deployment
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseDeployment
部署
Overview
概览
Set up CI/CD pipelines and deployment configurations that automate the path from code to production. This skill detects the deployment target, generates pipeline config, creates pre/post-deploy checklists, and configures monitoring — producing a fully automated, rollback-ready deployment pipeline.
Announce at start: "I am using the deployment skill to set up the deployment pipeline."
搭建CI/CD流水线和部署配置,实现从代码到生产流程的自动化。本技能可识别部署目标、生成流水线配置、创建部署前后检查清单、配置监控,最终输出一套完全自动化、支持回滚的部署流水线。
开始时声明: "我将使用部署技能来搭建部署流水线。"
Phase 1: Detect Deployment Target
阶段1:识别部署目标
STOP after this phase — present findings to user for confirmation before proceeding.
Ask questions to identify the full deployment context:
Platform Detection:
- Where does this deploy? (Vercel, AWS, GCP, Azure, DigitalOcean, self-hosted)
- Container-based? (Docker, Kubernetes)
- Serverless? (Lambda, Cloud Functions, Edge Functions)
CI/CD Detection:
- What CI system? (GitHub Actions, GitLab CI, CircleCI, Jenkins)
- What triggers deployments? (push to main, tags, manual)
- Multi-environment? (dev, staging, production)
Infrastructure Detection:
- Database migrations needed?
- Environment variables management? (secrets manager, .env)
- CDN/caching? Asset pipeline?
- Monitoring/alerting? (Datadog, Sentry, New Relic)
本阶段结束后暂停 —— 先将识别结果同步给用户确认后再继续。
通过提问确认完整的部署上下文:
平台识别:
- 部署到哪里?(Vercel、AWS、GCP、Azure、DigitalOcean、自托管)
- 是否基于容器?(Docker、Kubernetes)
- 是否是Serverless架构?(Lambda、Cloud Functions、Edge Functions)
CI/CD识别:
- 使用什么CI系统?(GitHub Actions、GitLab CI、CircleCI、Jenkins)
- 部署的触发条件是什么?(推送到main分支、打标签、手动触发)
- 是否有多环境?(开发、预发、生产)
基础设施识别:
- 是否需要数据库迁移?
- 环境变量如何管理?(密钥管理器、.env)
- 是否需要CDN/缓存?资源构建流水线?
- 是否需要监控/告警?(Datadog、Sentry、New Relic)
Platform Selection Decision Table
平台选择决策表
| Project Type | Recommended Platform | CI/CD | Why |
|---|---|---|---|
| Static site / SPA | Vercel, Netlify, Cloudflare Pages | Built-in | Zero config, edge CDN |
| Node.js API | AWS ECS, Cloud Run, Railway | GitHub Actions | Container support, auto-scaling |
| Monorepo (frontend + backend) | Vercel + AWS / Railway | GitHub Actions | Split concerns, independent scaling |
| Enterprise / compliance-heavy | AWS EKS, GKE | GitLab CI, Jenkins | Full control, audit trails |
| Hobby / side project | Railway, Fly.io, Render | Built-in or GitHub Actions | Simple, low cost |
| ML / data pipelines | AWS SageMaker, GCP Vertex | GitHub Actions + Airflow | GPU support, pipeline orchestration |
| 项目类型 | 推荐平台 | CI/CD | 原因 |
|---|---|---|---|
| 静态站点/SPA | Vercel, Netlify, Cloudflare Pages | 内置 | 零配置、边缘CDN |
| Node.js API | AWS ECS, Cloud Run, Railway | GitHub Actions | 支持容器、自动扩缩容 |
| Monorepo(前端+后端) | Vercel + AWS / Railway | GitHub Actions | 职责拆分、独立扩缩容 |
| 企业/强合规需求 | AWS EKS, GKE | GitLab CI, Jenkins | 完全可控、审计轨迹 |
| 爱好/个人项目 | Railway, Fly.io, Render | 内置或GitHub Actions | 简单、低成本 |
| ML/数据流水线 | AWS SageMaker, GCP Vertex | GitHub Actions + Airflow | 支持GPU、流水线编排 |
Phase 2: Design Pipeline
阶段2:设计流水线
STOP after this phase — present pipeline design to user for approval before generating config.
本阶段结束后暂停 —— 先将流水线设计方案同步给用户审批后再生成配置。
Standard Pipeline Stages
标准流水线阶段
┌─────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐
│ Build │──▶│ Test │──▶│ Lint/ │──▶│ Deploy │──▶│ Verify │
│ │ │ │ │ Check │ │ │ │ │
└─────────┘ └──────────┘ └──────────┘ └──────────┘ └──────────┘Build: Install dependencies, compile, bundle
Test: Unit tests, integration tests, coverage check
Lint/Check: Linting, type checking, security audit
Deploy: Push to target environment
Verify: Health checks, smoke tests, monitoring
┌─────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐
│ Build │──▶│ Test │──▶│ Lint/ │──▶│ Deploy │──▶│ Verify │
│ │ │ │ │ Check │ │ │ │ │
└─────────┘ └──────────┘ └──────────┘ └──────────┘ └──────────┘构建(Build): 安装依赖、编译、打包
测试(Test): 单元测试、集成测试、覆盖率检查
检查(Lint/Check): 代码检查、类型检查、安全审计
部署(Deploy): 推送到目标环境
验证(Verify): 健康检查、冒烟测试、监控
Branch Strategy Decision Table
分支策略决策表
| Branch | Action | Environment | Gate |
|---|---|---|---|
| Build + Test + Lint | None | PR checks pass |
| Build + Test + Lint + Deploy | Staging | All checks green |
| Build + Test + Lint + Deploy | Production | Manual approval |
| Build + Test + Deploy | Production (expedited) | Senior approval |
| 分支 | 动作 | 环境 | 门槛 |
|---|---|---|---|
| 构建 + 测试 + 代码检查 | 无 | PR检查通过 |
| 构建 + 测试 + 代码检查 + 部署 | 预发 | 所有检查通过 |
| 构建 + 测试 + 代码检查 + 部署 | 生产 | 人工审批 |
| 构建 + 测试 + 部署 | 生产(加急) | 高级负责人审批 |
Deployment Strategy Decision Table
部署策略决策表
| Strategy | When to Use | Risk Level | Rollback Speed |
|---|---|---|---|
| Direct deploy | Solo/hobby projects, staging | High | Slow (redeploy) |
| Blue-green | Apps with health checks, low-downtime needs | Low | Instant (switch) |
| Canary | High-traffic production, gradual rollout | Very Low | Fast (reroute) |
| Rolling | Kubernetes clusters, stateless services | Low | Medium |
| Feature flags | Decoupled deploy from release | Very Low | Instant (toggle) |
| 策略 | 使用场景 | 风险等级 | 回滚速度 |
|---|---|---|---|
| 直接部署 | 单人/爱好项目、预发环境 | 高 | 慢(重新部署) |
| 蓝绿部署 | 有健康检查、低停机需求的应用 | 低 | instant(切换流量) |
| 金丝雀部署 | 高流量生产环境、渐进式发布 | 极低 | 快(重新路由流量) |
| 滚动部署 | Kubernetes集群、无状态服务 | 低 | 中等 |
| 功能开关 | 部署与发布解耦 | 极低 | 瞬时(切换开关) |
Phase 3: Generate Config
阶段3:生成配置
GitHub Actions Example
GitHub Actions 示例
yaml
name: CI/CD Pipeline
on:
push:
branches: [main]
pull_request:
branches: [main]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build-and-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
- run: npm ci
- run: npm run lint
- run: npm run type-check
- run: npm test -- --coverage
- run: npm run build
deploy-staging:
needs: build-and-test
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
environment: staging
steps:
- uses: actions/checkout@v4
# [platform-specific deploy steps]
deploy-production:
needs: build-and-test
if: startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
environment: production
steps:
- uses: actions/checkout@v4
# [platform-specific deploy steps]yaml
name: CI/CD Pipeline
on:
push:
branches: [main]
pull_request:
branches: [main]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build-and-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
- run: npm ci
- run: npm run lint
- run: npm run type-check
- run: npm test -- --coverage
- run: npm run build
deploy-staging:
needs: build-and-test
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
environment: staging
steps:
- uses: actions/checkout@v4
# [platform-specific deploy steps]
deploy-production:
needs: build-and-test
if: startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
environment: production
steps:
- uses: actions/checkout@v4
# [platform-specific deploy steps]GitLab CI Example
GitLab CI 示例
yaml
stages:
- build
- test
- deploy
build:
stage: build
script:
- npm ci
- npm run build
artifacts:
paths: [dist/]
test:
stage: test
script:
- npm run lint
- npm run type-check
- npm test -- --coverage
deploy-staging:
stage: deploy
environment: staging
script:
- # platform-specific deploy
only:
- main
deploy-production:
stage: deploy
environment: production
script:
- # platform-specific deploy
when: manual
only:
- tagsyaml
stages:
- build
- test
- deploy
build:
stage: build
script:
- npm ci
- npm run build
artifacts:
paths: [dist/]
test:
stage: test
script:
- npm run lint
- npm run type-check
- npm test -- --coverage
deploy-staging:
stage: deploy
environment: staging
script:
- # platform-specific deploy
only:
- main
deploy-production:
stage: deploy
environment: production
script:
- # platform-specific deploy
when: manual
only:
- tagsPhase 4: Create Deployment Checklists
阶段4:创建部署检查清单
STOP — present checklists to user. Customize based on their stack.
暂停 —— 向用户展示检查清单,可基于用户的技术栈自定义。
Pre-Deploy Checklist
部署前检查清单
markdown
undefinedmarkdown
undefinedPre-Deploy Checklist
部署前检查清单
- All tests passing on CI
- Code reviewed and approved
- No critical/high security vulnerabilities
- Environment variables configured for target environment
- Database migrations tested (if applicable)
- Feature flags configured (if applicable)
- Rollback plan documented
- Monitoring/alerts configured
- Changelog updated
- Version bumped
undefined- CI上所有测试通过
- 代码已审核并批准
- 无严重/高危安全漏洞
- 目标环境的环境变量已配置
- 数据库迁移已测试(如有)
- 功能开关已配置(如有)
- 回滚方案已文档化
- 监控/告警已配置
- 更新日志已更新
- 版本号已升级
undefinedPost-Deploy Verification
部署后验证清单
markdown
undefinedmarkdown
undefinedPost-Deploy Verification
部署后验证清单
- Health check endpoint returns 200
- Smoke tests passing
- Error rate within normal range
- Response times within SLA
- Database migrations applied successfully
- Feature flags active/inactive as expected
- Monitoring dashboard showing expected metrics
- No new errors in error tracking (Sentry, etc.)
undefined- 健康检查接口返回200
- 冒烟测试通过
- 错误率在正常范围内
- 响应时间符合SLA要求
- 数据库迁移执行成功
- 功能开关状态符合预期
- 监控面板展示指标正常
- 错误追踪工具(Sentry等)无新增报错
undefinedPhase 5: Review and Finalize
阶段5:审核和定稿
Present the complete pipeline configuration to the user:
- VERIFY CI/CD config file syntax is valid
- VERIFY all environment variables are documented
- VERIFY rollback plan exists
- VERIFY pre/post-deploy checklists are complete
- VERIFY the pipeline can be tested locally (act, etc.)
Save config to or equivalent.
.github/workflows/向用户展示完整的流水线配置:
- 确认CI/CD配置文件语法正确
- 确认所有环境变量已文档化
- 确认存在回滚方案
- 确认部署前后检查清单完整
- 确认流水线可在本地测试(act等工具)
将配置保存到或对应目录。
.github/workflows/Anti-Patterns / Common Mistakes
反模式/常见错误
| Anti-Pattern | Why It Is Wrong | What to Do Instead |
|---|---|---|
| Manual production deploys | Error-prone, no audit trail | Automate via CI/CD pipeline |
| No rollback plan | Stuck if deploy breaks production | Define rollback before every deploy |
| Skipping staging | Bugs found in production | Always deploy to staging first |
| Secrets in code/config files | Security breach risk | Use secrets manager or env vars |
| Non-reproducible deploys | Pin specific version tags |
| No concurrency control | Conflicting deploys | Add concurrency groups to CI |
| Deploying without health checks | No visibility into deploy health | Add health endpoint + post-deploy check |
| Alert fatigue from noisy monitors | Real issues get missed | Alert on symptoms, tune thresholds |
| 反模式 | 问题 | 正确做法 |
|---|---|---|
| 手动部署生产环境 | 容易出错,无审计轨迹 | 通过CI/CD流水线自动化 |
| 无回滚方案 | 部署导致生产故障时无法快速恢复 | 每次部署前先定义回滚方案 |
| 跳过预发环境 | bug直接在生产环境被发现 | 始终先部署到预发环境验证 |
| 密钥放在代码/配置文件中 | 存在安全泄露风险 | 使用密钥管理器或环境变量 |
生产镜像使用 | 部署不可复现 | 绑定具体的版本标签 |
| 无并发控制 | 出现冲突部署 | 为CI任务添加并发组 |
| 部署无健康检查 | 无法感知部署是否正常 | 新增健康检查接口+部署后校验 |
| 监控告警过多导致告警疲劳 | 真实问题被忽略 | 仅对异常症状告警,调整阈值 |
Key Principles
核心原则
- Automate everything — no manual steps in the critical path
- Fast feedback — fail early, fail fast
- Environment parity — staging matches production
- Rollback-ready — every deploy has a rollback plan
- Observable — monitoring before, during, and after deploy
- Secure — no secrets in code, use secrets management
- Idempotent — deploying the same version twice produces the same result
- 全自动化 —— 关键路径上无人工步骤
- 快速反馈 —— 尽早失败、快速失败
- 环境一致 —— 预发环境与生产环境配置一致
- 支持回滚 —— 每次部署都有回滚方案
- 可观测 —— 部署前、中、后全流程监控
- 安全 —— 代码中无密钥,使用密钥管理工具
- 幂等 —— 相同版本部署多次结果一致
Integration Points
集成点
| Skill | Integration |
|---|---|
| Provides Docker, K8s, and IaC patterns used in deploy config |
| Conventional commits drive changelog and version bumping |
| Branch completion triggers deployment pipeline |
| Post-deploy verification gate |
| Security scan stage in the pipeline |
| Deployment plan is part of the implementation plan |
| 技能 | 集成方式 |
|---|---|
| 提供部署配置中使用的Docker、K8s和IaC模式 |
| 约定式提交驱动更新日志和版本升级 |
| 分支合并触发部署流水线 |
| 部署后校验关卡 |
| 流水线中的安全扫描阶段 |
| 部署方案是实现方案的一部分 |
Skill Type
技能类型
FLEXIBLE — Adapt pipeline design, platform selection, and tooling to the project's cloud provider, team size, and operational maturity. The principles (automation, rollback, observability) are constant; specific tools are interchangeable.
灵活适配 —— 可根据项目的云服务商、团队规模和运维成熟度调整流水线设计、平台选择和工具链。核心原则(自动化、回滚、可观测性)保持不变,具体工具可替换。