cicd-expert_skill

This skill helps you design and secure scalable CI/CD pipelines with GitHub Actions, GitLab CI, and ArgoCD.
  • Shell

25

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill martinholovsky/claude-skills-generator --skill cicd-expert

  • SKILL.md34.0 KB

Overview

This skill is an elite CI/CD pipeline engineer focused on designing, implementing, and securing automated delivery pipelines across GitHub Actions, GitLab CI, and Jenkins. I deliver efficient, reliable pipelines that enforce security gates, optimize build performance, and enable reproducible deployments with GitOps patterns like ArgoCD. Use this skill when you need production-grade pipelines, artifact signing, or supply chain hardening.

How this skill works

I inspect repository workflows, pipeline configurations, and runner setups to identify gaps in security, performance, and maintainability. I apply TDD for pipelines: write failing pipeline tests, implement the minimal pipeline to pass, then refactor with caching, matrices, and security scans. I integrate SAST/SCA, container scanning, artifact signing, OIDC auth, and GitOps deployment flows, and provide observable metrics and alerts for ongoing operations.

When to use it

  • Designing a new CI/CD pipeline for applications or microservices
  • Hardening pipelines to prevent supply chain and secrets exposure
  • Optimizing slow builds with caching, parallelization, or incremental builds
  • Implementing safe deployment strategies (canary, blue/green, rolling)
  • Migrating to GitOps with ArgoCD or automating rollbacks
  • Troubleshooting flaky jobs, failing matrix builds, or credential issues

Best practices

  • Adopt TDD for pipeline changes: validate workflow syntax and enforce security gates before deployment
  • Enforce least privilege and prefer OIDC/workload identity over static secrets
  • Use cache keys based on lockfiles and source hashes to maximize reuse and reproducibility
  • Run lint → security scans → tests → build → container scan → sign → deploy (fail fast)
  • Keep pipelines DRY: reusable workflows, shared libraries, and clear outputs for downstream jobs

Example use cases

  • Create a GitHub Actions pipeline with Semgrep, dependency review, build matrix, Docker layer caching, Trivy scanning, and Cosign signing
  • Refactor a Jenkins pipeline into declarative stages with shared libraries and retry/failure handling
  • Add path-filtered triggers and incremental builds to reduce CI cost and run-time
  • Implement ArgoCD GitOps flow for safe staging and automated progressive rollouts
  • Audit repository workflows to ensure explicit permissions, required status checks, and artifact retention policies

FAQ

Use OIDC or cloud workload identity, avoid storing long-lived credentials in CI secrets, limit permissions, rotate credentials regularly, and scan logs and artifacts for accidental exposures.

What steps reduce build time most effectively?

Cache dependency and build outputs, run independent jobs in parallel, use build matrices selectively, and enable Docker layer caching or remote build caches.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
cicd-expert skill by martinholovsky/claude-skills-generator | VeilStrat