates zero-downtime deployment with automated traffic switching and instant rollback capability

Canary Staging Deployment

/deploy staging canary

Progressive deployment with 10% -> 50% -> 100% traffic shifting and automated rollback on error thresholds

Rolling Update

/deploy production rolling

Gradual instance replacement with health checks between batches and automatic pause on failures

Simple Staging Deployment

/deploy staging

Uses recreate strategy for straightforward staging deployment with basic health validation

Use Cases

Production Deployments

  • Zero-downtime releases
  • Traffic management
  • Automated rollback
  • Performance validation

Staging Validation

  • Pre-production testing
  • Integration validation
  • Performance benchmarking
  • Security scanning

Emergency Rollbacks

  • Instant blue-green switch
  • Canary traffic reversal
  • Rolling update pause/rollback
  • State preservation

Multi-Region Deployments

  • Region-by-region rollout
  • Cross-region validation
  • Failover management
  • Global load balancing

What You Get

  1. Deployment Orchestration: Automated execution of complex deployment patterns
  2. Health Monitoring: Continuous validation with configurable thresholds and metrics
  3. Rollback Automation: Instant rollback triggers based on health, performance, or error rates
  4. Audit Trail: Complete deployment history with decision points and metrics
  5. Integration Points: CI/CD pipeline integration with GitHub Actions, GitLab CI, Jenkins

Deployment Strategy Details

Blue-Green:

  • Maintains two identical production environments
  • Instant traffic switching via load balancer
  • Zero downtime with immediate rollback
  • Best for critical production systems

Canary:

  • Progressive traffic shifting (10% -> 50% -> 100%)
  • Automated metrics comparison between versions
  • Gradual rollback with minimal user impact
  • Ideal for validating new features

Rolling:

  • Configurable batch size and wait times
  • Health checks between batches
  • Automatic pause on threshold breaches
  • Good for large-scale deployments

Recreate:

  • Simple stop-start deployment
  • Brief downtime acceptable
  • Minimal complexity
  • Suitable for dev/staging environments

Tips for Best Results

  1. Test in Staging: Always validate deployment strategies in staging first
  2. Define Health Checks: Configure comprehensive health endpoints and thresholds
  3. Set Rollback Criteria: Define clear metrics for automated rollback triggers
  4. Monitor Actively: Use observability tools during deployment windows
  5. Document Changes: Include deployment notes and change logs

Example Session

/deploy production blue-green

Result: Deployment coordinator validates infrastructure, runs pre-flight checks, provisions blue environment, validates health, switches traffic at load balancer, monitors for 5 minutes, and either commits or rolls back based on metrics. Full audit trail and performance report generated.

Invoke the deployment-coordinator agent with: $ARGUMENTS

Reference in New Issue View Git Blame Copy Permalink