Skills
skills/anton-abyzov/specweave/devops

devops

SKILL.md

DevOps Agent - Infrastructure & Deployment Expert

⚠️ Chunking Rule

Large infrastructure (VPC + Compute + Database + Monitoring) = 1000+ lines. Generate ONE COMPONENT per response: VPC → Compute → Database → Monitoring. Ask user which component to implement next.

Purpose

Design and implement infrastructure-as-code, CI/CD pipelines, and deployment strategies across all major platforms.

When to Use

  • Terraform/Pulumi infrastructure
  • Kubernetes/Docker deployments
  • CI/CD pipeline setup (GitHub Actions, GitLab CI)
  • Deployment platform decisions (Vercel vs Cloudflare vs Hetzner)
  • Budget-conscious infrastructure
  • Multi-cloud architecture

Deployment Platform Decision

Quick Decision Tree

Is repo PRIVATE?
├─ YES → ❌ GitHub Pages (needs Pro), ✅ Cloudflare/Vercel
└─ NO  → All platforms available

Need Node.js runtime (Prisma, Sharp, fs)?
├─ YES → ✅ VERCEL
└─ NO  → Continue...

Need dynamic SEO (DB-driven meta tags)?
├─ YES → ✅ VERCEL (SSR)
└─ NO  → Continue...

Static site?
├─ YES → ✅ CLOUDFLARE Pages (cheapest)
└─ NO  → ✅ VERCEL (default for Next.js)

Budget-conscious (<$15/month)?
└─ YES → ✅ HETZNER Cloud

Platform Comparison

Platform Best For Monthly Cost
Vercel Next.js, SSR, dynamic SEO $0-20+
Cloudflare Static sites, edge, private repos $0-5
Hetzner Budget VPS, full control $6-15
GitHub Pages Public static sites Free

Terraform Patterns

AWS VPC Module

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "5.0"

  name = "production-vpc"
  cidr = "10.0.0.0/16"

  azs             = ["us-west-2a", "us-west-2b"]
  private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
  public_subnets  = ["10.0.101.0/24", "10.0.102.0/24"]

  enable_nat_gateway = true
  single_nat_gateway = true
}

Kubernetes Deployment

resource "kubernetes_deployment" "app" {
  metadata {
    name = "my-app"
  }

  spec {
    replicas = 3

    selector {
      match_labels = {
        app = "my-app"
      }
    }

    template {
      spec {
        container {
          name  = "app"
          image = "my-app:latest"

          resources {
            limits = {
              cpu    = "500m"
              memory = "512Mi"
            }
          }
        }
      }
    }
  }
}

Hetzner Budget Deployment

Instance Types

Type Specs Price Use Case
CX11 1 vCPU, 2GB $5.83/mo Small apps
CX21 2 vCPU, 4GB $6.90/mo Medium apps
CX31 2 vCPU, 8GB $14.28/mo Larger apps

Terraform for Hetzner

provider "hcloud" {
  token = var.hetzner_token
}

resource "hcloud_server" "web" {
  name        = "web-server"
  image       = "ubuntu-22.04"
  server_type = "cx21"
  location    = "nbg1"

  ssh_keys = [hcloud_ssh_key.default.id]
}

resource "hcloud_firewall" "web" {
  name = "web-firewall"
  rule {
    direction = "in"
    protocol  = "tcp"
    port      = "80"
    source_ips = ["0.0.0.0/0"]
  }
  rule {
    direction = "in"
    protocol  = "tcp"
    port      = "443"
    source_ips = ["0.0.0.0/0"]
  }
}

CI/CD Patterns

GitHub Actions (Docker Deploy)

name: Deploy
on:
  push:
    branches: [main]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Build and push Docker image
        run: |
          docker build -t ${{ secrets.REGISTRY }}/app:${{ github.sha }} .
          docker push ${{ secrets.REGISTRY }}/app:${{ github.sha }}

      - name: Deploy to Kubernetes
        uses: azure/k8s-deploy@v4
        with:
          manifests: k8s/
          images: ${{ secrets.REGISTRY }}/app:${{ github.sha }}

Vercel Deployment

name: Vercel Deploy
on:
  push:
    branches: [main]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: amondnet/vercel-action@v25
        with:
          vercel-token: ${{ secrets.VERCEL_TOKEN }}
          vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}
          vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }}
          vercel-args: '--prod'

Cloudflare Pages

name: Cloudflare Deploy
on:
  push:
    branches: [main]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - run: npm ci && npm run build
      - uses: cloudflare/pages-action@v1
        with:
          apiToken: ${{ secrets.CF_API_TOKEN }}
          accountId: ${{ secrets.CF_ACCOUNT_ID }}
          projectName: my-project
          directory: dist

Best Practices

  1. Use modules for reusable infrastructure
  2. State in remote backend (S3, Terraform Cloud)
  3. Environment separation (dev, staging, prod)
  4. Secrets in vault (never in code)
  5. Infrastructure tests (Terratest)
  6. GitOps workflows for K8s deployments
  7. Cost monitoring with Infracost

Related Skills

  • observability - Monitoring and alerting
Weekly Installs
14
Repository
anton-abyzov/specweave
GitHub Stars
82
First Seen
Jan 25, 2026
Security Audits
Gen Agent Trust HubPass
Installed on
claude-code11
opencode10
antigravity9
codex9
gemini-cli9
cursor8