devops-engineer

skill:devops-engineer - CI/CD Pipelines & Infrastructure Automation

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "devops-engineer" with this command: npx skills add olino3/forge/olino3-forge-devops-engineer

skill:devops-engineer - CI/CD Pipelines & Infrastructure Automation

Version: 1.0.0

Purpose

The devops-engineer skill designs and implements CI/CD pipelines, infrastructure automation, and DevOps practices. It creates efficient build, test, and deployment workflows, implements release strategies, and promotes DevOps culture.

Use this skill when:

  • Setting up CI/CD pipelines for a new project

  • Optimizing existing build and deployment workflows

  • Implementing infrastructure automation

  • Designing release strategies (blue/green, canary, rolling)

  • Troubleshooting pipeline failures

  • Migrating between CI/CD platforms

Produces:

  • Pipeline configuration files (GitHub Actions, Azure Pipelines, GitLab CI, etc.)

  • Infrastructure automation scripts

  • Deployment strategies and runbooks

  • Pipeline optimization recommendations

  • DevOps best practices documentation

File Structure

skills/devops-engineer/ ├── SKILL.md (this file) ├── examples.md └── templates/ └── pipeline_template.md

Interface References

  • Context: Loaded via ContextProvider Interface

  • Memory: Accessed via MemoryStore Interface

  • Shared Patterns: Shared Loading Patterns

  • Schemas: Validated against context_metadata.schema.json and memory_entry.schema.json

Mandatory Workflow

IMPORTANT: Execute ALL steps in order. Do not skip any step.

Step 1: Initial Analysis

  • Gather project requirements:

  • Source control platform (GitHub, GitLab, Azure DevOps, Bitbucket)

  • Programming language(s) and build tools

  • Testing framework(s)

  • Deployment targets (cloud, on-premise, hybrid)

  • Release frequency and strategy

  • Team size and expertise

  • Security and compliance requirements

  • Detect existing CI/CD configuration:

  • Analyze .github/workflows/ , .gitlab-ci.yml , azure-pipelines.yml , Jenkinsfile

  • Review build scripts and deployment configurations

  • Identify pain points and bottlenecks

  • Determine project name for memory lookup

Step 2: Load Memory

Follow Standard Memory Loading with skill="devops-engineer" and domain="azure" (or detected domain).

Load project-specific memory:

memoryStore.getSkillMemory("devops-engineer", "{project-name}")

Check for cross-skill insights:

memoryStore.getByProject("{project-name}")

Review memory for:

  • Previous pipeline configurations and lessons learned

  • Deployment strategies that worked/failed

  • Build optimization techniques

  • Security scanning integrations

  • Performance benchmarks (build times, deployment times)

Step 3: Load Context

Follow Standard Context Loading for the azure domain and other relevant domains. Stay within the file budget declared in frontmatter.

Use context indexes:

contextProvider.getDomainIndex("azure") contextProvider.getDomainIndex("git") contextProvider.getDomainIndex("engineering") contextProvider.getDomainIndex("security")

Load relevant context files based on project needs:

  • Azure Pipelines patterns if using Azure DevOps

  • Git workflow patterns

  • Security scanning patterns

  • Container and Kubernetes patterns if relevant

Budget: 6 files maximum

Step 4: Pipeline Design

  • Design CI/CD pipeline stages:

  • Source: Trigger conditions (push, PR, schedule, manual)

  • Build: Compilation, dependency resolution, artifact creation

  • Test: Unit tests, integration tests, security scans, code quality

  • Package: Container images, application packages, deployment artifacts

  • Deploy: Environment promotion (dev → staging → prod)

  • Verify: Smoke tests, health checks, rollback triggers

  • Choose pipeline platform and justify:

  • GitHub Actions: Best for GitHub-hosted repos, extensive marketplace

  • GitLab CI: Best for GitLab, integrated security scanning

  • Azure Pipelines: Best for Microsoft stack, enterprise features

  • Jenkins: Best for self-hosted, maximum customization

  • Define pipeline triggers and conditions

  • Plan artifact management and caching strategies

  • Design environment-specific configurations

Step 5: Infrastructure Automation

  • Implement Infrastructure as Code (IaC):

  • Terraform for multi-cloud provisioning

  • ARM/Bicep for Azure resources

  • CloudFormation for AWS resources

  • Pulumi for programming language-based IaC

  • Automate environment provisioning:

  • Development, staging, production environments

  • Environment parity (minimize dev/prod differences)

  • Ephemeral environments for PRs/feature branches

  • Implement configuration management:

  • Environment variables and secrets

  • Feature flags

  • Configuration drift detection

Step 6: Release Strategy

  • Design deployment strategy:

  • Blue/Green: Zero-downtime, instant rollback

  • Canary: Gradual rollout with monitoring

  • Rolling: Sequential updates with minimal downtime

  • Feature Flags: Progressive feature enablement

  • Implement deployment gates:

  • Manual approval gates for production

  • Automated quality gates (test pass rate, code coverage)

  • Security gates (vulnerability scanning, compliance checks)

  • Plan rollback and disaster recovery:

  • Automated rollback triggers

  • Database migration rollback

  • State recovery procedures

Step 7: Testing & Quality Gates

  • Implement comprehensive testing:

  • Unit Tests: Fast, isolated component tests

  • Integration Tests: API and service integration tests

  • E2E Tests: Full user journey tests

  • Performance Tests: Load and stress testing

  • Security Tests: SAST, DAST, dependency scanning

  • Set quality gates:

  • Code coverage thresholds (e.g., 80% minimum)

  • Test pass rate requirements (e.g., 100% for production)

  • Security vulnerability limits (e.g., no critical CVEs)

  • Code quality scores (e.g., Sonar quality gate)

  • Implement fail-fast mechanisms

Step 8: Observability & Monitoring

  • Implement pipeline observability:

  • Build and deployment metrics (success rate, duration)

  • Failure alerts and notifications

  • Pipeline analytics and trends

  • Integrate application monitoring:

  • Health check endpoints

  • Deployment markers in monitoring tools

  • Error rate tracking post-deployment

  • Set up feedback loops:

  • Failed build notifications (Slack, Teams, email)

  • Deployment summaries

  • Performance regression alerts

Step 9: Security & Compliance

  • Implement security scanning:

  • Static Application Security Testing (SAST)

  • Software Composition Analysis (SCA) for dependencies

  • Container image scanning

  • Infrastructure security scanning (IaC validation)

  • Manage secrets securely:

  • Use platform secret stores (GitHub Secrets, Azure Key Vault)

  • Rotate secrets regularly

  • Never commit secrets to source control

  • Implement compliance controls:

  • Audit logging

  • Access controls and approvals

  • Artifact signing and verification

Step 10: Generate Output

  • Save DevOps documentation to /claudedocs/devops-engineer_{project}_{YYYY-MM-DD}.md

  • Follow naming conventions in ../OUTPUT_CONVENTIONS.md

  • Use template from templates/pipeline_template.md if available

  • Include:

  • Pipeline architecture diagram

  • Configuration files (complete and ready to use)

  • Deployment strategy and runbooks

  • Testing strategy and quality gates

  • Security and compliance measures

  • Monitoring and alerting setup

  • Troubleshooting guide

  • Next steps and improvement recommendations

Step 11: Update Memory

Follow Standard Memory Update for skill="devops-engineer" .

Store learned insights:

memoryStore.updateSkillMemory("devops-engineer", "{project-name}", { pipeline_patterns: [...], deployment_strategies: [...], optimizations: [...], lessons_learned: [...] })

Update memory with:

  • Pipeline configurations and patterns

  • Deployment strategies and results

  • Build optimization techniques

  • Security integration patterns

  • Performance metrics and improvements

  • Common issues and resolutions

Compliance Checklist

Before completing, verify:

  • All mandatory workflow steps executed in order

  • Standard Memory Loading pattern followed (Step 2)

  • Standard Context Loading pattern followed (Step 3)

  • Pipeline design completed with all stages (Step 4)

  • Infrastructure automation implemented (Step 5)

  • Release strategy defined (Step 6)

  • Testing and quality gates configured (Step 7)

  • Observability and monitoring set up (Step 8)

  • Security and compliance measures implemented (Step 9)

  • Output saved with standard naming convention (Step 10)

  • Standard Memory Update pattern followed (Step 11)

DevOps Principles

  1. Automation First

  • Automate repetitive tasks

  • Infrastructure as Code

  • Automated testing at every stage

  • Self-service environments

  1. Continuous Integration

  • Commit code frequently (daily minimum)

  • Build and test on every commit

  • Fail fast with rapid feedback

  • Maintain a single source of truth

  1. Continuous Delivery

  • Every commit is a release candidate

  • Automated deployment to staging

  • Manual or automated production deployment

  • Rollback capability always available

  1. Shift Left Security

  • Security scanning in development

  • Automated vulnerability detection

  • Secure secrets management

  • Compliance as code

  1. Observability

  • Comprehensive logging

  • Metrics and monitoring

  • Distributed tracing

  • Actionable alerts

CI/CD Platform Comparison

Feature GitHub Actions Azure Pipelines GitLab CI Jenkins

Hosting Cloud Cloud + Self-hosted Cloud + Self-hosted Self-hosted

Pricing Free (public), metered (private) Free tier, then metered Free tier, then metered Free (DIY hosting)

Marketplace Extensive (10K+ actions) Moderate Good Extensive (plugins)

YAML Syntax Straightforward Comprehensive Straightforward Groovy/Declarative

Container Support Excellent Excellent Excellent Good

Kubernetes Good (via actions) Excellent (native) Excellent Good (plugins)

Security Scanning Via actions Built-in + extensions Built-in Via plugins

Best For GitHub repos Microsoft stack GitLab repos Custom workflows

Common Pipeline Patterns

Pattern 1: Monorepo Multi-Service

  • Detect changed services via path filters

  • Run tests only for changed services

  • Deploy only changed services

  • Shared pipeline templates

Pattern 2: Trunk-Based Development

  • Frequent small commits to main

  • Short-lived feature branches

  • Feature flags for incomplete features

  • Continuous deployment to staging

Pattern 3: GitFlow

  • Long-lived develop and main branches

  • Feature branches for development

  • Release branches for stabilization

  • Hotfix branches for production fixes

Pattern 4: Microservices Pipeline

  • Service-specific pipelines

  • Contract testing between services

  • Independent deployment schedules

  • Service mesh integration

Version History

Version Date Changes

1.0.0 2026-02-12 Initial release with comprehensive CI/CD and DevOps capabilities

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

typescript

No summary provided by upstream source.

Repository SourceNeeds Review
-5
olino3
Coding

angular-code-review

No summary provided by upstream source.

Repository SourceNeeds Review
-3
olino3
Coding

generate-python-unit-tests

No summary provided by upstream source.

Repository SourceNeeds Review
-3
olino3