grpc-golang
Build production-ready gRPC services in Go with mTLS, streaming, and observability. Use when designing Protobuf contracts with Buf or implementing secure service-to-service transport.
About this skill
This skill serves as a comprehensive knowledge base for AI agents, enabling them to provide expert guidance on designing and implementing production-grade gRPC services using the Go programming language. It delves into critical aspects such as standardizing API contracts with Protocol Buffers (Protobuf) and the Buf toolchain, ensuring secure service-to-service communication through mTLS (mutual Transport Layer Security), implementing various streaming patterns (unary, server-side, client-side, and bidirectional), and integrating deep observability via OpenTelemetry interceptors. An AI agent can leverage this skill to offer architectural recommendations, generate design patterns, explain complex concepts, or synthesize detailed documentation for developing robust, high-performance, and secure microservices in Go.
Best use case
Providing architectural advice for gRPC microservices development in Go. Generating best practices for Protobuf contract definitions using Buf. Explaining secure service-to-service transport mechanisms like mTLS. Advising on the implementation of different streaming gRPC workloads. Offering recommendations for integrating observability (OpenTelemetry) into gRPC-Go services.
Build production-ready gRPC services in Go with mTLS, streaming, and observability. Use when designing Protobuf contracts with Buf or implementing secure service-to-service transport.
Detailed design recommendations and best practices for gRPC services in Go. Clear explanations of gRPC concepts such as mTLS, various streaming types, and OpenTelemetry observability. Guidance on Protobuf contract definition using Buf for API standardization. Architectural patterns or conceptual code examples for gRPC-Go implementations. Insights into security considerations for gRPC transport layer.
Practical example
Example input
Explain how to build a production-ready gRPC service in Go, focusing on security with mTLS and integrating observability with OpenTelemetry.
Example output
To build a production-ready gRPC service in Go with a focus on security via mTLS and observability using OpenTelemetry, follow these key principles: **1. Define Robust Protobuf Contracts with Buf:** Start by defining your service interfaces and message structures using Protocol Buffers. Utilize Buf for schema linting, breaking change detection, and consistent contract management across your services. This ensures API stability and clarity. **2. Implement Mutual TLS (mTLS) for Secure Transport:** For secure service-to-service communication, implement mTLS. This involves both the gRPC client and server authenticating each other using X.509 certificates. You'll need to generate and manage Certificate Authorities (CAs), server certificates, and client certificates. Configure your `grpc.Server` and `grpc.ClientConn` with `credentials.NewTLS` using appropriate `tls.Config` settings to enforce mutual authentication. **3. Integrate OpenTelemetry for Deep Observability:** Embed OpenTelemetry for comprehensive tracing, metrics, and logging. Use `otelgrpc.UnaryServerInterceptor` and `otelgrpc.StreamServerInterceptor` for automatic request context propagation and span creation. Customize spans with additional attributes and define custom metrics to monitor service health and performance. Export traces and metrics to your chosen observability backend (e.g., Jaeger, Prometheus). **4. Consider Streaming Patterns:** Design your gRPC methods to leverage appropriate streaming patterns (unary, server-side, client-side, bidirectional) based on your data flow requirements. Ensure proper error handling and context management within streaming RPCs. By systematically applying these practices, your Go gRPC service will be robust, secure, and easily diagnosable in production environments.
When to use this skill
- When an agent needs to provide guidance on designing microservices communication with gRPC in Go.
- When the task involves discussing or designing high-performance internal APIs using Protobuf.
- When an agent needs to explain or advise on implementing streaming workloads (unidirectional or bidirectional) in gRPC.
- When standardizing API contracts using Protobuf and Buf is a topic of discussion or generation.
When not to use this skill
- When the task requires directly executing a gRPC call or interacting with a live gRPC service, rather than providing design guidance.
- When working with programming languages other than Go for gRPC implementation details.
- When seeking general-purpose network communication advice not specific to gRPC or Protobuf.
- When the focus is solely on client-side gRPC implementation without service design considerations.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/grpc-golang/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How grpc-golang Compares
| Feature / Agent | grpc-golang | Standard Approach |
|---|---|---|
| Platform Support | Claude | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | easy | N/A |
Frequently Asked Questions
What does this skill do?
Build production-ready gRPC services in Go with mTLS, streaming, and observability. Use when designing Protobuf contracts with Buf or implementing secure service-to-service transport.
Which AI agents support this skill?
This skill is designed for Claude.
How difficult is it to install?
The installation complexity is rated as easy. You can find the installation instructions above.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
AI Agents for Startups
Explore AI agent skills for startup validation, product research, growth experiments, documentation, and fast execution with small teams.
AI Agent for SaaS Idea Validation
Use AI agent skills for SaaS idea validation, market research, customer discovery, competitor analysis, and documenting startup hypotheses.
SKILL.md Source
# gRPC Golang (gRPC-Go)
## Overview
Comprehensive guide for designing and implementing production-grade gRPC services in Go. Covers contract standardization with Buf, transport layer security via mTLS, and deep observability with OpenTelemetry interceptors.
## Use this skill when
- Designing microservices communication with gRPC in Go.
- Building high-performance internal APIs using Protobuf.
- Implementing streaming workloads (unidirectional or bidirectional).
- Standardizing API contracts using Protobuf and Buf.
- Configuring mTLS for service-to-service authentication.
## Do not use this skill when
- Building pure REST/HTTP public APIs without gRPC requirements.
- Modifying legacy `.proto` files without the ability to introduce a new API version (e.g., `api.v2`) or ensure backward compatibility.
- Managing service mesh traffic routing (e.g., Istio/Linkerd), which is outside the application code scope.
## Step-by-Step Guide
1. **Confirm Technical Context**: Identify Go version, gRPC-Go version, and whether the project uses Buf or raw protoc.
2. **Confirm Requirements**: Identify mTLS needs, load patterns (unary/streaming), SLOs, and message size limits.
3. **Plan Schema**: Define package versioning (e.g., `api.v1`), resource types, and error mapping.
4. **Security Design**: Implement mTLS for service-to-service authentication.
5. **Observability**: Configure interceptors for tracing, metrics, and structured logging.
6. **Verification**: Always run `buf lint` and breaking change checks before finalizing code generation.
Refer to `resources/implementation-playbook.md` for detailed patterns, code examples, and anti-patterns.
## Examples
### Example 1: Defining a Service & Message (v1 API)
```proto
syntax = "proto3";
package api.v1;
option go_package = "github.com/org/repo/gen/api/v1;apiv1";
service UserService {
rpc GetUser(GetUserRequest) returns (GetUserResponse);
}
message User {
string id = 1;
string name = 2;
}
message GetUserRequest {
string id = 1;
}
message GetUserResponse {
User user = 1;
}
```
## Best Practices
- ✅ **Do:** Use Buf to standardize your toolchain and linting with `buf.yaml` and `buf.gen.yaml`.
- ✅ **Do:** Always use semantic versioning in package paths (e.g., `package api.v1`).
- ✅ **Do:** Enforce mTLS for all internal service-to-service communication.
- ✅ **Do:** Handle `ctx.Done()` in all streaming handlers to prevent resource leaks.
- ✅ **Do:** Map domain errors to standard gRPC status codes (e.g., `codes.NotFound`).
- ❌ **Don't:** Return raw internal error strings or stack traces to gRPC clients.
- ❌ **Don't:** Create a new `grpc.ClientConn` per request; always reuse connections.
## Troubleshooting
- **Error: Inconsistent Gen**: If the generated code does not match the schema, run `buf generate` and verify the `go_package` option.
- **Error: Context Deadline**: Check client timeouts and ensure the server is not blocking infinitely in streaming handlers.
- **Error: mTLS Handshake**: Ensure the CA certificate is correctly added to the `x509.CertPool` on both client and server sides.
## Limitations
- Does not cover service mesh traffic routing (Istio/Linkerd configuration).
- Does not cover gRPC-Web or browser-based gRPC integration.
- Assumes Go 1.21+ and gRPC-Go v1.60+; older versions may have different APIs (e.g., `grpc.Dial` vs `grpc.NewClient`).
- Does not cover L7 gRPC-aware load balancer configuration (e.g., Envoy, NGINX).
- Does not address Protobuf schema registry or large-scale schema governance beyond Buf lint.
## Resources
- `resources/implementation-playbook.md` for detailed patterns, code examples, and anti-patterns.
- [Google API Design Guide](https://cloud.google.com/apis/design)
- [Buf Docs](https://buf.build/docs)
- [gRPC-Go Docs](https://grpc.io/docs/languages/go/)
- [OpenTelemetry Go Instrumentation](https://opentelemetry.io/docs/instrumentation/go/)
## Related Skills
- @golang-pro - General Go patterns and performance optimization outside the gRPC layer.
- @go-concurrency-patterns - Advanced goroutine lifecycle management for streaming handlers.
- @api-design-principles - Resource naming and versioning strategy before writing `.proto` files.
- @docker-expert - Containerizing gRPC services and configuring TLS cert injection via Docker secrets.Related Skills
convex
Convex reactive backend expert: schema design, TypeScript functions, real-time subscriptions, auth, file storage, scheduling, and deployment.
dbos-golang
Guide for building reliable, fault-tolerant Go applications with DBOS durable workflows. Use when adding DBOS to existing Go code, creating workflows and steps, or using queues for concurrency control.
nft-standards
Master ERC-721 and ERC-1155 NFT standards, metadata best practices, and advanced NFT features.
nextjs-app-router-patterns
Comprehensive patterns for Next.js 14+ App Router architecture, Server Components, and modern full-stack React development.
new-rails-project
Create a new Rails project
networkx
NetworkX is a Python package for creating, manipulating, and analyzing complex networks and graphs.
network-engineer
Expert network engineer specializing in modern cloud networking, security architectures, and performance optimization.
nestjs-expert
You are an expert in Nest.js with deep knowledge of enterprise-grade Node.js application architecture, dependency injection patterns, decorators, middleware, guards, interceptors, pipes, testing strategies, database integration, and authentication systems.
nerdzao-elite
Senior Elite Software Engineer (15+) and Senior Product Designer. Full workflow with planning, architecture, TDD, clean code, and pixel-perfect UX validation.
nerdzao-elite-gemini-high
Modo Elite Coder + UX Pixel-Perfect otimizado especificamente para Gemini 3.1 Pro High. Workflow completo com foco em qualidade máxima e eficiência de tokens.
native-data-fetching
Use when implementing or debugging ANY network request, API call, or data fetching. Covers fetch API, React Query, SWR, error handling, caching, offline support, and Expo Router data loaders (useLoaderData).
n8n-workflow-patterns
Proven architectural patterns for building n8n workflows.