OpenSkillIndex← back to search
claude-code

Cc-devops-skills fluentbit-validator

Validate, lint, audit, or check Fluent Bit configs (INPUT, FILTER, OUTPUT, tag routing).

install
source · Clone the upstream repo
git clone https://github.com/akin-ozer/cc-devops-skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/akin-ozer/cc-devops-skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/devops-skills-plugin/skills/fluentbit-validator" ~/.claude/skills/akin-ozer-cc-devops-skills-fluentbit-validator && rm -rf "$T"
manifest: devops-skills-plugin/skills/fluentbit-validator/SKILL.md
source content

Fluent Bit Validator

Use this skill to run deterministic, repeatable validation for Fluent Bit classic-mode configs.

Trigger Phrases

Use this skill when prompts look like:

  • "Validate this 
    fluent-bit.conf
    before deploy"
  • "Lint my Fluent Bit config and report issues"
  • "Check tag routing and output matches in Fluent Bit"
  • "Run security checks for Fluent Bit config"
  • "Dry-run Fluent Bit config and tell me what failed"

Execution Model

Run steps in order. Do not skip Stage 0.

Stage 0: Precheck (Required)

Run from skill directory:

cd devops-skills-plugin/skills/fluentbit-validator

Check required and optional binaries:

command -v python3 >/dev/null 2>&1 && echo "python3: available" || echo "python3: missing"
command -v fluent-bit >/dev/null 2>&1 && echo "fluent-bit: available" || echo "fluent-bit: missing (dry-run will be skipped)"

Precheck protocol:

  • If 
    python3
    is missing: stop script-based validation, report blocker, and switch to manual config review only.
  • If 
    fluent-bit
    is missing: continue static checks, skip dry-run, and record a 
    Recommendation
    explaining skip reason and next step.

Stage 1: Static Validation (Required)

Default command:

python3 scripts/validate_config.py --file <config-file> --check all

Use targeted checks only when requested:

python3 scripts/validate_config.py --file <config-file> --check structure
python3 scripts/validate_config.py --file <config-file> --check sections
python3 scripts/validate_config.py --file <config-file> --check tags
python3 scripts/validate_config.py --file <config-file> --check security
python3 scripts/validate_config.py --file <config-file> --check performance
python3 scripts/validate_config.py --file <config-file> --check best-practices
python3 scripts/validate_config.py --file <config-file> --check dry-run

Strict CI gate (optional):

python3 scripts/validate_config.py --file <config-file> --check all --fail-on-warning

Stage 2: Dry-Run Handling (Conditional)

Dry-run command:

fluent-bit -c <config-file> --dry-run

Skip protocol:

  • If 
    fluent-bit
    is unavailable, do not fail static validation by default.
  • Emit one explicit finding: 
    • Recommendation: Dry-run skipped because fluent-bit binary is not available in PATH; run dry-run in CI or a Fluent Bit runtime image.
  • If user explicitly requires dry-run as a release gate, run:
python3 scripts/validate_config.py --file <config-file> --check dry-run --require-dry-run
  • In release-gate mode, missing 
    fluent-bit
    must be reported as 
    Error
    .

Stage 3: Reference Lookup (Optional)

Use only when plugin/parameter behavior is unclear after local checks.

Lookup order:

  1. Context7 Fluent Bit docs.
  2. Official docs at 
    docs.fluentbit.io
    .
  3. Broader web search limited to official/plugin sources.

Capture only:

  • required fields,
  • allowed values and defaults,
  • version caveats relevant to the user config.

Stage 4: Report and Remediation (Required)

Use exactly these severity labels:

  • Error
  • Warning
  • Recommendation

Do not introduce alternate labels (

Info
, 
Best Practice
, 
Critical
, etc.).

Report format:

Validation Report: <config-file>

Error:
- <blocking issue>

Warning:
- <non-blocking risk>

Recommendation:
- <improvement or skipped-step guidance>

Remediation flow:

  1. Present findings with file/line context when available.
  2. Ask for approval before changing user files.
  3. Apply approved changes.
  4. Re-run the same validation command(s).
  5. Return delta: what changed, what remains, and final status.

No-issue fast path:

  • If no findings exist, return a short pass summary and note whether dry-run was executed or skipped.

Fallback Matrix

ConstraintBehavior
python3
missing		Stop scripted validator, report blocker as 
Error
, provide manual review-only output.
fluent-bit
missing		Continue static checks, skip dry-run, emit one 
Recommendation
with next step.
No network/docs accessContinue local validation, report unknown plugin details as 
Warning
with explicit "doc lookup deferred".
User requests report-onlyDo not edit files; return findings and rerun command suggestion.

Canonical Flows

Full validation flow

bash scripts/validate.sh --precheck
python3 scripts/validate_config.py --file tests/valid-basic.conf --check all

Constrained environment flow (
fluent-bit
unavailable)

bash scripts/validate.sh --precheck
python3 scripts/validate_config.py --file tests/invalid-security-issues.conf --check all --json

Expected outcome:

  • Static findings still produced.
  • Dry-run skipped and reported under 
    Recommendation
    .

Done Criteria

Work is done only when all are true:

  • Precheck was executed and binary availability was stated explicitly.
  • Validation command(s) and scope are clear and reproducible.
  • All findings use only 
    Error
    , 
    Warning
    , 
    Recommendation
    .
  • Dry-run path is explicit: executed or skipped with reason.
  • Fallback behavior for tool/runtime constraints is documented in output.
  • If fixes were applied, validation was re-run and post-fix status was reported.

Local Assets

  • scripts/validate_config.py
    : main validator.
  • scripts/validate.sh
    : wrapper and environment precheck helper.
  • tests/*.conf
    : sample valid/invalid configs.
  • tests/test_validate_config.py
    : regression coverage for parser and severity behavior.