Claude-skill-registry docker-ci-cd
Docker integration with CI/CD pipelines for automated builds, testing, and deployments
install
source · Clone the upstream repo
git clone https://github.com/majiayu000/claude-skill-registry
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/docker-ci-cd" ~/.claude/skills/majiayu000-claude-skill-registry-docker-ci-cd && rm -rf "$T"
manifest:
skills/data/docker-ci-cd/SKILL.mdsource content
Docker CI/CD Skill
Integrate Docker with CI/CD pipelines for automated image builds, security scanning, and deployments.
Purpose
Set up automated Docker workflows with GitHub Actions, GitLab CI, and other CI/CD platforms.
Parameters
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
| platform | enum | No | github | github/gitlab/jenkins |
| registry | string | No | ghcr.io | Container registry |
| scan | boolean | No | true | Include security scan |
GitHub Actions
Complete Workflow
name: Docker Build and Deploy on: push: branches: [main] pull_request: branches: [main] env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} jobs: build: runs-on: ubuntu-latest permissions: contents: read packages: write steps: - uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to Registry if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=sha type=ref,event=branch type=semver,pattern={{version}} - name: Build and push uses: docker/build-push-action@v5 with: context: . push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max - name: Scan for vulnerabilities uses: aquasecurity/trivy-action@master with: image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-${{ github.sha }} exit-code: '1' severity: 'CRITICAL,HIGH'
Multi-Arch Build
- name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Build multi-arch uses: docker/build-push-action@v5 with: platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.meta.outputs.tags }}
GitLab CI
# .gitlab-ci.yml stages: - build - scan - deploy variables: DOCKER_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA build: stage: build image: docker:24 services: - docker:24-dind script: - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - docker build -t $DOCKER_IMAGE . - docker push $DOCKER_IMAGE scan: stage: scan image: name: aquasec/trivy entrypoint: [""] script: - trivy image --exit-code 1 --severity CRITICAL $DOCKER_IMAGE deploy: stage: deploy script: - ssh deploy@server "docker pull $DOCKER_IMAGE && docker compose up -d" only: - main
Best Practices
Caching
# GitHub Actions BuildKit cache cache-from: type=gha cache-to: type=gha,mode=max # GitLab cache cache: key: docker-$CI_COMMIT_REF_SLUG paths: - .docker-cache
Security
# Scan before push - name: Scan run: trivy image --exit-code 1 --severity CRITICAL $IMAGE # Sign images (cosign) - name: Sign run: cosign sign $IMAGE
Error Handling
Common Errors
| Error | Cause | Solution |
|---|---|---|
| Bad credentials | Check registry login |
| Docker Hub limits | Use authenticated pulls |
| First build | Cache will populate |
Fallback Strategy
- Build without cache if cache corrupted
- Use fallback registry if primary down
- Deploy previous version on failure
Troubleshooting
Debug Checklist
- Registry credentials valid?
- Docker daemon running?
- Build context correct?
- Dockerfile present?
Usage
Skill("docker-ci-cd")
Assets
- GitHub Actions templateassets/github-actions-docker.yaml
- Build scriptscripts/build-and-push.sh
Related Skills
- docker-production
- docker-security