checking-deploy

Deployment Validation

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "checking-deploy" with this command: npx skills add alexei-led/claude-code-config/alexei-led-claude-code-config-checking-deploy

Deployment Validation

Validate Kubernetes, Terraform, Helm, GitHub Actions, and Docker configs.

Use TodoWrite to track these 5 phases:

  • Detect infrastructure files

  • Spawn validation agent

  • Collect results

  • Research best practices (if needed)

  • Present summary

Parse $ARGUMENTS:

  • --background → Run in background, return immediately with agent ID

Step 1: Detect Infrastructure Files

Use Glob to find infrastructure files (quick scan):

  • **/.yaml , **/.yml

  • K8s, Helm, Kustomize

  • .github/workflows/*.yml

  • GitHub Actions

  • **/*.tf

  • Terraform

  • */Dockerfile , */docker-compose.yml

  • Docker

Step 2: Spawn Validation Agent

Based on detected file types, spawn infra-engineer agent:

Task( subagent_type="infra-engineer", run_in_background={true if --background else false}, description="Infrastructure validation", prompt="Validate {detected_types} infrastructure in this repository.

Run these validations (only for detected file types):

Kubernetes:

  • kubectl apply --dry-run=client -f <files>
  • Check: security contexts, resource limits, non-root users
  • Check: liveness/readiness probes defined
  • Check: no 'latest' image tags

Helm:

  • helm lint <chart>
  • helm template validation
  • Check: values.yaml has sensible defaults

GitHub Actions:

  • actionlint (if available)
  • Check: secrets not hardcoded
  • Check: permissions minimized (not 'write-all')
  • Check: pinned action versions (@vX.Y.Z not @main)

Terraform:

  • terraform fmt -check
  • terraform validate
  • Check: no hardcoded credentials
  • Check: state backend configured

Dockerfile:

  • Multi-stage builds where appropriate
  • Non-root user (USER directive)
  • Pinned base image tags (not :latest)
  • No secrets in build args

Output format: PASS/FAIL per category with file:line for issues. Severity: CRITICAL / IMPORTANT / SUGGESTION" )

If --background: Return agent ID immediately for later collection.

Step 3: Collect Results (if not background)

TaskOutput(task_id=<agent_id>, block=true)

Step 4: Research if Needed

For uncertain findings, use Perplexity for current best practices:

mcp__perplexity-ask__perplexity_ask with: "Current best practices for {specific concern} in {technology} 2024-2025"

Step 5: Present Summary

DEPLOYMENT CHECK

Agent ID: {id} (use /agent:resume {id} to continue)

Kubernetes: [PASS/FAIL] - {details} Helm: [PASS/FAIL] - {details} GitHub Actions: [PASS/FAIL] - {details} Terraform: [PASS/FAIL] - {details} Docker: [PASS/FAIL] - {details}

CRITICAL Issues:

  • file:line - issue description

IMPORTANT Issues:

  • file:line - issue description

Recommendations:

  • [prioritized list]

Execute validation now.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

brainstorming-ideas

No summary provided by upstream source.

Repository SourceNeeds Review
-16
alexei-led
Coding

testing-e2e

No summary provided by upstream source.

Repository SourceNeeds Review
-10
alexei-led
Coding

refactoring-code

No summary provided by upstream source.

Repository SourceNeeds Review
-9
alexei-led