OpenSkillIndex← back to search
claude-code

Some_claude_skills devops-automator

'Expert DevOps engineer for CI/CD, IaC, Kubernetes, and deployment automation. Activate on: CI/CD, GitHub Actions, Terraform, Docker, Kubernetes, Helm, ArgoCD, GitOps, deployment pipeline,

install
source · Clone the upstream repo
git clone https://github.com/curiositech/some_claude_skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/curiositech/some_claude_skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/.claude/skills/devops-automator" ~/.claude/skills/erichowens-some-claude-skills-devops-automator && rm -rf "$T"
manifest: .claude/skills/devops-automator/SKILL.md
source content

DevOps Automator

Expert DevOps engineer specializing in CI/CD pipelines, infrastructure as code, container orchestration, and deployment automation.

Activation Triggers

Activate on: "CI/CD", "GitHub Actions", "deployment pipeline", "Terraform", "infrastructure as code", "IaC", "Docker", "Kubernetes", "K8s", "Helm", "container orchestration", "GitOps", "ArgoCD", "deployment automation", "secrets management", "monitoring setup"

NOT for: Application development → language skills | Database design → 

data-pipeline-engineer
| API design → 
api-architect

Quick Start

  1. Define deployment strategy: Blue/Green, Canary, or Rolling
  2. Choose IaC tool: Terraform for cloud resources, Helm for K8s apps
  3. Design CI stages: lint → test → security scan → build → deploy
  4. Implement GitOps: Config repo synced by ArgoCD
  5. Add observability: Prometheus metrics, structured logging

Core Capabilities

DomainTools & Technologies
CI/CDGitHub Actions, GitLab CI, Jenkins
IaCTerraform, AWS CDK, Pulumi
ContainersDocker, Kubernetes, Helm
GitOpsArgoCD, Flux, Kustomize
MonitoringPrometheus, Grafana, ELK/EFK

Architecture Patterns

CI/CD Pipeline Flow

Code Commit → Build → Test → Security Scan → Package
                                              ↓
Monitor ← Release Staging ← Smoke Tests ← Deploy Dev
                 ↓
         Manual Approval
                 ↓
         Deploy Production

GitOps Architecture

App Repo ──CI──▶ Config Repo ──ArgoCD──▶ K8s Cluster
                     ▲                        │
                     └────Continuous Sync─────┘

Reference Files

Full working examples are in 

./references/
:

FileDescriptionLines
github-actions-patterns.yaml
Complete CI/CD pipeline217
terraform-eks-module.tf
Production EKS cluster282
kubernetes-deployment.yaml
Deployment + HPA + ArgoCD200
dockerfile-multistage.dockerfile
Optimized multi-stage build51

Anti-Patterns (AVOID These)

1. YAML Copy-Paste Proliferation

Symptom: Nearly identical workflow files duplicated across repositories Fix: Reusable workflows, Helm charts, Kustomize bases, Terraform modules

2. Hardcoded Secrets in Code

Symptom: API keys, passwords committed to git Fix: Secret managers (Vault, AWS SM), sealed secrets, env vars from secure sources

3. No Rollback Strategy

Symptom: No plan for deployment failure, manual intervention required Fix: Blue/green, canary with automated rollback, ArgoCD auto-revert

4. Monolithic CI Pipeline

Symptom: Single 45-minute pipeline rebuilding everything on every commit Fix: Parallel jobs, caching, incremental builds, path-based triggers

5. No Resource Limits

Symptom: K8s pods without CPU/memory limits consuming all host resources Fix: Always set requests/limits, use LimitRanges and ResourceQuotas

6. Running as Root in Containers

Symptom: Dockerfile without USER instruction, pods running privileged Fix: Add USER instruction, set securityContext.runAsNonRoot: true

7. Using :latest Tags

Symptom: 

FROM node:latest
or 
image: app:latest
in production Fix: Pin specific versions, use immutable tags with SHA digests

8. No Health Checks

Symptom: Missing HEALTHCHECK in Dockerfile, no liveness/readiness probes Fix: Add health endpoints, configure probes with appropriate timeouts

9. Single Point of Failure

Symptom: replicas: 1, no pod anti-affinity, single availability zone Fix: Multiple replicas, pod anti-affinity, topology spread constraints

10. Terraform State in Local File

Symptom: 

terraform.tfstate
committed to git or stored locally Fix: Remote backend (S3+DynamoDB, Terraform Cloud, GCS)

11. No Concurrency Control

Symptom: Multiple CI runs for same branch, deployment race conditions Fix: Use concurrency groups, implement deployment locks

12. Ignoring Security Scanning

Symptom: No vulnerability scanning, no secret detection in CI Fix: Trivy, Snyk, or Grype for vulnerabilities; TruffleHog for secrets

13. No Drift Detection

Symptom: Manual changes to infrastructure, config diverges from code Fix: ArgoCD diff detection, 

terraform plan
in CI, regular audits

14. Overly Permissive IAM

Symptom: IAM roles with 

*
actions, service accounts with cluster-admin Fix: Principle of least privilege, IRSA for pods, audit permissions

15. No Observability

Symptom: No metrics, logs only on stdout, no alerting Fix: Export metrics, structured logging, define SLOs, configure alerts

Validation Script

Run 

./scripts/validate-devops-skill.sh
to check:

  • GitHub Actions workflows for deprecated actions, missing caching
  • Dockerfiles for security best practices
  • Kubernetes manifests for resource limits, security contexts
  • Terraform for version constraints, sensitive defaults

Quality Checklist

[ ] All secrets in secret management (not in code)
[ ] Resource limits defined for all containers
[ ] Health checks configured (liveness, readiness)
[ ] Horizontal pod autoscaling enabled
[ ] Security contexts set (non-root, read-only)
[ ] Monitoring and alerting configured
[ ] Rollback strategy documented
[ ] Multi-environment support (dev, staging, prod)
[ ] Concurrency controls in CI pipelines
[ ] Remote state backend for Terraform
[ ] Vulnerability scanning in pipeline
[ ] Version pinning for all dependencies

Output Artifacts

  1. CI/CD Workflows - GitHub Actions, GitLab CI configs
  2. Terraform Modules - Reusable infrastructure components
  3. Kubernetes Manifests - Deployments, services, configs
  4. Helm Charts - Packaged applications
  5. Docker Configurations - Optimized multi-stage builds
  6. ArgoCD Applications - GitOps deployment definitions

Tools Available

  • Read
    , 
    Write
    , 
    Edit
    - File operations for configs and manifests
  • Bash(docker:*)
    - Build and manage containers
  • Bash(kubectl:*)
    - Kubernetes operations
  • Bash(terraform:*)
    - Infrastructure provisioning
  • Bash(helm:*)
    - Helm chart management
  • Bash(gh:*)
    - GitHub CLI operations