home / skills / zpankz / mcp-skillset / ci-cd-optimization
This skill helps you implement automated, quality-gated CI/CD pipelines with observability, release automation, and fast, reliable builds.
npx playbooks add skill zpankz/mcp-skillset --skill ci-cd-optimizationReview the files below or copy the command above to add this skill to your agents.
---
name: CI/CD Optimization
description: Comprehensive CI/CD pipeline methodology with quality gates, release automation, smoke testing, observability, and performance tracking. Use when setting up CI/CD from scratch, build time over 5 minutes, no automated quality gates, manual release process, lack of pipeline observability, or broken releases reaching production. Provides 5 quality gate categories (coverage threshold 75-80%, lint blocking, CHANGELOG validation, build verification, test pass rate), release automation with conventional commits and automatic CHANGELOG generation, 25 smoke tests across execution/consistency/structure categories, CI observability with metrics tracking and regression detection, performance optimization including native-only testing for Go cross-compilation. Validated in meta-cc with 91.7% pattern validation rate (11/12 patterns), 2.5-3.5x estimated speedup, GitHub Actions native with 70-80% transferability to GitLab CI and Jenkins.
allowed-tools: Read, Write, Edit, Bash
---
# CI/CD Optimization
**Transform manual releases into automated, quality-gated, observable pipelines.**
> Quality gates prevent regression. Automation prevents human error. Observability enables continuous optimization.
---
## When to Use This Skill
Use this skill when:
- š **Setting up CI/CD**: New project needs pipeline infrastructure
- ā±ļø **Slow builds**: Build time exceeds 5 minutes
- š« **No quality gates**: Coverage, lint, tests not enforced automatically
- š¤ **Manual releases**: Human-driven deployment process
- š **No observability**: Cannot track pipeline performance metrics
- š **Broken releases**: Defects reaching production regularly
- š **Manual CHANGELOG**: Release notes created by hand
**Don't use when**:
- ā CI/CD already optimal (<2min builds, fully automated, quality-gated)
- ā Non-GitHub Actions without adaptation time (70-80% transferable)
- ā Infrequent releases (monthly or less, automation ROI low)
- ā Single developer projects (overhead may exceed benefit)
---
## Quick Start (30 minutes)
### Step 1: Implement Coverage Gate (10 min)
```yaml
# .github/workflows/ci.yml
- name: Check coverage threshold
run: |
COVERAGE=$(go tool cover -func=coverage.out | grep total | awk '{print $3}' | sed 's/%//')
if (( $(echo "$COVERAGE < 75" | bc -l) )); then
echo "Coverage $COVERAGE% below threshold 75%"
exit 1
fi
```
### Step 2: Automate CHANGELOG Generation (15 min)
```bash
# scripts/generate-changelog-entry.sh
# Parse conventional commits: feat:, fix:, docs:, etc.
# Generate CHANGELOG entry automatically
# Zero manual editing required
```
### Step 3: Add Basic Smoke Tests (5 min)
```bash
# scripts/smoke-tests.sh
# Test 1: Binary executes
./dist/meta-cc --version
# Test 2: Help output valid
./dist/meta-cc --help | grep "Usage:"
# Test 3: Basic command works
./dist/meta-cc get-session-stats
```
---
## Five Quality Gate Categories
### 1. Coverage Threshold Gate
**Purpose**: Prevent coverage regression
**Threshold**: 75-80% (project-specific)
**Action**: Block merge if below threshold
**Implementation**:
```yaml
- name: Coverage gate
run: |
COVERAGE=$(go tool cover -func=coverage.out | grep total | awk '{print $3}' | sed 's/%//')
if (( $(echo "$COVERAGE < 80" | bc -l) )); then
exit 1
fi
```
**Principle**: Enforcement before improvement - implement gate even if not at target yet
### 2. Lint Blocking
**Purpose**: Maintain code quality standards
**Tool**: golangci-lint (Go), pylint (Python), ESLint (JS)
**Action**: Block merge on lint failures
### 3. CHANGELOG Validation
**Purpose**: Ensure release notes completeness
**Check**: CHANGELOG.md updated for version changes
**Action**: Block release if CHANGELOG missing
### 4. Build Verification
**Purpose**: Ensure compilable code
**Platforms**: Native + cross-compilation targets
**Action**: Block merge on build failure
### 5. Test Pass Rate
**Purpose**: Maintain test reliability
**Threshold**: 100% (zero tolerance for flaky tests)
**Action**: Block merge on test failures
---
## Release Automation
### Conventional Commits
**Format**: `type(scope): description`
**Types**:
- `feat:` - New feature
- `fix:` - Bug fix
- `docs:` - Documentation only
- `refactor:` - Code restructuring
- `test:` - Test additions/changes
- `chore:` - Maintenance
### Automatic CHANGELOG Generation
**Tool**: Custom script (135 lines, zero dependencies)
**Process**:
1. Parse git commits since last release
2. Group by type (Features, Fixes, Documentation)
3. Generate markdown entry
4. Prepend to CHANGELOG.md
**Time savings**: 5-10 minutes per release
### GitHub Releases
**Automation**: Triggered on version tags
**Artifacts**: Binaries, packages, checksums
**Release notes**: Auto-generated from CHANGELOG
---
## Smoke Testing (25 Tests)
### Execution Tests (10 tests)
- Binary runs without errors
- Help output valid
- Version command works
- Basic commands execute
- Exit codes correct
### Consistency Tests (8 tests)
- Output format stable
- JSON structure valid
- Error messages formatted
- Logging output consistent
### Structure Tests (7 tests)
- Package contents complete
- File permissions correct
- Dependencies bundled
- Configuration files present
**Validation**: 25/25 tests passing in meta-cc
---
## CI Observability
### Metrics Tracked
1. **Build time**: Total pipeline duration
2. **Test time**: Test execution duration
3. **Coverage**: Test coverage percentage
4. **Artifact size**: Binary/package size
### Storage Strategy
**Approach**: Git-committed CSV files
**Location**: `.ci-metrics/*.csv`
**Retention**: Last 100 builds (auto-trimmed)
**Advantages**: Zero infrastructure, automatic versioning
### Regression Detection
**Method**: Moving average baseline (last 10 builds)
**Threshold**: >20% regression triggers PR block
**Metrics**: Build time, test time, artifact size
**Implementation**:
```bash
# scripts/check-performance-regression.sh
BASELINE=$(tail -10 .ci-metrics/build-time.csv | awk '{sum+=$2} END {print sum/NR}')
CURRENT=$BUILD_TIME
if (( $(echo "$CURRENT > $BASELINE * 1.2" | bc -l) )); then
echo "Build time regression: ${CURRENT}s > ${BASELINE}s + 20%"
exit 1
fi
```
---
## Performance Optimization
### Native-Only Testing
**Principle**: Trust mature cross-compilation (Go, Rust)
**Savings**: 5-10 minutes per build (avoid emulation)
**Risk**: Platform-specific bugs (mitigated by Go's 99%+ reliability)
**Decision criteria**:
- Mature tooling: YES ā native-only
- Immature tooling: NO ā test all platforms
### Caching Strategies
- Go module cache
- Build artifact cache
- Test cache for unchanged packages
### Parallel Execution
- Run linters in parallel with tests
- Matrix builds for multiple Go versions
- Parallel smoke tests
---
## Proven Results
**Validated in bootstrap-007** (meta-cc project):
- ā
11/12 patterns validated (91.7%)
- ā
Coverage gate operational (80% threshold)
- ā
CHANGELOG automation (zero manual editing)
- ā
25 smoke tests (100% pass rate)
- ā
Metrics tracking (4 metrics, 100 builds history)
- ā
Regression detection (20% threshold)
- ā
6 iterations, ~18 hours
- ā
V_instance: 0.85, V_meta: 0.82
**Estimated speedup**: 2.5-3.5x vs manual process
**Not validated** (1/12):
- E2E pipeline tests (requires staging environment, deferred)
**Transferability**:
- GitHub Actions: 100% (native)
- GitLab CI: 75% (YAML similar, runner differences)
- Jenkins: 70% (concepts transfer, syntax very different)
- **Overall**: 70-80% transferable
---
## Templates
### GitHub Actions CI Workflow
```yaml
# .github/workflows/ci.yml
name: CI
on: [push, pull_request]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v4
- name: Test
run: go test -coverprofile=coverage.out ./...
- name: Coverage gate
run: ./scripts/check-coverage.sh
- name: Lint
run: golangci-lint run
- name: Track metrics
run: ./scripts/track-metrics.sh
- name: Check regression
run: ./scripts/check-performance-regression.sh
```
### GitHub Actions Release Workflow
```yaml
# .github/workflows/release.yml
name: Release
on:
push:
tags: ['v*']
jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Build
run: make build-all
- name: Smoke tests
run: ./scripts/smoke-tests.sh
- name: Create release
uses: actions/create-release@v1
- name: Upload artifacts
uses: actions/upload-release-asset@v1
```
---
## Anti-Patterns
ā **Quality theater**: Gates that don't actually block (warnings only)
ā **Over-automation**: Automating steps that change frequently
ā **Metrics without action**: Tracking data but never acting on it
ā **Flaky gates**: Tests that fail randomly (undermines trust)
ā **One-size-fits-all**: Same thresholds for all project types
---
## Related Skills
**Parent framework**:
- [methodology-bootstrapping](../methodology-bootstrapping/SKILL.md) - Core OCA cycle
**Complementary**:
- [testing-strategy](../testing-strategy/SKILL.md) - Quality gates foundation
- [observability-instrumentation](../observability-instrumentation/SKILL.md) - Metrics patterns
- [error-recovery](../error-recovery/SKILL.md) - Build failure handling
---
## References
**Core guides**:
- Reference materials in experiments/bootstrap-007-cicd-pipeline/
- Quality gates methodology
- Release automation guide
- Smoke testing patterns
- Observability patterns
**Scripts**:
- scripts/check-coverage.sh
- scripts/generate-changelog-entry.sh
- scripts/smoke-tests.sh
- scripts/track-metrics.sh
- scripts/check-performance-regression.sh
---
**Status**: ā
Production-ready | 91.7% validation | 2.5-3.5x speedup | 70-80% transferable
This skill provides a practical CI/CD optimization methodology that converts manual release workflows into automated, quality-gated, and observable pipelines. It bundles five enforceable quality gates, release automation with conventional commits and automatic CHANGELOG generation, a 25-test smoke suite, CI observability with regression detection, and performance optimization guidance. Validated in a real project with measurable speedups and strong transferability to other CI systems.
The skill inspects pipeline configuration, build duration, test coverage, lint results, CHANGELOG presence, and pipeline metrics. It enforces five gate categories (coverage, lint, CHANGELOG, build verification, test pass rate), automates release creation from conventional commits, runs a compact smoke-test suite, and tracks build/test/coverage/artifact metrics in repo-backed CSVs for regression detection. Performance rules recommend native-only testing and caching to reduce build time.
How rigid are the coverage and test thresholds?
Thresholds are configurable; recommended coverage is 75ā80% and test pass rate is zero-tolerance for failures. Start by enforcing a gate even if current coverage is lower, then raise targets incrementally.
Will these patterns work outside GitHub Actions?
Yes. Workflows are native to GitHub Actions but concepts and most YAML translate: expect ~70ā80% transferability to GitLab CI and Jenkins with adaptation for runner and plugin differences.