playbooks

home / skills / autumnsgrove / groveengine / cicd-automation

cicd-automation skill

/.claude/skills/cicd-automation

This skill helps you create robust CI/CD pipelines with GitHub Actions for automated testing, linting, and deployment in Python/UV projects.

npx playbooks add skill autumnsgrove/groveengine --skill cicd-automation

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
4.6 KB
---
name: cicd-automation
description: Set up GitHub Actions workflows for CI/CD with automated testing, linting, and deployment for Python/UV projects. Use when creating CI pipelines, automating tests, or setting up deployment workflows.
---

# CI/CD Automation Skill

## When to Activate

Activate this skill when:
- Creating GitHub Actions workflows
- Setting up automated testing
- Configuring deployment pipelines
- Adding code quality checks to CI
- Automating release processes

## Quick Start Workflow

Create `.github/workflows/ci.yml`:

```yaml
name: CI

on:
  push:
    branches: [main, develop]
  pull_request:
    branches: [main]

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Install UV
        run: curl -LsSf https://astral.sh/uv/install.sh | sh

      - name: Add UV to PATH
        run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH

      - name: Install dependencies
        run: uv sync

      - name: Run tests
        run: uv run pytest tests/ -v --cov=src

      - name: Lint with Ruff
        run: uv run ruff check src/ tests/

      - name: Check formatting
        run: uv run black --check src/ tests/
```

## Workflow Structure

```
.github/
└── workflows/
    ├── ci.yml        # Tests and linting
    ├── release.yml   # Package publishing
    └── deploy.yml    # Deployment
```

## Common Triggers

```yaml
# Every push and PR
on: [push, pull_request]

# Specific branches
on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

# Manual trigger
on: workflow_dispatch

# Scheduled (cron)
on:
  schedule:
    - cron: '0 0 * * *'  # Daily at midnight
```

## Testing with Coverage

```yaml
- name: Run tests with coverage
  run: |
    uv run pytest tests/ \
      --cov=src \
      --cov-report=xml \
      --cov-report=term-missing \
      --junitxml=junit.xml

- name: Upload coverage to Codecov
  uses: codecov/codecov-action@v3
  with:
    files: ./coverage.xml
    fail_ci_if_error: true
```

## Multi-Environment Testing

```yaml
jobs:
  test:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest, windows-latest]
        python-version: ['3.10', '3.11', '3.12']

    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-python@v5
        with:
          python-version: ${{ matrix.python-version }}

      - name: Install UV
        run: curl -LsSf https://astral.sh/uv/install.sh | sh

      - name: Run tests
        run: uv run pytest tests/
```

## Caching Dependencies

```yaml
- name: Cache UV dependencies
  uses: actions/cache@v3
  with:
    path: |
      ~/.cache/uv
      .venv
    key: ${{ runner.os }}-uv-${{ hashFiles('**/pyproject.toml') }}
    restore-keys: |
      ${{ runner.os }}-uv-

- name: Install dependencies
  run: uv sync
```

## Secrets in Workflows

```yaml
- name: Deploy
  env:
    API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
    DATABASE_URL: ${{ secrets.DATABASE_URL }}
  run: uv run python deploy.py
```

**Setting up secrets:**
1. Repository Settings → Secrets and variables → Actions
2. Click "New repository secret"
3. Add name and value

## Publishing to PyPI

```yaml
name: Publish

on:
  release:
    types: [published]

jobs:
  publish:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Install UV
        run: curl -LsSf https://astral.sh/uv/install.sh | sh

      - name: Build package
        run: uv build

      - name: Publish to PyPI
        env:
          UV_PUBLISH_TOKEN: ${{ secrets.PYPI_TOKEN }}
        run: uv publish --token $UV_PUBLISH_TOKEN
```

## Docker Image Build

```yaml
- name: Build and push Docker image
  uses: docker/build-push-action@v5
  with:
    context: .
    push: true
    tags: user/app:latest,user/app:${{ github.sha }}
```

## Status Badges

Add to README:

```markdown
![CI](https://github.com/username/repo/workflows/CI/badge.svg)
[![codecov](https://codecov.io/gh/username/repo/badge.svg)](https://codecov.io/gh/username/repo)
```

## Best Practices

### DO ✅
- Run tests on every push
- Cache dependencies for speed
- Use matrix for cross-platform testing
- Separate CI from CD workflows
- Use secrets for sensitive data

### DON'T ❌
- Skip linting in CI
- Ignore test failures
- Store secrets in code
- Run unnecessary jobs

## When to Use CI/CD

**Start with:**
1. Running tests on every push
2. Code quality checks (lint, format)
3. Security scanning

**Add later:**
1. Deployment automation
2. Docker builds
3. Documentation generation

## Related Resources

See `AgentUsage/ci_cd_patterns.md` for complete documentation including:
- Complex workflow examples
- Environment-specific configs
- Advanced caching strategies
- Deployment patterns

Overview

This skill sets up GitHub Actions CI/CD workflows for Python projects using UV, focusing on automated testing, linting, and deployment. It provides ready-made workflow patterns, caching, multi-environment testing, and publish/deploy steps tailored for a multi-tenant blog platform built with TypeScript backend components and Python services. Use it to get reliable, repeatable pipelines that enforce code quality and automate releases.

How this skill works

The skill generates GitHub Actions workflows that run on push, pull request, schedule, or manual triggers. Workflows install UV, sync dependencies, run pytest with coverage, run Ruff and Black checks, and optionally build Docker images or publish packages. It supports matrix testing across OS and Python versions, caches UV dependencies to speed runs, and injects secrets for deployments.

When to use it

  • When creating CI pipelines for Python services in the project
  • When adding automated tests, linting, and format checks to pull requests
  • When setting up multi-platform, multi-Python-version test matrices
  • When automating releases to PyPI or container registries
  • When implementing scheduled jobs or manual workflow_dispatch triggers

Best practices

  • Run tests and linting on every push and pull request
  • Cache dependency artifacts (UV, .venv) to reduce job time
  • Use matrix strategies to validate multiple OS and Python versions
  • Store API keys and credentials only in GitHub Actions secrets
  • Keep CI jobs focused and separate CD (deploy/publish) workflows

Example use cases

  • CI workflow that runs pytest with coverage, Ruff linting, and Black format checks on main and develop
  • Matrix job testing on ubuntu, macOS, and Windows with Python 3.10–3.12
  • Scheduled nightly test runs and coverage reports uploaded to Codecov
  • Release workflow that builds and publishes a Python package to PyPI on GitHub release
  • Build-and-push Docker images to a registry as part of deployment

FAQ

How do I provide secrets for deployment?

Add secrets in the repository Settings → Secrets and variables → Actions, then reference them in workflows via ${{ secrets.YOUR_SECRET }}.

Can I speed up CI runs?

Yes—cache UV and virtual environment paths with actions/cache to avoid reinstalling dependencies each run.