Back to Details

sealos-deploy

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Sealos Deploy

Sealos 部署工具

Deploy any GitHub project to Sealos Cloud — from source code to running application, one command.
只需一条命令,即可将任意GitHub项目部署到Sealos Cloud:从源代码到可运行的应用,一步到位。

kubectl Safety Rules (all phases)

kubectl 安全规则(全阶段适用)

All kubectl commands MUST use the Sealos kubeconfig:
KUBECONFIG=~/.sealos/kubeconfig kubectl --insecure-skip-tls-verify
System tool installation requires user confirmation. If 
docker
, 
gh
, or 
kubectl
is missing and the skill can install it for the current platform, ask first and only run the install command after the user explicitly replies 
y
.
kubectl delete
requires user confirmation. Before deleting any resource (deployment, service, ingress, PVC, database, etc.), always ask:
⚠️ 即将删除 <resource kind>/<resource name>,数据不可恢复。确认?(y/n)
Only proceed after user confirms. This applies even if the pipeline logic suggests deletion — always ask first.
所有kubectl命令必须使用Sealos的kubeconfig:
KUBECONFIG=~/.sealos/kubeconfig kubectl --insecure-skip-tls-verify
系统工具安装需要用户确认。如果缺少
docker
gh
kubectl
且本工具可在当前平台安装,需要先询问用户,只有当用户明确回复
y
后才可运行安装命令。
kubectl delete
操作需要用户确认。 在删除任意资源(deployment、service、ingress、PVC、数据库等)前,必须先询问:
⚠️ 即将删除 <resource kind>/<resource name>,数据不可恢复。确认?(y/n)
仅在用户确认后才可继续操作。即便流水线逻辑要求执行删除,也必须先询问用户。

Usage

使用方法

/sealos-deploy <github-url>
/sealos-deploy                    # deploy current project
/sealos-deploy <local-path>
/sealos-deploy <github-url>
/sealos-deploy                    # 部署当前项目
/sealos-deploy <local-path>

Quick Start

快速开始

Execute the modules in order:
  1. modules/preflight.md
    — Environment checks & Sealos auth
  2. modules/pipeline.md
    — Full deployment pipeline (Phase 1–6)
按顺序执行以下模块:
  1. modules/preflight.md
    — 环境检查与Sealos身份认证
  2. modules/pipeline.md
    — 完整部署流水线(第1-6阶段)

Logging

日志规范

Every run MUST write a log file at 
~/.sealos/logs/deploy-<YYYYMMDD-HHmmss>.log
.
At the very start of execution, create the log file once:
bash
mkdir -p ~/.sealos/logs
LOG_FILE=~/.sealos/logs/deploy-$(date +%Y%m%d-%H%M%S).log
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Deploy started" > "$LOG_FILE"
Important: create the log file ONLY ONCE at the start. All subsequent writes MUST append (
>>
) to this same 
$LOG_FILE
. Do NOT create a second log file.
At each phase boundary, append a log entry to the same file with Bash 
>>
:
[2026-03-05 14:30:01] === Phase 0: Preflight ===
[2026-03-05 14:30:01] Docker: ✓ 27.5.1
[2026-03-05 14:30:01] Node.js: ✓ 22.12.0
[2026-03-05 14:30:02] Sealos auth: ✓ (region: <REGION from config.json>)
[2026-03-05 14:30:02] Project: /Users/dev/myapp (github: https://github.com/owner/repo)

[2026-03-05 14:30:03] === Phase 1: Assess ===
[2026-03-05 14:30:03] Score: 9/12 (good)
[2026-03-05 14:30:03] Language: python, Framework: fastapi, Port: 8000
[2026-03-05 14:30:03] Decision: CONTINUE

[2026-03-05 14:30:04] === Phase 2: Detect Image ===
[2026-03-05 14:30:05] Docker Hub: owner/repo:latest (arm64 only, no amd64)
[2026-03-05 14:30:05] GHCR: not found
[2026-03-05 14:30:05] Decision: no amd64 image → continue to Phase 3

[2026-03-05 14:30:06] === Phase 3: Dockerfile ===
[2026-03-05 14:30:06] Existing Dockerfile: none
[2026-03-05 14:30:07] Generated: python-fastapi template, port 8000

[2026-03-05 14:30:08] === Phase 4: Build & Push ===
[2026-03-05 14:30:08] Registry: ghcr (auto-detected via gh CLI)
[2026-03-05 14:30:30] Build: ✓ ghcr.io/zhujingyang/repo:20260305-143022
[2026-03-05 14:30:30] IMAGE_REF=ghcr.io/zhujingyang/repo:20260305-143022

[2026-03-05 14:30:31] === Phase 5: Template ===
[2026-03-05 14:30:32] Output: .sealos/template/index.yaml

[2026-03-05 14:30:33] === Phase 6: Deploy ===
[2026-03-05 14:30:33] Deploy URL: https://template.<REGION_DOMAIN>/api/v2alpha/templates/raw
[2026-03-05 14:30:35] Status: 201 — deployed successfully
[2026-03-05 14:30:35] === DONE ===
On error, log the error details before stopping:
[2026-03-05 14:30:10] === ERROR ===
[2026-03-05 14:30:10] Phase: 4 (Build & Push)
[2026-03-05 14:30:10] Error: docker buildx build failed — "npm ERR! Missing script: build"
[2026-03-05 14:30:10] Retry: 1/3
At the very end, tell the user where the log is:
Log saved to: ~/.sealos/logs/deploy-20260305-143001.log
每次运行必须在
~/.sealos/logs/deploy-<YYYYMMDD-HHmmss>.log
路径下生成日志文件。
执行最开始一次性创建日志文件:
bash
mkdir -p ~/.sealos/logs
LOG_FILE=~/.sealos/logs/deploy-$(date +%Y%m%d-%H%M%S).log
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Deploy started" > "$LOG_FILE"
重要提示:仅在启动时创建一次日志文件,所有后续写入必须采用追加(
>>
)的方式写入同一个
$LOG_FILE
,禁止创建第二个日志文件。
每个阶段切换时,使用Bash的
>>
命令向同一个日志文件追加日志条目:
[2026-03-05 14:30:01] === Phase 0: Preflight ===
[2026-03-05 14:30:01] Docker: ✓ 27.5.1
[2026-03-05 14:30:01] Node.js: ✓ 22.12.0
[2026-03-05 14:30:02] Sealos auth: ✓ (region: <REGION from config.json>)
[2026-03-05 14:30:02] Project: /Users/dev/myapp (github: https://github.com/owner/repo)

[2026-03-05 14:30:03] === Phase 1: Assess ===
[2026-03-05 14:30:03] Score: 9/12 (good)
[2026-03-05 14:30:03] Language: python, Framework: fastapi, Port: 8000
[2026-03-05 14:30:03] Decision: CONTINUE

[2026-03-05 14:30:04] === Phase 2: Detect Image ===
[2026-03-05 14:30:05] Docker Hub: owner/repo:latest (arm64 only, no amd64)
[2026-03-05 14:30:05] GHCR: not found
[2026-03-05 14:30:05] Decision: no amd64 image → continue to Phase 3

[2026-03-05 14:30:06] === Phase 3: Dockerfile ===
[2026-03-05 14:30:06] Existing Dockerfile: none
[2026-03-05 14:30:07] Generated: python-fastapi template, port 8000

[2026-03-05 14:30:08] === Phase 4: Build & Push ===
[2026-03-05 14:30:08] Registry: ghcr (auto-detected via gh CLI)
[2026-03-05 14:30:30] Build: ✓ ghcr.io/zhujingyang/repo:20260305-143022
[2026-03-05 14:30:30] IMAGE_REF=ghcr.io/zhujingyang/repo:20260305-143022

[2026-03-05 14:30:31] === Phase 5: Template ===
[2026-03-05 14:30:32] Output: .sealos/template/index.yaml

[2026-03-05 14:30:33] === Phase 6: Deploy ===
[2026-03-05 14:30:33] Deploy URL: https://template.<REGION_DOMAIN>/api/v2alpha/templates/raw
[2026-03-05 14:30:35] Status: 201 — deployed successfully
[2026-03-05 14:30:35] === DONE ===
出现错误时,在停止执行前记录错误详情:
[2026-03-05 14:30:10] === ERROR ===
[2026-03-05 14:30:10] Phase: 4 (Build & Push)
[2026-03-05 14:30:10] Error: docker buildx build failed — "npm ERR! Missing script: build"
[2026-03-05 14:30:10] Retry: 1/3
执行结束时,告知用户日志文件存储位置:
Log saved to: ~/.sealos/logs/deploy-20260305-143001.log

Scripts

脚本说明

Located in 
scripts/
within this skill directory (
<SKILL_DIR>/scripts/
):
ScriptUsagePurpose
score-model.mjs
node score-model.mjs <repo-dir>
Deterministic readiness scoring (0-12)
validate-artifacts.mjs
node validate-artifacts.mjs --dir <work-dir>
Validate 
.sealos
JSON artifacts against enforced schemas
detect-image.mjs
node detect-image.mjs <github-url> [work-dir]
or 
node detect-image.mjs <work-dir>
Detect existing Docker/GHCR images
build-push.mjs
node build-push.mjs <work-dir> <repo> [--registry ghcr|dockerhub] [--user <user>]
Build amd64 image & push (GHCR preferred, Docker Hub fallback)
sealos-auth.mjs
node sealos-auth.mjs check|login|list|switch
Sealos Cloud authentication & workspace switching
All scripts output JSON. Run via Bash and parse the result.
脚本存放在本工具目录下的
scripts/
文件夹中(
<SKILL_DIR>/scripts/
):
脚本使用方法用途
score-model.mjs
node score-model.mjs <repo-dir>
确定性就绪度评分(0-12分)
validate-artifacts.mjs
node validate-artifacts.mjs --dir <work-dir>
根据强制规范校验
.sealos
格式的JSON产物
detect-image.mjs
node detect-image.mjs <github-url> [work-dir]
node detect-image.mjs <work-dir>
检测已有的Docker/GHCR镜像
build-push.mjs
node build-push.mjs <work-dir> <repo> [--registry ghcr|dockerhub] [--user <user>]
构建amd64架构镜像并推送(优先使用GHCR,Docker Hub为备选)
sealos-auth.mjs
node sealos-auth.mjs check|login|list|switch
Sealos Cloud身份认证与工作区切换
所有脚本均输出JSON格式内容,通过Bash运行并解析结果即可。

Internal Skill Dependencies

内部工具依赖

This skill references knowledge files from co-installed internal skills. These are not user-facing — they are loaded on-demand during specific phases.
<SKILL_DIR>
refers to the directory containing this 
SKILL.md
. Sibling skills are at 
<SKILL_DIR>/../
:
<SKILL_DIR>/../
├── sealos-deploy/           ← this skill (user entry point) = <SKILL_DIR>
├── dockerfile-skill/        ← Phase 3: Dockerfile generation knowledge
├── cloud-native-readiness/  ← Phase 1: assessment criteria
└── docker-to-sealos/       ← Phase 5: Sealos template rules
Paths used in pipeline.md follow the pattern:
<SKILL_DIR>/../dockerfile-skill/knowledge/error-patterns.md
<SKILL_DIR>/../dockerfile-skill/templates/<lang>.dockerfile
<SKILL_DIR>/../docker-to-sealos/references/sealos-specs.md
本工具引用了同安装的内部工具的知识文件,这些文件不对用户开放,会在特定阶段按需加载。
<SKILL_DIR>
指包含本
SKILL.md
文件的目录,同级工具存放在
<SKILL_DIR>/../
路径下:
<SKILL_DIR>/../
├── sealos-deploy/           ← 本工具(用户入口) = <SKILL_DIR>
├── dockerfile-skill/        ← 第3阶段:Dockerfile生成知识库
├── cloud-native-readiness/  ← 第1阶段:评估标准
└── docker-to-sealos/       ← 第5阶段:Sealos模板规则
pipeline.md中使用的路径遵循如下格式:
<SKILL_DIR>/../dockerfile-skill/knowledge/error-patterns.md
<SKILL_DIR>/../dockerfile-skill/templates/<lang>.dockerfile
<SKILL_DIR>/../docker-to-sealos/references/sealos-specs.md

Phase Overview

阶段概览

PhaseActionSkip When
0 — PreflightCapability scan, path-specific warnings, Sealos authInitial blockers resolved
1 — AssessClone repo (or use current project), analyze deployabilityScore too low → stop
2 — DetectFind existing image (Docker Hub / GHCR / README)Found → jump to Phase 5
3 — DockerfileGenerate Dockerfile if missingAlready has one → skip
4 — Build & Push
docker buildx
→ GHCR (auto via gh CLI) or Docker Hub (fallback)
5 — TemplateGenerate Sealos application template
5.5 — ConfigureGuide user through app env vars and inputsNo inputs needed
6 — DeployDeploy template to Sealos Cloud
阶段操作跳过条件
0 — 前置检查能力扫描、路径专属警告、Sealos身份认证初始阻塞问题已解决
1 — 项目评估克隆仓库(或使用当前项目)、分析可部署性评分过低 → 终止流程
2 — 镜像检测查找已有镜像(Docker Hub / GHCR / README)找到符合要求的镜像 → 跳至第5阶段
3 — Dockerfile处理若缺少Dockerfile则自动生成已有Dockerfile → 跳过
4 — 构建与推送
docker buildx
构建后推送到GHCR(通过gh CLI自动识别)或Docker Hub(备选)
5 — 模板生成生成Sealos应用模板
5.5 — 配置引导引导用户设置应用环境变量和输入参数无需输入参数
6 — 部署执行将模板部署到Sealos Cloud

Decision Flow

决策流程

Input (GitHub URL / local path)
[Phase 0] Preflight ── fail → guide user to fix and STOP
  │ pass
[Phase 1] Assess ── not suitable → STOP with reason
  │ suitable
[Phase 2] Detect existing image
  ├── found (amd64) ────────────────────┐
  │                                     │
  ▼                                     │
[Phase 3] Dockerfile (generate/reuse)   │
  │                                     │
  ▼                                     │
[Phase 4] Build & Push to registry      │
  │                                     │
  ◄─────────────────────────────────────┘
[Phase 5] Generate Sealos Template
[Phase 5.5] Configure ── present env vars → ask user for inputs → confirm
[Phase 6] Deploy to Sealos Cloud ── 401 → re-auth
  │                                  409 → instance exists
Done — app deployed ✓
Execution rule: Phase 1 must never start while Phase 0 still has unresolved entry blockers. Docker, 
gh
, builder, and registry failures must be reported early, but only become hard blockers if the run later requires local build/push.
输入(GitHub链接 / 本地路径)
[第0阶段] 前置检查 ── 失败 → 引导用户修复后终止流程
  │ 校验通过
[第1阶段] 项目评估 ── 不适合部署 → 告知原因后终止流程
  │ 适合部署
[第2阶段] 检测已有镜像
  ├── 找到符合要求的amd64镜像 ────────────────────┐
  │                                     │
  ▼                                     │
[第3阶段] Dockerfile处理(生成/复用)   │
  │                                     │
  ▼                                     │
[第4阶段] 构建镜像并推送到镜像仓库      │
  │                                     │
  ◄─────────────────────────────────────┘
[第5阶段] 生成Sealos模板
[第5.5阶段] 配置引导 ── 存在环境变量 → 询问用户输入 → 确认
[第6阶段] 部署到Sealos Cloud ── 401错误 → 重新认证
  │                                  409错误 → 实例已存在
完成 — 应用部署成功 ✓
执行规则: 第0阶段仍有未解决的入口阻塞问题时,绝对不能启动第1阶段。Docker、
gh
、构建器、镜像仓库相关的故障需要尽早上报,但只有当运行流程后续需要本地构建/推送时,这些故障才会成为强制阻塞项。