CI/CD Pipeline Generator
Generate platform-specific CI/CD pipeline configurations for GitHub Actions, GitLab CI, Jenkins, and Azure DevOps with build, test, and deploy stages.
Best use case
CI/CD Pipeline Generator is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Generate platform-specific CI/CD pipeline configurations for GitHub Actions, GitLab CI, Jenkins, and Azure DevOps with build, test, and deploy stages.
Teams using CI/CD Pipeline Generator should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/devops-cicd-generator/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How CI/CD Pipeline Generator Compares
| Feature / Agent | CI/CD Pipeline Generator | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Generate platform-specific CI/CD pipeline configurations for GitHub Actions, GitLab CI, Jenkins, and Azure DevOps with build, test, and deploy stages.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
SKILL.md Source
## Purpose & When-To-Use
**Trigger conditions:**
- New project needs CI/CD pipeline from scratch
- Migrating between CI/CD platforms
- Standardizing pipeline configurations across projects
- Adding missing stages (security, testing) to existing pipeline
- Tech stack change requires pipeline updates
**Use this skill when** you need a complete, platform-optimized CI/CD pipeline configuration file with build, test, security, and deploy stages.
---
## Pre-Checks
**Before execution, verify:**
1. **Time normalization**: `NOW_ET = 2025-10-26T01:33:56-04:00` (NIST/time.gov semantics, America/New_York)
2. **Input schema validation**:
- `platform` is one of: `github-actions`, `gitlab-ci`, `jenkins`, `azure-devops`
- `tech_stack` contains valid language identifiers
- `stages` object specifies at minimum: build and test configurations
3. **Source freshness**: All cited sources accessed on `NOW_ET`; verify documentation links current
4. **Platform access**: Confirm target platform is available and licensed
**Abort conditions:**
- Platform is proprietary/undocumented with no public API reference
- Tech stack language not supported by target platform
- Conflicting stage requirements (e.g., parallel and sequential for same stage)
---
## Procedure
### Tier 1 (Fast Path, ≤2k tokens)
**Token budget**: ≤2k tokens
**Scope**: Generate basic CI/CD pipeline for common tech stacks with standard build, test, and deploy stages.
**Steps:**
1. **Analyze inputs and select template** (300 tokens):
- Determine platform format (YAML for GitHub Actions/GitLab, Groovy for Jenkins, YAML for Azure DevOps)
- Identify language-specific runners and dependencies
- Map stages to platform constructs (jobs, stages, steps)
2. **Generate pipeline configuration** (1700 tokens):
- **Build stage**: Install dependencies, compile/build artifacts
- **Test stage**: Run unit and integration tests with coverage
- **Security stage**: SAST scan, dependency vulnerability check
- **Deploy stage**: Push to registry or deploy to target environment
- Include dependency caching for performance
- Add matrix builds for multi-version testing if applicable
- Output pipeline file with inline comments
- Generate setup guide with required secrets and variables
**Decision point**: If requirements include multi-environment deployments, advanced security gates, or custom integrations → escalate to T2.
---
### Tier 2 (Extended Analysis, ≤6k tokens)
**Token budget**: ≤6k tokens
**Scope**: Multi-environment pipelines with advanced security, approval gates, and performance optimization.
**Steps:**
1. **Design multi-environment pipeline** (2000 tokens):
- Configure environment-specific stages (dev, staging, production)
- Implement promotion gates with manual approvals
- Add environment-specific variables and secret management
- Configure conditional execution based on branch patterns
- **GitHub Actions** (accessed 2025-10-26T01:33:56-04:00): Use environments with protection rules
- **GitLab CI** (accessed 2025-10-26T01:33:56-04:00): Implement environment-specific jobs with deployment strategies
- **Jenkins** (accessed 2025-10-26T01:33:56-04:00): Use input steps for approvals and parameters for environments
- **Azure DevOps** (accessed 2025-10-26T01:33:56-04:00): Configure deployment stages with approval gates
2. **Generate optimized configuration** (4000 tokens):
- Advanced caching strategies (layer caching, dependency caching, build caching)
- Parallel job execution for independent stages
- Security hardening:
- SAST with SonarQube or Semgrep
- SCA with Snyk or Dependabot integration
- Secret scanning with git-secrets or TruffleHog
- Container image scanning with Trivy
- Testing integration:
- Unit, integration, and e2e test suites
- Code coverage reporting with quality gates (minimum 80%)
- Performance benchmarking
- Artifact management:
- Build artifact storage and versioning
- Container image tagging strategies
- Retention policies
- Notifications and reporting:
- Slack/Teams notifications for failures
- Status badges and dashboards
- Metrics collection (build time, success rate)
**Sources cited** (accessed 2025-10-26T01:33:56-04:00):
- **GitHub Actions**: https://docs.github.com/en/actions/deployment/targeting-different-environments
- **GitLab CI/CD**: https://docs.gitlab.com/ee/ci/yaml/
- **Jenkins Pipeline**: https://www.jenkins.io/doc/book/pipeline/syntax/
- **Azure DevOps Pipelines**: https://learn.microsoft.com/en-us/azure/devops/pipelines/
---
### Tier 3 (Deep Dive, ≤12k tokens)
**Token budget**: ≤12k tokens
**Scope**: Enterprise-grade pipelines with compliance automation, custom plugins, and advanced orchestration.
**Steps:**
1. **Enterprise compliance integration** (4000 tokens):
- Policy-as-code validation (OPA, Sentinel) in pipeline
- Compliance artifact generation (SBOM, attestations, audit logs)
- Regulatory gate enforcement (SOC2, HIPAA, FedRAMP requirements)
- Signed commits and artifact signing with Cosign/Sigstore
2. **Advanced orchestration** (4000 tokens):
- Cross-pipeline dependencies and triggers
- Dynamic pipeline generation based on repository changes
- Custom plugin/action development for specialized tasks
- Pipeline-as-code templating and reusability patterns
- Multi-repository coordination (monorepo strategies)
3. **Performance and reliability optimization** (4000 tokens):
- Pipeline performance profiling and bottleneck analysis
- Retry logic and failure recovery strategies
- Resource optimization (runner sizing, autoscaling)
- Pipeline observability (metrics, logs, traces)
- Chaos engineering for pipeline resilience testing
**Additional sources** (accessed 2025-10-26T01:33:56-04:00):
- **SLSA Framework**: https://slsa.dev/spec/v1.0/
- **Sigstore**: https://www.sigstore.dev/
- **OWASP CI/CD Security**: https://owasp.org/www-project-top-10-ci-cd-security-risks/
---
## Decision Rules
**Platform selection guidance:**
- **GitHub Actions**: GitHub-hosted projects, generous free tier, extensive marketplace
- **GitLab CI**: GitLab projects, integrated security scanning, robust Kubernetes support
- **Jenkins**: On-premise requirements, maximum flexibility, legacy system integration
- **Azure DevOps**: Microsoft ecosystem, enterprise compliance features
**Stage configuration:**
- **Build**: Always include dependency locking and caching
- **Test**: Fail fast on test failures; generate coverage reports
- **Security**: Block on critical vulnerabilities; allow warnings
- **Deploy**: Require manual approval for production
**Escalation conditions:**
- Custom compliance requirements not covered by standard tools
- Novel platform or unsupported tech stack combination
- Requirements exceed T3 scope (multi-cloud orchestration, custom tooling development)
**Abort conditions:**
- Platform limitations prevent required security controls
- Missing critical information and stakeholder unavailable
- Conflicting requirements (e.g., "zero approval gates" with "manual production approval")
---
## Output Contract
**Required outputs:**
```json
{
"pipeline_config": {
"type": "object",
"properties": {
"platform": "string (github-actions|gitlab-ci|jenkins|azure-devops)",
"file_path": "string (.github/workflows/ci.yml, .gitlab-ci.yml, Jenkinsfile)",
"content": "string (complete pipeline configuration)",
"language": "string (yaml|groovy)"
}
},
"setup_guide": {
"type": "markdown",
"properties": {
"secrets_required": ["array of secret names and descriptions"],
"variables_required": ["array of variable names and defaults"],
"setup_steps": "string (step-by-step setup instructions)"
}
}
}
```
**Quality guarantees:**
- Pipeline configuration is syntactically valid for target platform
- All secrets referenced but never hardcoded
- Required stages (build, test) are present and properly configured
- Caching is enabled for dependencies to improve performance
- Error handling and failure notifications configured
---
## Examples
**Example: GitHub Actions pipeline for Node.js application**
```yaml
# .github/workflows/ci.yml
name: CI Pipeline
on:
push:
branches: [main, develop]
pull_request:
branches: [main]
jobs:
build-and-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
- run: npm ci
- run: npm run lint
- run: npm test -- --coverage
- run: npm run build
security-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
severity: 'CRITICAL,HIGH'
```
---
## Quality Gates
**Token budgets:**
- **T1**: ≤2k tokens (basic single-environment pipeline)
- **T2**: ≤6k tokens (multi-environment with advanced security)
- **T3**: ≤12k tokens (enterprise compliance and orchestration)
**Safety checks:**
- No hardcoded secrets in generated configurations
- All external actions/dependencies pinned to specific versions
- Security scanning stages fail on critical vulnerabilities
- Minimum test coverage threshold enforced
**Auditability:**
- All pipeline runs logged with timestamps and triggering actor
- Approval gates record approver identity
- Generated configurations include inline documentation
**Determinism:**
- Same inputs produce identical pipeline configuration
- Dependency versions locked (package-lock.json, requirements.txt)
- Build environments use versioned base images
---
## Resources
**Official Documentation** (accessed 2025-10-26T01:33:56-04:00):
- GitHub Actions: https://docs.github.com/en/actions
- GitLab CI/CD: https://docs.gitlab.com/ee/ci/
- Jenkins Documentation: https://www.jenkins.io/doc/
- Azure DevOps Pipelines: https://learn.microsoft.com/en-us/azure/devops/pipelines/
**Best Practices** (accessed 2025-10-26T01:33:56-04:00):
- DORA Metrics: https://dora.dev/research/
- CI/CD Security: https://owasp.org/www-project-top-10-ci-cd-security-risks/
- Software Supply Chain: https://slsa.dev/
**Templates** (in repository `/resources/`):
- GitHub Actions templates for Python, Node.js, Go, Java
- GitLab CI templates with security scanning
- Jenkins declarative pipeline examplesRelated Skills
Unit Testing Framework Generator
Generate unit test scaffolding and test suites for Jest, PyTest, Go testing, JUnit, RSpec with mocking, assertions, and coverage configuration
Mobile CI/CD Pipeline Generator
Generate mobile CI/CD pipelines for iOS (Fastlane, TestFlight) and Android (Gradle, Play Store) with code signing, beta distribution, and crash reporting
Kubernetes Manifest Generator
Generate and validate Kubernetes YAML manifests with best practices for Deployments, Services, ConfigMaps, and security policies.
End-to-End Testing Framework Generator
Generate e2e test suites using Playwright, Cypress, or Selenium with page objects, accessibility checks, visual regression, and cross-browser testing
Content & Documentation Generator
Generate technical documentation, API docs, and content with accessibility and SEO optimization.
Infrastructure as Code Template Generator
Generate IaC templates for Terraform, CloudFormation, and Pulumi with modules for compute, storage, networking, and multi-environment support.
Database Migration Script Generator
Generate database migration scripts for Liquibase, Flyway, Alembic with rollback safety, data preservation, and zero-downtime patterns
Data Engineering Pipeline Designer
Design data pipelines with quality checks, orchestration, and governance using modern data stack patterns for robust ELT/ETL workflows.
UX Wireframe Designer
Design user experience wireframes, user flows, and interactive mockups for web and mobile applications using industry-standard notation
TypeScript Tooling Specialist
Generate TypeScript/JavaScript project scaffolding with npm/pnpm/yarn, Jest/Vitest, ESLint/Prettier, and bundling (Vite/Rollup/esbuild).
Python Tooling Specialist
Generate Python project scaffolding with Poetry/pipenv, pytest configuration, type hints (mypy), linting (ruff/black), and packaging (setuptools/flit).
Java Tooling Specialist
Generate Java project scaffolding with Maven/Gradle, JUnit 5, Mockito, Checkstyle/SpotBugs, and packaging (JAR/WAR/native-image).