deployment-automation

deployment-automation

Deployment Automation When to use this skill New Projects: Set up automated deployment from scratch Manual Deployment Improvement: Automate repetitive manual tasks Multi-Environment: Separate dev, staging, and production environments Scaling: Introduce Kubernetes to handle traffic growth Instructions Step 1: Docker Containerization Package the application as a Docker image. Dockerfile (Node.js app): # Multi-stage build for smaller image size FROM node:18-alpine AS builder WORKDIR /app # Copy package files and install dependencies COPY package*.json ./ RUN npm ci --only=production # Copy source code COPY . . # Build application (if needed) RUN npm run build # Production stage FROM node:18-alpine WORKDIR /app # Copy only necessary files from builder COPY --from=builder /app/node_modules ./node_modules COPY --from=builder /app/dist ./dist COPY --from=builder /app/package.json ./ # Create non-root user for security RUN addgroup -g 1001 -S nodejs && \ adduser -S nodejs -u 1001 USER nodejs # Expose port EXPOSE 3000 # Health check HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ CMD node healthcheck.js # Start application CMD ["node", "dist/index.js"] .dockerignore: node_modules npm-debug.log .git .env .env.local dist build coverage .DS_Store Build and Run: # Build image docker build -t myapp:latest . # Run container docker run -d -p 3000:3000 --name myapp-container myapp:latest # Check logs docker logs myapp-container # Stop and remove docker stop myapp-container docker rm myapp-container Step 2: GitHub Actions CI/CD Automatically runs tests and deploys on code push. .github/workflows/deploy.yml: name: CI/CD Pipeline on: push: branches: [main, develop] pull_request: branches: [main] env: NODE_VERSION: '18' REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' - name: Install dependencies run: npm ci - name: Run linter run: npm run lint - name: Run tests run: npm test -- --coverage - name: Upload coverage uses: codecov/codecov-action@v3 with: files: ./coverage/coverage-final.json build: needs: test runs-on: ubuntu-latest if: github.event_name == 'push' && github.ref == 'refs/heads/main' steps: - uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to Container Registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=sha,prefix={{branch}}- type=semver,pattern={{version}} latest - name: Build and push Docker image uses: docker/build-push-action@v5 with: context: . push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max deploy: needs: build runs-on: ubuntu-latest environment: production steps: - name: Deploy to production uses: appleboy/ssh-action@v1.0.0 with: host: ${{ secrets.PROD_HOST }} username: ${{ secrets.PROD_USER }} key: ${{ secrets.PROD_SSH_KEY }} script: | cd /app docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest docker-compose up -d --no-deps --build web docker image prune -f Step 3: Kubernetes Deployment Implement scalable container orchestration. k8s/deployment.yaml: apiVersion: apps/v1 kind: Deployment metadata: name: myapp namespace: production labels: app: myapp spec: replicas: 3 strategy: type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 0 selector: matchLabels: app: myapp template: metadata: labels: app: myapp spec: containers: - name: myapp image: ghcr.io/username/myapp:latest imagePullPolicy: Always ports: - containerPort: 3000 env: - name: NODE_ENV value: "production" - name: DATABASE_URL valueFrom: secretKeyRef: name: myapp-secrets key: database-url resources: requests: memory: "128Mi" cpu: "100m" limits: memory: "256Mi" cpu: "200m" livenessProbe: httpGet: path: /health port: 3000 initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: httpGet: path: /ready port: 3000 initialDelaySeconds: 5 periodSeconds: 5 --- apiVersion: v1 kind: Service metadata: name: myapp-service namespace: production spec: selector: app: myapp ports: - protocol: TCP port: 80 targetPort: 3000 type: LoadBalancer --- apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: myapp-hpa namespace: production spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: myapp minReplicas: 2 maxReplicas: 10 metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: 70 - type: Resource resource: name: memory target: type: Utilization averageUtilization: 80 Deployment Script (deploy.sh): #!/bin/bash set -e # Variables NAMESPACE="production" IMAGE_TAG="${1:-latest}" echo "Deploying myapp:${IMAGE_TAG} to ${NAMESPACE}..." # Apply Kubernetes manifests kubectl apply -f k8s/namespace.yaml kubectl apply -f k8s/secrets.yaml kubectl apply -f k8s/deployment.yaml kubectl apply -f k8s/service.yaml # Update image kubectl set image deployment/myapp myapp=ghcr.io/username/myapp:${IMAGE_TAG} -n ${NAMESPACE} # Wait for rollout kubectl rollout status deployment/myapp -n ${NAMESPACE} --timeout=5m # Verify kubectl get pods -n ${NAMESPACE} -l app=myapp echo "Deployment completed successfully!" Step 4: Vercel/Netlify (Frontend) Simply deploy static sites and Next.js apps. vercel.json: { "version": 2, "builds": [ { "src": "package.json", "use": "@vercel/next" } ], "env": { "DATABASE_URL": "@database-url", "API_KEY": "@api-key" }, "regions": ["sin1", "icn1"], "headers": [ { "source": "/(.*)", "headers": [ { "key": "X-Frame-Options", "value": "DENY" }, { "key": "X-Content-Type-Options", "value": "nosniff" } ] } ], "redirects": [ { "source": "/old-path", "destination": "/new-path", "permanent": true } ] } CLI Deployment: # Install Vercel CLI npm i -g vercel # Login vercel login # Deploy to preview vercel # Deploy to production vercel --prod # Set environment variable vercel env add DATABASE_URL Step 5: Zero-Downtime Deployment Strategy Deploy new versions without service interruption. Blue-Green Deployment (docker-compose): version: '3.8' services: nginx: image: nginx:alpine ports: - "80:80" volumes: - ./nginx.conf:/etc/nginx/nginx.conf:ro depends_on: - app-blue - app-green app-blue: image: myapp:blue environment: - NODE_ENV=production - COLOR=blue app-green: image: myapp:green environment: - NODE_ENV=production - COLOR=green switch.sh (Blue/Green Switch): #!/bin/bash CURRENT_COLOR=$(cat current_color.txt) NEW_COLOR=$([[ "$CURRENT_COLOR" == "blue" ]] && echo "green" || echo "blue") # Deploy new version to inactive environment docker-compose up -d app-${NEW_COLOR} # Wait for health check sleep 10 # Health check if curl -f http://localhost:8080/health; then # Update nginx to point to new environment sed -i "s/${CURRENT_COLOR}/${NEW_COLOR}/g" nginx.conf docker-compose exec nginx nginx -s reload # Update current color echo ${NEW_COLOR} > current_color.txt # Stop old environment after 5 minutes (rollback window) sleep 300 docker-compose stop app-${CURRENT_COLOR} echo "Deployment successful! Switched to ${NEW_COLOR}" else echo "Health check failed! Keeping ${CURRENT_COLOR}" docker-compose stop app-${NEW_COLOR} exit 1 fi Output format Deployment Checklist ## Deployment Checklist ### Pre-Deployment - [ ] All tests passing (unit, integration, E2E) - [ ] Code review approved - [ ] Environment variables configured - [ ] Database migrations ready - [ ] Rollback plan documented ### Deployment - [ ] Docker image built and tagged - [ ] Image pushed to container registry - [ ] Kubernetes manifests applied - [ ] Rolling update started - [ ] Pods healthy and ready ### Post-Deployment - [ ] Health check endpoint responding - [ ] Metrics/logs monitoring active - [ ] Performance baseline established - [ ] Old pods terminated (after grace period) - [ ] Deployment documented in changelog Constraints Required Rules (MUST) Health Checks: Health check endpoint for all services app.get('/health', (req, res) => { res.status(200).json({ status: 'ok' }); }); Graceful Shutdown: Handle SIGTERM signal process.on('SIGTERM', async () => { console.log('SIGTERM received, shutting down gracefully'); await server.close(); await db.close(); process.exit(0); }); Environment Variable Separation: No hardcoding; use .env files Prohibited Rules (MUST NOT) No Committing Secrets: Never commit API keys or passwords to Git No Debug Mode in Production: NODE_ENV=production is required Avoid latest tag only: Use version tags (v1.0.0, sha-abc123) Best practices Multi-stage Docker builds: Minimize image size Immutable infrastructure: Redeploy instead of modifying servers Blue-Green deployment: Zero-downtime deployment and easy rollback Monitoring required: Prometheus, Grafana, Datadog References Docker Docs Kubernetes Docs GitHub Actions Vercel 12 Factor App Metadata Version Current Version: 1.0.0 Last Updated: 2025-01-01 Compatible Platforms: Claude, ChatGPT, Gemini Related Skills monitoring: Post-deployment monitoring security: Deployment security Tags #deployment #CI/CD #Docker #Kubernetes #automation #infrastructure Examples Example 1: Basic usage Example 2: Advanced usageWeekly Installs10.8KRepositorysupercent-io/sk…templateGitHub Stars53First SeenJan 24, 2026Security AuditsGen Agent Trust HubPassSocketPassSnykWarnInstalled oncodex10.7Kgemini-cli10.7Kopencode10.7Kgithub-copilot10.6Kcursor10.6Kamp10.6K