deployment-strategy-canary
Deployment Strategy Canary
Overview
Use this skill to release changes gradually while measuring real-user impact before broad rollout.
Scope Boundaries
- Use this skill when the task matches the trigger condition described in
description. - Do not use this skill when the primary task falls outside this skill's domain.
Shared References
- Promotion and stop decision rules:
references/canary-promotion-rules.md
Templates And Assets
- Rollout plan template:
assets/canary-rollout-plan-template.md
- Guardrail matrix template:
assets/canary-guardrail-matrix-template.csv
Inputs To Gather
- Critical SLOs and business guardrail metrics.
- Traffic segmentation options (region, tenant, cohort).
- Maximum acceptable degradation and rollback thresholds.
- Release window and incident response readiness.
Deliverables
- Canary progression plan (percentage/time/gates).
- Guardrail matrix and promotion rules.
- Automatic stop/rollback policy.
- Post-promotion verification and observation window plan.
Quick Progression Example
- Steps: 1% -> 5% -> 20% -> 50% -> 100%.
- Hold at each step for fixed minimum time and metric stability checks.
- Auto-rollback if error rate rises > threshold or SLO drops below floor.
Quality Standard
- Promotion gates are objective and pre-registered.
- Guardrails include technical and business impact signals.
- Rollback automation/authority is clearly defined.
- Segment choice avoids exposing highest-risk cohorts first.
Workflow
- Define canary audience and progression steps in
assets/canary-rollout-plan-template.md. - Set promotion and rollback criteria for each step using
assets/canary-guardrail-matrix-template.csv. - Deploy canary and monitor guardrails in real time.
- Promote only when criteria pass under
references/canary-promotion-rules.md; otherwise stop/rollback. - Complete rollout and run post-release verification.
Failure Conditions
- Stop when promotion criteria are ambiguous or non-measurable.
- Stop when telemetry cannot detect regressions quickly.
- Escalate when rollback path is manual-only for high-criticality services.
More from kentoshimizu/sw-agent-skills
graph-algorithms
Graph algorithm workflow for modeling entities/relations and selecting traversal, path, ordering, or flow strategies. Use when correctness or performance depends on graph representation and algorithm choice; do not use for schema-only modeling or deployment topology planning.
14bash-style-guide
Style, review, and refactoring standards for Bash shell scripting. Trigger when `.sh` files, files with `#!/usr/bin/env bash` or `#!/bin/bash`, or CI workflow blocks with `shell: bash` are created, modified, or reviewed and Bash-specific quality controls (quoting safety, error handling, portability, readability) must be enforced. Do not use for generic POSIX `sh`, PowerShell, or language-specific application style rules. In multi-language pull requests, run together with other applicable `*-style-guide` skills.
11architecture-clean-architecture
Clean Architecture workflow for enforcing dependency direction, stable domain boundaries, and use-case-centered application design. Use when teams must separate business rules from frameworks and delivery mechanisms; do not use for isolated module cleanup without boundary implications.
11powershell-style-guide
Style, review, and refactoring standards for PowerShell scripting. Trigger when `.ps1`, `.psm1`, `.psd1` files, or CI workflow blocks with `shell: pwsh` or `shell: powershell` are created, modified, or reviewed and PowerShell-specific quality controls (error handling, parameter validation, readability, operational safety) must be enforced. Do not use for Bash, generic POSIX `sh`, or language-specific application style rules. In multi-language pull requests, run together with other applicable `*-style-guide` skills.
10github-codeowners-management
Govern CODEOWNERS rules so review routing reflects real ownership and risk boundaries on GitHub. Use when repository ownership mapping or mandatory reviewer rules must be defined, updated, or audited; do not use for non-GitHub runtime architecture or data-layer design.
9security-authentication
Security workflow for authentication architecture, credential lifecycle, and session/token assurance. Use when login, identity proofing, MFA, or session security decisions are required; do not use for authorization policy design or non-security quality tuning.
9