Claude Code Plugins

Community-maintained marketplace

Feedback

cicd-setup

@vanman2024/dev-lifecycle-marketplace
0
0

Automated CI/CD pipeline setup using GitHub Actions with automatic secret configuration via GitHub CLI. Generates platform-specific workflows (Vercel, DigitalOcean, Railway) and configures repository secrets automatically. Use when setting up continuous deployment, configuring GitHub Actions, automating deployments, or when user mentions CI/CD, GitHub Actions, automated deployment, or pipeline setup.

Install Skill

1Download skill
2Enable skills in Claude

Open claude.ai/settings/capabilities and find the "Skills" section

3Upload to Claude

Click "Upload skill" and select the downloaded ZIP file

Note: Please verify skill by going through its instructions before using it.

SKILL.md

name cicd-setup
description Automated CI/CD pipeline setup using GitHub Actions with automatic secret configuration via GitHub CLI. Generates platform-specific workflows (Vercel, DigitalOcean, Railway) and configures repository secrets automatically. Use when setting up continuous deployment, configuring GitHub Actions, automating deployments, or when user mentions CI/CD, GitHub Actions, automated deployment, or pipeline setup.
allowed-tools Bash, Read, Write, Edit

CI/CD Auto-Setup Skill

This skill provides fully automated CI/CD pipeline setup for any deployment platform using GitHub Actions and the GitHub CLI (gh) to configure secrets automatically.

Overview

Core Philosophy: CI/CD setup should be one command - no manual secret configuration, no copy-pasting tokens, no visiting GitHub web UI.

Key Features:

  • Automatic GitHub Actions workflow generation
  • Automatic secret configuration using gh CLI
  • Platform-specific templates (Vercel, DigitalOcean, Railway, Netlify, Cloudflare)
  • Project ID extraction and configuration
  • Validation and testing workflows
  • Zero manual steps required

Supported Platforms

  • Vercel: Next.js, React, Vue, static sites
  • DigitalOcean App Platform: Containerized apps, databases
  • DigitalOcean Droplets: Custom servers, APIs
  • Railway: Full-stack applications, databases
  • Netlify: Static sites, serverless functions
  • Cloudflare Pages: Static sites, edge functions

Available Scripts

1. Complete CI/CD Setup

Script: scripts/setup-cicd.sh <platform> [project-path]

Purpose: One-command CI/CD setup - detects project, extracts IDs, configures secrets, generates workflow

Actions:

  • Detects platform type (Vercel, DigitalOcean, etc.)
  • Extracts platform-specific project IDs automatically
  • Configures GitHub repository secrets via gh CLI
  • Generates platform-specific GitHub Actions workflow
  • Creates .github/workflows/deploy.yml
  • Validates workflow syntax
  • Commits and pushes workflow file
  • Provides test instructions

Usage:

# Auto-detect platform and set up CI/CD
./scripts/setup-cicd.sh auto

# Set up Vercel CI/CD
./scripts/setup-cicd.sh vercel

# Set up DigitalOcean App Platform CI/CD
./scripts/setup-cicd.sh digitalocean-app

# Set up DigitalOcean Droplet CI/CD
./scripts/setup-cicd.sh digitalocean-droplet

# Set up with custom path
./scripts/setup-cicd.sh vercel /path/to/project

# Dry run (show what would be configured)
DRY_RUN=true ./scripts/setup-cicd.sh vercel

Required Environment Variables (must be set before running):

  • Vercel: VERCEL_TOKEN
  • DigitalOcean: DIGITALOCEAN_ACCESS_TOKEN
  • Railway: RAILWAY_TOKEN
  • Netlify: NETLIFY_AUTH_TOKEN
  • Cloudflare: CLOUDFLARE_API_TOKEN

Exit Codes:

  • 0: CI/CD setup successful
  • 1: Setup failed
  • 2: Missing prerequisites (gh CLI, platform CLI, tokens)

2. Configure GitHub Secrets

Script: scripts/configure-github-secrets.sh <platform> <project-path>

Purpose: Automatically configure GitHub repository secrets using gh CLI

Actions:

  • Verifies gh CLI is authenticated
  • Extracts platform-specific project IDs
  • Sets repository secrets via gh secret set
  • Validates secrets were configured correctly
  • Lists configured secrets

Usage:

# Configure Vercel secrets
./scripts/configure-github-secrets.sh vercel .

# Configure DigitalOcean secrets
./scripts/configure-github-secrets.sh digitalocean /path/to/app

# List current secrets
gh secret list

# Verify secret was set
gh secret list | grep VERCEL_TOKEN

Secrets Configured by Platform:

Vercel:

  • VERCEL_TOKEN - From environment variable
  • VERCEL_ORG_ID - Extracted from .vercel/project.json
  • VERCEL_PROJECT_ID - Extracted from .vercel/project.json

DigitalOcean App Platform:

  • DIGITALOCEAN_ACCESS_TOKEN - From environment variable
  • DO_APP_ID - Extracted from app spec or doctl
  • DO_APP_NAME - From project configuration

DigitalOcean Droplets:

  • DIGITALOCEAN_ACCESS_TOKEN - From environment variable
  • DROPLET_ID - From deployment metadata
  • SSH_PRIVATE_KEY - From ~/.ssh/id_rsa or specified path

Railway:

  • RAILWAY_TOKEN - From environment variable
  • RAILWAY_PROJECT_ID - Extracted from railway.json
  • RAILWAY_SERVICE_ID - From railway status

Exit Codes:

  • 0: Secrets configured successfully
  • 1: Configuration failed
  • 2: Missing gh CLI or not authenticated

3. Extract Platform IDs

Script: scripts/extract-platform-ids.sh <platform> <project-path>

Purpose: Extract platform-specific project IDs automatically

Actions:

  • Links project to platform if not already linked
  • Extracts IDs from configuration files
  • Falls back to CLI queries if files missing
  • Outputs JSON with all IDs

Usage:

# Extract Vercel IDs
./scripts/extract-platform-ids.sh vercel .

# Extract DigitalOcean App IDs
./scripts/extract-platform-ids.sh digitalocean-app /path/to/app

# Save to file
./scripts/extract-platform-ids.sh vercel . > project-ids.json

Output Format:

{
  "platform": "vercel",
  "orgId": "team_abc123",
  "projectId": "prj_xyz789",
  "projectName": "my-app",
  "extracted_from": ".vercel/project.json",
  "timestamp": "2025-01-02T12:34:56Z"
}

Exit Codes:

  • 0: IDs extracted successfully
  • 1: Extraction failed
  • 2: Platform not linked

4. Generate Workflow Template

Script: scripts/generate-workflow.sh <platform> <output-path>

Purpose: Generate platform-specific GitHub Actions workflow

Actions:

  • Selects appropriate template for platform
  • Customizes with project-specific settings
  • Adds validation, testing, deployment steps
  • Configures environment-specific triggers
  • Writes workflow to .github/workflows/deploy.yml

Usage:

# Generate Vercel workflow
./scripts/generate-workflow.sh vercel .github/workflows/deploy.yml

# Generate DigitalOcean App Platform workflow
./scripts/generate-workflow.sh digitalocean-app .github/workflows/deploy.yml

# Preview without writing
DRY_RUN=true ./scripts/generate-workflow.sh vercel -

Exit Codes:

  • 0: Workflow generated successfully
  • 1: Generation failed

5. Validate CI/CD Setup

Script: scripts/validate-cicd.sh [project-path]

Purpose: Validate complete CI/CD setup is correct

Checks:

  • GitHub repository exists and is accessible
  • gh CLI is authenticated
  • Workflow file exists and is valid YAML
  • Required secrets are configured
  • Platform CLI is authenticated
  • Project is linked to platform
  • All required environment variables present

Usage:

# Validate current directory
./scripts/validate-cicd.sh

# Validate specific path
./scripts/validate-cicd.sh /path/to/project

# Detailed validation report
VERBOSE=true ./scripts/validate-cicd.sh

Exit Codes:

  • 0: All validations passed
  • 1: One or more validations failed

Workflow Templates

Vercel Workflow Template

File: templates/vercel-workflow.yml

Features:

  • Multi-environment support (preview/production)
  • Automatic deployment on PR and merge
  • Build caching for faster deploys
  • Health check validation
  • Deployment status comments on PRs

Triggers:

  • Push to main → Production deployment
  • Pull request → Preview deployment
  • Manual workflow dispatch

DigitalOcean App Platform Workflow

File: templates/digitalocean-app-workflow.yml

Features:

  • Container build and push
  • App Platform deployment via doctl
  • Database migration support
  • Health check validation
  • Rollback capability

Triggers:

  • Push to main → Production deployment
  • Push to develop → Staging deployment

DigitalOcean Droplet Workflow

File: templates/digitalocean-droplet-workflow.yml

Features:

  • SSH-based deployment
  • Systemd service management
  • Zero-downtime deployments
  • Automated backups before deploy
  • Health check validation

Triggers:

  • Push to main → Production deployment
  • Manual workflow dispatch

End-to-End Workflow

Initial Setup (One Time)

# 1. Ensure prerequisites
gh auth status  # Must be authenticated
vercel whoami   # Must be logged in
echo $VERCEL_TOKEN  # Must be set

# 2. Run complete CI/CD setup
cd /path/to/your/project
bash ~/.claude/plugins/marketplaces/dev-lifecycle-marketplace/plugins/deployment/skills/cicd-setup/scripts/setup-cicd.sh vercel

# 3. Validate setup
bash ~/.claude/plugins/marketplaces/dev-lifecycle-marketplace/plugins/deployment/skills/cicd-setup/scripts/validate-cicd.sh

# 4. Test deployment
git add .github/workflows/deploy.yml
git commit -m "ci: Add automated deployment workflow"
git push origin main

That's it! CI/CD is now fully configured and automated.

How It Works

  1. Extract IDs: Script extracts VERCEL_ORG_ID and VERCEL_PROJECT_ID from .vercel/project.json
  2. Configure Secrets: Uses gh secret set to configure:
    • VERCEL_TOKEN (from environment)
    • VERCEL_ORG_ID (extracted)
    • VERCEL_PROJECT_ID (extracted)
  3. Generate Workflow: Creates .github/workflows/deploy.yml from template
  4. Validate: Checks all pieces are in place
  5. Commit & Push: Adds workflow to repo
  6. Automatic Deployments: GitHub Actions now handles all deployments

Subsequent Deployments

# Every push to main deploys automatically
git add .
git commit -m "feat: New feature"
git push origin main
# → GitHub Actions automatically builds and deploys to production

# Pull requests create preview deployments
git checkout -b feature-branch
git push origin feature-branch
# Create PR → GitHub Actions deploys preview

GitHub CLI Commands Reference

# Authentication
gh auth login
gh auth status

# Secret Management
gh secret set SECRET_NAME
gh secret set SECRET_NAME < secret.txt
gh secret set SECRET_NAME --body "value"
gh secret list
gh secret remove SECRET_NAME

# Repository Info
gh repo view
gh repo view --json owner,name

# Workflow Management
gh workflow list
gh workflow run deploy.yml
gh workflow view deploy.yml
gh run list
gh run watch

Platform-Specific Details

Vercel

Prerequisites:

npm install -g vercel
vercel login
export VERCEL_TOKEN="your_token_here"

Project Linking:

cd /path/to/project
vercel link  # Creates .vercel/project.json

IDs Location: .vercel/project.json

{
  "orgId": "team_abc123",
  "projectId": "prj_xyz789"
}

Secrets Configured:

  • VERCEL_TOKEN: Authentication token
  • VERCEL_ORG_ID: Organization/team ID
  • VERCEL_PROJECT_ID: Project ID

Workflow Features:

  • Preview deployments on PRs
  • Production deployments on main
  • Automatic PR comments with preview URLs
  • Build caching
  • Health checks

DigitalOcean App Platform

Prerequisites:

# Install doctl
brew install doctl  # macOS
# OR
wget https://github.com/digitalocean/doctl/releases/download/v1.94.0/doctl-1.94.0-linux-amd64.tar.gz
tar xf doctl-1.94.0-linux-amd64.tar.gz
sudo mv doctl /usr/local/bin

# Authenticate
doctl auth init
export DIGITALOCEAN_ACCESS_TOKEN="your_token_here"

App Creation:

doctl apps create --spec app-spec.yml
doctl apps list  # Get app ID

Secrets Configured:

  • DIGITALOCEAN_ACCESS_TOKEN: API token
  • DO_APP_ID: Application ID
  • DO_APP_NAME: Application name

Workflow Features:

  • Multi-environment support
  • Database migration support
  • Health check validation
  • Automatic rollback on failure

DigitalOcean Droplets

Prerequisites:

doctl auth init
export DIGITALOCEAN_ACCESS_TOKEN="your_token_here"

# Set up SSH key
ssh-keygen -t ed25519 -C "deploy@myapp"
doctl compute ssh-key import deploy-key --public-key-file ~/.ssh/id_ed25519.pub

Secrets Configured:

  • DIGITALOCEAN_ACCESS_TOKEN: API token
  • DROPLET_ID: Droplet ID
  • SSH_PRIVATE_KEY: SSH private key for deployment

Workflow Features:

  • SSH-based deployment
  • Zero-downtime deployments
  • Systemd service management
  • Pre-deployment backups

Security Best Practices

Secret Management

  1. Never Commit Secrets: Use .gitignore for sensitive files
  2. Use GitHub Secrets: All secrets stored encrypted in GitHub
  3. Rotate Regularly: Update tokens every 90 days
  4. Least Privilege: Use tokens with minimal required permissions
  5. Audit Access: Review secret access logs regularly

Workflow Security

  1. Pin Actions Versions: Use specific versions, not @latest
  2. Review Third-Party Actions: Audit all external actions
  3. Limit Permissions: Use minimal GITHUB_TOKEN permissions
  4. Protected Branches: Require reviews for production
  5. Environment Protection: Use GitHub environments with approvals

Troubleshooting

gh CLI Not Authenticated

# Check authentication
gh auth status

# Login
gh auth login

# Use token
gh auth login --with-token < token.txt

Secret Not Found

# List secrets
gh secret list

# Verify in specific repo
gh secret list --repo owner/repo

# Set manually
gh secret set SECRET_NAME --body "value"

Workflow Not Triggering

# Check workflow file syntax
gh workflow view deploy.yml

# Check recent runs
gh run list --workflow=deploy.yml

# View run details
gh run view RUN_ID

Platform IDs Not Extracted

# Vercel: Ensure project is linked
vercel link

# DigitalOcean: Ensure app exists
doctl apps list

# Check extraction script
bash scripts/extract-platform-ids.sh vercel . --verbose

Cost Optimization

GitHub Actions Minutes

Free Tier:

  • Public repos: Unlimited
  • Private repos: 2,000 minutes/month

Tips:

  • Cache dependencies (actions/cache)
  • Skip unnecessary steps
  • Use self-hosted runners for heavy workloads

Platform Costs

Vercel:

  • Hobby: Free (100GB bandwidth/month)
  • Pro: $20/month (1TB bandwidth)

DigitalOcean:

  • App Platform: $5-12/month
  • Droplets: $4-6/month

Railway:

  • Free: $5 credit/month
  • Hobby: $5/month

Integration with Dev Lifecycle

This skill integrates with:

  • /deployment:prepare - Validates prerequisites before CI/CD setup
  • /deployment:deploy - Uses CI/CD for automated deployments
  • /deployment:validate - Validates CI/CD pipeline configuration
  • /foundation:hooks-setup - Integrates with git hooks for local validation

Examples

See examples/ directory for:

  • vercel-setup.md - Complete Vercel CI/CD setup walkthrough
  • digitalocean-setup.md - DigitalOcean App Platform setup
  • multi-environment.md - Staging + production environments
  • monorepo-setup.md - Monorepo deployment strategies