commit 7979c39a984d82297633e0f48cba69fc5223cd0f Author: Zhongwei Li Date: Sun Nov 30 08:53:51 2025 +0800 Initial commit diff --git a/.claude-plugin/plugin.json b/.claude-plugin/plugin.json new file mode 100644 index 0000000..02869cc --- /dev/null +++ b/.claude-plugin/plugin.json @@ -0,0 +1,11 @@ +{ + "name": "devops-skills", + "description": "Specialized skills for DevOps, CI/CD, containerization, and cloud infrastructure", + "version": "1.0.0", + "author": { + "name": "Claude Skills Marketplace" + }, + "commands": [ + "./commands" + ] +} \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..0ef6396 --- /dev/null +++ b/README.md @@ -0,0 +1,3 @@ +# devops-skills + +Specialized skills for DevOps, CI/CD, containerization, and cloud infrastructure diff --git a/commands/cicd-pipeline.md b/commands/cicd-pipeline.md new file mode 100644 index 0000000..91c3f1c --- /dev/null +++ b/commands/cicd-pipeline.md @@ -0,0 +1,268 @@ +# CI/CD Pipeline Expert + +**Description**: Build robust continuous integration and deployment pipelines + +## CI/CD Principles + +- **Continuous Integration**: Automatically test code changes +- **Continuous Deployment**: Automatically deploy to production +- **Continuous Delivery**: Keep code deployable, manual release + +## GitHub Actions + +### Basic Workflow +```yaml +# .github/workflows/ci.yml +name: CI + +on: + push: + branches: [main, develop] + pull_request: + branches: [main] + +jobs: + test: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version: '18' + cache: 'npm' + + - name: Install dependencies + run: npm ci + + - name: Run linter + run: npm run lint + + - name: Run tests + run: npm test + + - name: Build + run: npm run build + + - name: Upload coverage + uses: codecov/codecov-action@v3 + with: + files: ./coverage/lcov.info +``` + +### Deploy Workflow +```yaml +# .github/workflows/deploy.yml +name: Deploy + +on: + push: + branches: [main] + +jobs: + deploy: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + - name: Build and push Docker image + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + IMAGE_TAG: ${{ github.sha }} + run: | + docker build -t $ECR_REGISTRY/myapp:$IMAGE_TAG . + docker push $ECR_REGISTRY/myapp:$IMAGE_TAG + + - name: Deploy to ECS + run: | + aws ecs update-service \ + --cluster production \ + --service myapp \ + --force-new-deployment +``` + +### Matrix Testing +```yaml +# Test multiple versions +jobs: + test: + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] + node-version: [16, 18, 20] + + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + - run: npm ci + - run: npm test +``` + +## GitLab CI + +```yaml +# .gitlab-ci.yml +stages: + - test + - build + - deploy + +variables: + DOCKER_DRIVER: overlay2 + IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA + +# Run tests +test: + stage: test + image: node:18 + script: + - npm ci + - npm run lint + - npm test + coverage: '/Statements\s*:\s*(\d+\.\d+)%/' + artifacts: + reports: + coverage_report: + coverage_format: cobertura + path: coverage/cobertura-coverage.xml + +# Build Docker image +build: + stage: build + image: docker:latest + services: + - docker:dind + script: + - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY + - docker build -t $IMAGE_TAG . + - docker push $IMAGE_TAG + only: + - main + +# Deploy to production +deploy-production: + stage: deploy + image: alpine:latest + script: + - apk add --no-cache curl + - curl -X POST $DEPLOY_WEBHOOK_URL + environment: + name: production + url: https://myapp.com + only: + - main + when: manual # Require manual approval +``` + +## Best Practices + +### 1. **Fast Feedback** +```yaml +# Run fast checks first +jobs: + lint: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - run: npm run lint # Fast, fails early + + test: + runs-on: ubuntu-latest + needs: lint # Only run if lint passes + steps: + - uses: actions/checkout@v3 + - run: npm test +``` + +### 2. **Caching** +```yaml +# Cache dependencies +- uses: actions/cache@v3 + with: + path: ~/.npm + key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} + restore-keys: | + ${{ runner.os }}-node- +``` + +### 3. **Secrets Management** +```yaml +# Use secrets, never hardcode +env: + DATABASE_URL: ${{ secrets.DATABASE_URL }} + API_KEY: ${{ secrets.API_KEY }} +``` + +### 4. **Environment-Specific Deploys** +```yaml +# Deploy to different environments +deploy-staging: + environment: + name: staging + url: https://staging.myapp.com + only: + - develop + +deploy-production: + environment: + name: production + url: https://myapp.com + only: + - main + when: manual # Require approval +``` + +### 5. **Rollback Strategy** +```yaml +# Tag releases for easy rollback +- name: Create release tag + run: | + git tag v${{ github.run_number }} + git push origin v${{ github.run_number }} + +# Rollback command (manual) +# git checkout v123 +# docker pull myapp:v123 +``` + +## Pipeline Checklist + +- [ ] Run on every push/PR +- [ ] Fast feedback (< 10 minutes) +- [ ] Test multiple environments +- [ ] Cache dependencies +- [ ] Secrets in vault/secrets manager +- [ ] Notifications on failure +- [ ] Manual approval for production +- [ ] Automated rollback capability +- [ ] Monitor deployment health + +## When to Use This Skill + +- Setting up CI/CD pipelines +- Automating testing and deployment +- Configuring GitHub Actions or GitLab CI +- Improving build times +- Implementing deployment strategies + +--- + +**Remember**: Good CI/CD gives fast, reliable feedback on every change! diff --git a/commands/docker-expert.md b/commands/docker-expert.md new file mode 100644 index 0000000..36fe192 --- /dev/null +++ b/commands/docker-expert.md @@ -0,0 +1,271 @@ +# Docker Expert + +**Description**: Build efficient, secure Docker containers following best practices + +## Core Concepts + +- **Image**: Read-only template for containers +- **Container**: Running instance of an image +- **Dockerfile**: Instructions to build an image +- **Registry**: Storage for images (Docker Hub, ECR, etc.) +- **Volume**: Persistent data storage +- **Network**: Container communication + +## Dockerfile Best Practices + +### Multi-Stage Build +```dockerfile +# ✅ Best practice: Multi-stage build for smaller images +# Stage 1: Build +FROM node:18-alpine AS builder +WORKDIR /app +COPY package*.json ./ +RUN npm ci --only=production +COPY . . +RUN npm run build + +# Stage 2: Production +FROM node:18-alpine +WORKDIR /app +COPY --from=builder /app/dist ./dist +COPY --from=builder /app/node_modules ./node_modules +EXPOSE 3000 +USER node +CMD ["node", "dist/server.js"] + +# ❌ Bad: Single stage with dev dependencies +FROM node:18 +WORKDIR /app +COPY . . +RUN npm install # Installs dev dependencies too +CMD ["node", "server.js"] +``` + +### Layer Optimization +```dockerfile +# ✅ Good: Optimize layer caching +FROM python:3.11-slim +WORKDIR /app + +# Install dependencies first (cached if unchanged) +COPY requirements.txt . +RUN pip install --no-cache-dir -r requirements.txt + +# Copy application code (changes frequently) +COPY . . + +# ❌ Bad: Copy everything first +FROM python:3.11-slim +COPY . /app # Every code change invalidates all layers +RUN pip install -r requirements.txt +``` + +### Security +```dockerfile +# ✅ Security best practices +FROM node:18-alpine # Use specific versions and minimal images + +# Create non-root user +RUN addgroup -g 1001 -S nodejs && \ + adduser -S nodejs -u 1001 + +WORKDIR /app + +# Install dependencies +COPY package*.json ./ +RUN npm ci --only=production && \ + npm cache clean --force + +COPY --chown=nodejs:nodejs . . + +# Run as non-root +USER nodejs + +EXPOSE 3000 +CMD ["node", "server.js"] + +# ❌ Bad: Security issues +FROM node:latest # Don't use 'latest' +COPY . . +RUN npm install +CMD ["node", "server.js"] # Running as root! +``` + +## Common Docker Commands + +```bash +# Build image +docker build -t myapp:1.0 . +docker build -t myapp:1.0 -f Dockerfile.prod . + +# Run container +docker run -d -p 3000:3000 --name myapp myapp:1.0 +docker run -it --rm myapp:1.0 sh # Interactive shell + +# Environment variables +docker run -e NODE_ENV=production -e PORT=3000 myapp:1.0 + +# Volumes +docker run -v $(pwd)/data:/app/data myapp:1.0 + +# View logs +docker logs myapp +docker logs -f myapp # Follow logs + +# Execute commands in running container +docker exec -it myapp sh +docker exec myapp ls -la + +# Stop/start/remove +docker stop myapp +docker start myapp +docker rm myapp +docker rm -f myapp # Force remove + +# Image management +docker images +docker rmi myapp:1.0 +docker image prune # Remove unused images + +# Container management +docker ps # Running containers +docker ps -a # All containers +docker container prune # Remove stopped containers +``` + +## Docker Compose + +```yaml +# docker-compose.yml +version: '3.8' + +services: + # Web application + web: + build: + context: . + dockerfile: Dockerfile + ports: + - "3000:3000" + environment: + - NODE_ENV=production + - DATABASE_URL=postgresql://db:5432/myapp + depends_on: + - db + - redis + volumes: + - ./logs:/app/logs + networks: + - app-network + restart: unless-stopped + + # Database + db: + image: postgres:15-alpine + environment: + - POSTGRES_DB=myapp + - POSTGRES_USER=user + - POSTGRES_PASSWORD=password + volumes: + - db-data:/var/lib/postgresql/data + networks: + - app-network + restart: unless-stopped + + # Cache + redis: + image: redis:7-alpine + networks: + - app-network + restart: unless-stopped + +volumes: + db-data: + +networks: + app-network: + driver: bridge +``` + +```bash +# Docker Compose commands +docker-compose up -d # Start services +docker-compose down # Stop and remove +docker-compose logs -f web # View logs +docker-compose exec web sh # Execute command +docker-compose ps # List services +docker-compose restart web # Restart service +``` + +## .dockerignore + +``` +# .dockerignore - Exclude files from build context +node_modules +npm-debug.log +.git +.gitignore +.env +.env.local +*.md +dist +coverage +.DS_Store +``` + +## Healthchecks + +```dockerfile +# Add healthcheck to Dockerfile +HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ + CMD node healthcheck.js || exit 1 +``` + +```javascript +// healthcheck.js +const http = require('http'); + +const options = { + host: 'localhost', + port: 3000, + path: '/health', + timeout: 2000 +}; + +const request = http.request(options, (res) => { + console.log(`STATUS: ${res.statusCode}`); + process.exit(res.statusCode === 200 ? 0 : 1); +}); + +request.on('error', (err) => { + console.log('ERROR', err); + process.exit(1); +}); + +request.end(); +``` + +## Best Practices Checklist + +- [ ] Use specific image versions (not `latest`) +- [ ] Use minimal base images (alpine) +- [ ] Multi-stage builds for smaller images +- [ ] Optimize layer caching +- [ ] Run as non-root user +- [ ] Use .dockerignore +- [ ] Add healthchecks +- [ ] Set resource limits +- [ ] Use secrets management (not ENV vars for secrets) +- [ ] Scan images for vulnerabilities + +## When to Use This Skill + +- Containerizing applications +- Creating Dockerfiles +- Setting up multi-container applications +- Optimizing Docker images +- Debugging container issues + +--- + +**Remember**: Small, secure, and efficient containers are the goal! diff --git a/plugin.lock.json b/plugin.lock.json new file mode 100644 index 0000000..7f73782 --- /dev/null +++ b/plugin.lock.json @@ -0,0 +1,49 @@ +{ + "$schema": "internal://schemas/plugin.lock.v1.json", + "pluginId": "gh:samuelgarrett/claude-code-plugin-test:devops-skills", + "normalized": { + "repo": null, + "ref": "refs/tags/v20251128.0", + "commit": "003df0fbde3594f11a0306181b0d40c743c77b7c", + "treeHash": "9a538695b11d78c9df0e9de029884018a01f24ca8faf53b2172a53533887bb34", + "generatedAt": "2025-11-28T10:28:08.041377Z", + "toolVersion": "publish_plugins.py@0.2.0" + }, + "origin": { + "remote": "git@github.com:zhongweili/42plugin-data.git", + "branch": "master", + "commit": "aa1497ed0949fd50e99e70d6324a29c5b34f9390", + "repoRoot": "/Users/zhongweili/projects/openmind/42plugin-data" + }, + "manifest": { + "name": "devops-skills", + "description": "Specialized skills for DevOps, CI/CD, containerization, and cloud infrastructure", + "version": "1.0.0" + }, + "content": { + "files": [ + { + "path": "README.md", + "sha256": "fd0330dcfac79e8a3b08a3fc3b729dcf26b1f0b70391948b2c4f07dbc556feaf" + }, + { + "path": ".claude-plugin/plugin.json", + "sha256": "392a5d9da42577712aee8c58144dd193357939fa782b1afd7244efcf33575d0f" + }, + { + "path": "commands/docker-expert.md", + "sha256": "c3929726b1b97dce9a53a4e7ff609564f01097320eeeab33bb74a4ca1c07725e" + }, + { + "path": "commands/cicd-pipeline.md", + "sha256": "8e4c2991fdd3a4e7e29b318e140cd7ed2495fa6dd27d0b3e675d7e48bc51dabc" + } + ], + "dirSha256": "9a538695b11d78c9df0e9de029884018a01f24ca8faf53b2172a53533887bb34" + }, + "security": { + "scannedAt": null, + "scannerVersion": null, + "flags": [] + } +} \ No newline at end of file