devops-pipeline
DevOps Pipeline
Implement comprehensive DevOps quality gates adapted to project type.
Repo Sync Before Edits (mandatory)
Before making any changes, sync with the remote to avoid conflicts:
branch="$(git rev-parse --abbrev-ref HEAD)"
git fetch origin
git pull --rebase origin "$branch"
If the working tree is dirty, stash first, sync, then pop. If origin is missing or conflicts occur, stop and ask the user before continuing.
Workflow
0. Create Feature Branch
Before making any changes:
- Check the current branch — if already on a feature branch for this task, skip
- Check the repo for branch naming conventions (e.g.,
feat/,feature/, etc.) - Create and switch to a new branch following the repo's convention, or fallback to:
feat/devops-pipeline
1. Analyze Project
Detect project characteristics.
Use sub-agents for parallel discovery. Launch multiple Agent tool calls concurrently to keep the main context clean:
- Agent 1 — Stack detection: Scan for
package.json,pyproject.toml,Cargo.toml,go.mod,pom.xml,build.gradle,*.csprojand identify the primary language(s), frameworks (React, Next.js, Django, FastAPI, etc.), and build tools (npm, yarn, pnpm, pip, poetry, cargo, go, maven, gradle). Return a structured summary. - Agent 2 — Existing tooling inventory: Check for existing linter/formatter configs (
.eslintrc*,.prettierrc*,tsconfig.json,mypy.ini,setup.cfg,ruff.toml) and existing CI configs (.pre-commit-config.yaml,.github/workflows/*.yml). Return a checklist of what is present vs missing. - Agent 3 — Repository conventions: Inspect the repo for branch naming conventions, commit message style, and any existing contribution guidelines. Return the conventions found.
Collect the results from all three agents before proceeding.
2. Configure Pre-commit Hooks and GitHub Actions
Use sub-agents for parallel file creation. The pre-commit config and GitHub Actions workflow are independent of each other. Dispatch them concurrently using the Agent tool, then collect results:
-
Agent A — Pre-commit hooks: Install the pre-commit framework (
pip install pre-commitorbrew install pre-commit). Create.pre-commit-config.yamlbased on the detected stack from Step 1. Use references/precommit-configs.md for language-specific configurations. Install hooks withpre-commit install. Return the path of the created config file and a summary of hooks configured. -
Agent B — GitHub Actions workflow: Create
.github/workflows/ci.ymlmirroring the pre-commit checks. Use references/github-actions.md for workflow templates. Follow these key principles:- Mirror pre-commit checks for consistency
- Use caching for dependencies
- Run on push and pull_request
- Add matrix testing for multiple versions if needed
Return the path of the created workflow file and a summary of jobs configured.
Each agent should return the path(s) of files it created or updated.
3. Verify Pipeline
# Test pre-commit locally
pre-commit run --all-files
# Commit and push to trigger CI
git add .pre-commit-config.yaml .github/workflows/ci.yml
git commit -m "ci: add pre-commit hooks and GitHub Actions"
git push
Check GitHub Actions tab for workflow status.
Tool Selection by Language
| Language | Formatter | Linter | Security | Types |
|---|---|---|---|---|
| JS/TS | Prettier | ESLint | npm audit | TypeScript |
| Python | Black/Ruff | Ruff | Bandit | mypy |
| Go | gofmt | golangci-lint | gosec | built-in |
| Rust | rustfmt | Clippy | cargo-audit | built-in |
| Java | google-java-format | Checkstyle | SpotBugs | - |
Resources
- references/precommit-configs.md - Pre-commit configurations by language
- references/github-actions.md - GitHub Actions workflow templates
More from montimage/skills
skill-auditor
Analyze agent skills for security risks, malicious patterns, and potential dangers before installation. Use when asked to "audit a skill", "check if a skill is safe", "analyze skill security", "review skill risk", "should I install this skill", "is this skill safe", "scan this skill", or when evaluating any skill directory for trust and safety. Also triggers when the user pastes a skill install command like "npx skills add https://github.com/org/repo --skill name". Produces a comprehensive security report with a clear install/reject verdict. Trigger this skill proactively whenever the user is about to install a third-party skill or mentions concerns about skill safety.
30code-review
Perform code reviews following best practices from Code Smells and The Pragmatic Programmer. Use when asked to "review this code", "check for code smells", "review my PR", "audit the codebase", "find bugs", "check code quality", "what's wrong with this code", "is this code good", or any request for quality feedback on code changes. Supports both full codebase audits and focused PR/diff reviews. Outputs structured markdown reports grouped by severity. Trigger this skill whenever the user wants a second opinion on code, even if they don't explicitly say "review".
15skill-creator
Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch, update or optimize an existing skill, package a skill for distribution, or iterate on skill quality. Trigger this skill whenever the user says "create a skill", "build a skill", "make a skill for X", "update this skill", "improve this skill", "package this skill", or mentions wanting to extend Claude's capabilities with specialized workflows or tools.
9oss-ready
Transform projects into professional open-source repositories with standard components. Use when users ask to "make this open source", "add open source files", "setup OSS standards", "create contributing guide", "add license", "prepare for public release", "add CODE_OF_CONDUCT", "add SECURITY.md", "GitHub templates", or want to prepare a project for public release with README, CONTRIBUTING, LICENSE, and GitHub templates. Trigger this skill whenever the user mentions open-sourcing, public repos, community standards, or making a project contribution-ready — even if they just say "let's open source this".
7test-coverage
Expand unit test coverage by targeting untested branches and edge cases. Use when users ask to "increase test coverage", "add more tests", "expand unit tests", "cover edge cases", "improve test coverage", "find untested code", "what's not tested", "run coverage report", "write missing tests", or want to identify and fill gaps in existing test suites. Adapts to project's testing framework. Trigger this skill whenever the user mentions test gaps, untested code, coverage percentages, or wants to harden their test suite.
7docs-generator
Restructure project documentation for clarity and accessibility. Use when users ask to "organize docs", "generate documentation", "improve doc structure", "restructure README", "write docs", "create README", "document my code", "add API docs", "document this project", "help with documentation", or need to reorganize scattered documentation into a coherent structure. Analyzes project type and creates appropriate documentation hierarchy. Trigger this skill whenever the user needs documentation created, reorganized, or improved — even if they just say something like "this project needs docs" or "the README is a mess".
5