CI/CD Pipeline Generator

Generate platform-specific CI/CD pipeline configurations for GitHub Actions, GitLab CI, Jenkins, and Azure DevOps with build, test, and deploy stages.

Best use case

CI/CD Pipeline Generator is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Generate platform-specific CI/CD pipeline configurations for GitHub Actions, GitLab CI, Jenkins, and Azure DevOps with build, test, and deploy stages.

Teams using CI/CD Pipeline Generator should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/devops-cicd-generator/SKILL.md --create-dirs "https://raw.githubusercontent.com/williamzujkowski/cognitive-toolworks/main/skills/devops-cicd-generator/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/devops-cicd-generator/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How CI/CD Pipeline Generator Compares

Feature / AgentCI/CD Pipeline GeneratorStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Generate platform-specific CI/CD pipeline configurations for GitHub Actions, GitLab CI, Jenkins, and Azure DevOps with build, test, and deploy stages.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

Related Guides

SKILL.md Source

## Purpose & When-To-Use

**Trigger conditions:**

- New project needs CI/CD pipeline from scratch
- Migrating between CI/CD platforms
- Standardizing pipeline configurations across projects
- Adding missing stages (security, testing) to existing pipeline
- Tech stack change requires pipeline updates

**Use this skill when** you need a complete, platform-optimized CI/CD pipeline configuration file with build, test, security, and deploy stages.

---

## Pre-Checks

**Before execution, verify:**

1. **Time normalization**: `NOW_ET = 2025-10-26T01:33:56-04:00` (NIST/time.gov semantics, America/New_York)
2. **Input schema validation**:
   - `platform` is one of: `github-actions`, `gitlab-ci`, `jenkins`, `azure-devops`
   - `tech_stack` contains valid language identifiers
   - `stages` object specifies at minimum: build and test configurations
3. **Source freshness**: All cited sources accessed on `NOW_ET`; verify documentation links current
4. **Platform access**: Confirm target platform is available and licensed

**Abort conditions:**

- Platform is proprietary/undocumented with no public API reference
- Tech stack language not supported by target platform
- Conflicting stage requirements (e.g., parallel and sequential for same stage)

---

## Procedure

### Tier 1 (Fast Path, ≤2k tokens)

**Token budget**: ≤2k tokens

**Scope**: Generate basic CI/CD pipeline for common tech stacks with standard build, test, and deploy stages.

**Steps:**

1. **Analyze inputs and select template** (300 tokens):
   - Determine platform format (YAML for GitHub Actions/GitLab, Groovy for Jenkins, YAML for Azure DevOps)
   - Identify language-specific runners and dependencies
   - Map stages to platform constructs (jobs, stages, steps)

2. **Generate pipeline configuration** (1700 tokens):
   - **Build stage**: Install dependencies, compile/build artifacts
   - **Test stage**: Run unit and integration tests with coverage
   - **Security stage**: SAST scan, dependency vulnerability check
   - **Deploy stage**: Push to registry or deploy to target environment
   - Include dependency caching for performance
   - Add matrix builds for multi-version testing if applicable
   - Output pipeline file with inline comments
   - Generate setup guide with required secrets and variables

**Decision point**: If requirements include multi-environment deployments, advanced security gates, or custom integrations → escalate to T2.

---

### Tier 2 (Extended Analysis, ≤6k tokens)

**Token budget**: ≤6k tokens

**Scope**: Multi-environment pipelines with advanced security, approval gates, and performance optimization.

**Steps:**

1. **Design multi-environment pipeline** (2000 tokens):
   - Configure environment-specific stages (dev, staging, production)
   - Implement promotion gates with manual approvals
   - Add environment-specific variables and secret management
   - Configure conditional execution based on branch patterns
   - **GitHub Actions** (accessed 2025-10-26T01:33:56-04:00): Use environments with protection rules
   - **GitLab CI** (accessed 2025-10-26T01:33:56-04:00): Implement environment-specific jobs with deployment strategies
   - **Jenkins** (accessed 2025-10-26T01:33:56-04:00): Use input steps for approvals and parameters for environments
   - **Azure DevOps** (accessed 2025-10-26T01:33:56-04:00): Configure deployment stages with approval gates

2. **Generate optimized configuration** (4000 tokens):
   - Advanced caching strategies (layer caching, dependency caching, build caching)
   - Parallel job execution for independent stages
   - Security hardening:
     - SAST with SonarQube or Semgrep
     - SCA with Snyk or Dependabot integration
     - Secret scanning with git-secrets or TruffleHog
     - Container image scanning with Trivy
   - Testing integration:
     - Unit, integration, and e2e test suites
     - Code coverage reporting with quality gates (minimum 80%)
     - Performance benchmarking
   - Artifact management:
     - Build artifact storage and versioning
     - Container image tagging strategies
     - Retention policies
   - Notifications and reporting:
     - Slack/Teams notifications for failures
     - Status badges and dashboards
     - Metrics collection (build time, success rate)

**Sources cited** (accessed 2025-10-26T01:33:56-04:00):

- **GitHub Actions**: https://docs.github.com/en/actions/deployment/targeting-different-environments
- **GitLab CI/CD**: https://docs.gitlab.com/ee/ci/yaml/
- **Jenkins Pipeline**: https://www.jenkins.io/doc/book/pipeline/syntax/
- **Azure DevOps Pipelines**: https://learn.microsoft.com/en-us/azure/devops/pipelines/

---

### Tier 3 (Deep Dive, ≤12k tokens)

**Token budget**: ≤12k tokens

**Scope**: Enterprise-grade pipelines with compliance automation, custom plugins, and advanced orchestration.

**Steps:**

1. **Enterprise compliance integration** (4000 tokens):
   - Policy-as-code validation (OPA, Sentinel) in pipeline
   - Compliance artifact generation (SBOM, attestations, audit logs)
   - Regulatory gate enforcement (SOC2, HIPAA, FedRAMP requirements)
   - Signed commits and artifact signing with Cosign/Sigstore

2. **Advanced orchestration** (4000 tokens):
   - Cross-pipeline dependencies and triggers
   - Dynamic pipeline generation based on repository changes
   - Custom plugin/action development for specialized tasks
   - Pipeline-as-code templating and reusability patterns
   - Multi-repository coordination (monorepo strategies)

3. **Performance and reliability optimization** (4000 tokens):
   - Pipeline performance profiling and bottleneck analysis
   - Retry logic and failure recovery strategies
   - Resource optimization (runner sizing, autoscaling)
   - Pipeline observability (metrics, logs, traces)
   - Chaos engineering for pipeline resilience testing

**Additional sources** (accessed 2025-10-26T01:33:56-04:00):

- **SLSA Framework**: https://slsa.dev/spec/v1.0/
- **Sigstore**: https://www.sigstore.dev/
- **OWASP CI/CD Security**: https://owasp.org/www-project-top-10-ci-cd-security-risks/

---

## Decision Rules

**Platform selection guidance:**

- **GitHub Actions**: GitHub-hosted projects, generous free tier, extensive marketplace
- **GitLab CI**: GitLab projects, integrated security scanning, robust Kubernetes support
- **Jenkins**: On-premise requirements, maximum flexibility, legacy system integration
- **Azure DevOps**: Microsoft ecosystem, enterprise compliance features

**Stage configuration:**

- **Build**: Always include dependency locking and caching
- **Test**: Fail fast on test failures; generate coverage reports
- **Security**: Block on critical vulnerabilities; allow warnings
- **Deploy**: Require manual approval for production

**Escalation conditions:**

- Custom compliance requirements not covered by standard tools
- Novel platform or unsupported tech stack combination
- Requirements exceed T3 scope (multi-cloud orchestration, custom tooling development)

**Abort conditions:**

- Platform limitations prevent required security controls
- Missing critical information and stakeholder unavailable
- Conflicting requirements (e.g., "zero approval gates" with "manual production approval")

---

## Output Contract

**Required outputs:**

```json
{
  "pipeline_config": {
    "type": "object",
    "properties": {
      "platform": "string (github-actions|gitlab-ci|jenkins|azure-devops)",
      "file_path": "string (.github/workflows/ci.yml, .gitlab-ci.yml, Jenkinsfile)",
      "content": "string (complete pipeline configuration)",
      "language": "string (yaml|groovy)"
    }
  },
  "setup_guide": {
    "type": "markdown",
    "properties": {
      "secrets_required": ["array of secret names and descriptions"],
      "variables_required": ["array of variable names and defaults"],
      "setup_steps": "string (step-by-step setup instructions)"
    }
  }
}
```

**Quality guarantees:**

- Pipeline configuration is syntactically valid for target platform
- All secrets referenced but never hardcoded
- Required stages (build, test) are present and properly configured
- Caching is enabled for dependencies to improve performance
- Error handling and failure notifications configured

---

## Examples

**Example: GitHub Actions pipeline for Node.js application**

```yaml
# .github/workflows/ci.yml
name: CI Pipeline
on:
  push:
    branches: [main, develop]
  pull_request:
    branches: [main]

jobs:
  build-and-test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: '20'
          cache: 'npm'
      - run: npm ci
      - run: npm run lint
      - run: npm test -- --coverage
      - run: npm run build

  security-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: aquasecurity/trivy-action@master
        with:
          scan-type: 'fs'
          severity: 'CRITICAL,HIGH'
```

---

## Quality Gates

**Token budgets:**

- **T1**: ≤2k tokens (basic single-environment pipeline)
- **T2**: ≤6k tokens (multi-environment with advanced security)
- **T3**: ≤12k tokens (enterprise compliance and orchestration)

**Safety checks:**

- No hardcoded secrets in generated configurations
- All external actions/dependencies pinned to specific versions
- Security scanning stages fail on critical vulnerabilities
- Minimum test coverage threshold enforced

**Auditability:**

- All pipeline runs logged with timestamps and triggering actor
- Approval gates record approver identity
- Generated configurations include inline documentation

**Determinism:**

- Same inputs produce identical pipeline configuration
- Dependency versions locked (package-lock.json, requirements.txt)
- Build environments use versioned base images

---

## Resources

**Official Documentation** (accessed 2025-10-26T01:33:56-04:00):

- GitHub Actions: https://docs.github.com/en/actions
- GitLab CI/CD: https://docs.gitlab.com/ee/ci/
- Jenkins Documentation: https://www.jenkins.io/doc/
- Azure DevOps Pipelines: https://learn.microsoft.com/en-us/azure/devops/pipelines/

**Best Practices** (accessed 2025-10-26T01:33:56-04:00):

- DORA Metrics: https://dora.dev/research/
- CI/CD Security: https://owasp.org/www-project-top-10-ci-cd-security-risks/
- Software Supply Chain: https://slsa.dev/

**Templates** (in repository `/resources/`):

- GitHub Actions templates for Python, Node.js, Go, Java
- GitLab CI templates with security scanning
- Jenkins declarative pipeline examples

Related Skills

Unit Testing Framework Generator

5
from williamzujkowski/cognitive-toolworks

Generate unit test scaffolding and test suites for Jest, PyTest, Go testing, JUnit, RSpec with mocking, assertions, and coverage configuration

Mobile CI/CD Pipeline Generator

5
from williamzujkowski/cognitive-toolworks

Generate mobile CI/CD pipelines for iOS (Fastlane, TestFlight) and Android (Gradle, Play Store) with code signing, beta distribution, and crash reporting

Kubernetes Manifest Generator

5
from williamzujkowski/cognitive-toolworks

Generate and validate Kubernetes YAML manifests with best practices for Deployments, Services, ConfigMaps, and security policies.

End-to-End Testing Framework Generator

5
from williamzujkowski/cognitive-toolworks

Generate e2e test suites using Playwright, Cypress, or Selenium with page objects, accessibility checks, visual regression, and cross-browser testing

Content & Documentation Generator

5
from williamzujkowski/cognitive-toolworks

Generate technical documentation, API docs, and content with accessibility and SEO optimization.

Infrastructure as Code Template Generator

5
from williamzujkowski/cognitive-toolworks

Generate IaC templates for Terraform, CloudFormation, and Pulumi with modules for compute, storage, networking, and multi-environment support.

Database Migration Script Generator

5
from williamzujkowski/cognitive-toolworks

Generate database migration scripts for Liquibase, Flyway, Alembic with rollback safety, data preservation, and zero-downtime patterns

Data Engineering Pipeline Designer

5
from williamzujkowski/cognitive-toolworks

Design data pipelines with quality checks, orchestration, and governance using modern data stack patterns for robust ELT/ETL workflows.

UX Wireframe Designer

5
from williamzujkowski/cognitive-toolworks

Design user experience wireframes, user flows, and interactive mockups for web and mobile applications using industry-standard notation

TypeScript Tooling Specialist

5
from williamzujkowski/cognitive-toolworks

Generate TypeScript/JavaScript project scaffolding with npm/pnpm/yarn, Jest/Vitest, ESLint/Prettier, and bundling (Vite/Rollup/esbuild).

Python Tooling Specialist

5
from williamzujkowski/cognitive-toolworks

Generate Python project scaffolding with Poetry/pipenv, pytest configuration, type hints (mypy), linting (ruff/black), and packaging (setuptools/flit).

Java Tooling Specialist

5
from williamzujkowski/cognitive-toolworks

Generate Java project scaffolding with Maven/Gradle, JUnit 5, Mockito, Checkstyle/SpotBugs, and packaging (JAR/WAR/native-image).