← Back to Skills Marketplace
charlie-morrison

Environment Promoter

by charlie-morrison · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
45
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install environment-promoter
Description
Manage environment promotions (dev → staging → prod) — compare configs between environments, detect drift, generate promotion plans, validate prerequisites,...
README (SKILL.md)

Environment Promoter

Safely promote deployments and configurations across environments. Detects config drift, validates promotion prerequisites, generates diff reports, and provides rollback plans.

Use when: "promote to staging", "compare environments", "check config drift", "is staging in sync with dev", "deploy to production checklist", "environment diff", or managing multi-environment deployments.

Commands

1. compare — Compare Two Environments

Diff configuration, environment variables, and deployment state between environments.

Environment Variable Comparison

# Compare .env files across environments
ENV_SOURCE="${1:-.env.development}"
ENV_TARGET="${2:-.env.staging}"

if [ ! -f "$ENV_SOURCE" ] || [ ! -f "$ENV_TARGET" ]; then
  echo "Looking for environment files..."
  find . -maxdepth 3 -name ".env*" -not -path '*/node_modules/*' 2>/dev/null | sort
fi

python3 -c "
import sys

def parse_env(path):
    vars = {}
    try:
        for line in open(path):
            line = line.strip()
            if not line or line.startswith('#'): continue
            if '=' in line:
                key, val = line.split('=', 1)
                vars[key.strip()] = val.strip().strip('\"').strip(\"'\")
    except FileNotFoundError:
        print(f'File not found: {path}')
    return vars

source = parse_env('$ENV_SOURCE')
target = parse_env('$ENV_TARGET')

all_keys = sorted(set(source.keys()) | set(target.keys()))

added = [k for k in all_keys if k in source and k not in target]
removed = [k for k in all_keys if k not in source and k in target]
changed = [k for k in all_keys if k in source and k in target and source[k] != target[k]]
same = [k for k in all_keys if k in source and k in target and source[k] == target[k]]

# Mask sensitive values
def mask(val):
    sensitive = ['KEY', 'SECRET', 'TOKEN', 'PASSWORD', 'PASS', 'AUTH', 'CREDENTIAL']
    if any(s in val.upper() for s in sensitive) and len(val) > 4:
        return val[:2] + '***' + val[-2:]
    return val

print(f'Comparing: $ENV_SOURCE → $ENV_TARGET')
print(f'Total keys: {len(all_keys)} | Same: {len(same)} | Changed: {len(changed)} | Added: {len(added)} | Missing in target: {len(removed)}')
print()

if added:
    print('🟢 In source, missing in target (need to add):')
    for k in added:
        print(f'  + {k}={mask(source[k])}')
    print()

if removed:
    print('🔴 In target, missing in source (may need removal):')
    for k in removed:
        print(f'  - {k}={mask(target[k])}')
    print()

if changed:
    print('🟡 Different values:')
    for k in changed:
        print(f'  ~ {k}:')
        print(f'    source: {mask(source[k])}')
        print(f'    target: {mask(target[k])}')
" 2>/dev/null

Deployment Config Comparison

# Compare Kubernetes manifests
if [ -d "k8s" ] || [ -d "kubernetes" ] || [ -d "deploy" ]; then
  DEPLOY_DIR=$(ls -d k8s kubernetes deploy 2>/dev/null | head -1)
  echo "=== Kubernetes Config Diff ==="

  for env in dev staging prod production; do
    if [ -d "$DEPLOY_DIR/$env" ] || [ -d "$DEPLOY_DIR/overlays/$env" ]; then
      echo "Found environment: $env"
    fi
  done

  # Compare image versions
  rg -n "image:" "$DEPLOY_DIR/" 2>/dev/null | sort
fi

# Compare docker-compose files
for env in development staging production; do
  if [ -f "docker-compose.$env.yml" ] || [ -f "docker-compose.$env.yaml" ]; then
    echo "Found: docker-compose.$env.yml"
  fi
done

# Compare Terraform workspaces
if [ -d "terraform" ] || [ -f "main.tf" ]; then
  echo "=== Terraform Environments ==="
  find . -name "*.tfvars" -not -path '*/\.terraform/*' 2>/dev/null | sort
fi

2. drift — Detect Configuration Drift

Check if environments have diverged from their expected state.

echo "=== Drift Detection ==="

# Compare container image versions across environments
echo "--- Image Versions ---"
for env_file in $(find . -name "*.yml" -o -name "*.yaml" | grep -E "(dev|stag|prod|deploy)" | grep -v node_modules); do
  IMAGES=$(grep -oP 'image:\s*\K\S+' "$env_file" 2>/dev/null)
  if [ -n "$IMAGES" ]; then
    echo "$env_file:"
    echo "$IMAGES" | while read img; do echo "  $img"; done
  fi
done

# Compare replicas/resources across environments
echo "--- Resource Drift ---"
for env_file in $(find . -name "*.yml" -o -name "*.yaml" | grep -E "(dev|stag|prod|deploy)" | grep -v node_modules); do
  REPLICAS=$(grep -oP 'replicas:\s*\K\d+' "$env_file" 2>/dev/null)
  if [ -n "$REPLICAS" ]; then
    echo "$env_file: replicas=$REPLICAS"
  fi
done

# Check git tags — what version is deployed where
echo "--- Deployed Versions ---"
git tag -l "staging-*" 2>/dev/null | sort -V | tail -3
git tag -l "production-*" 2>/dev/null | sort -V | tail -3

Analyze drift with AI reasoning: which differences are intentional (environment-specific settings) vs accidental (forgot to promote a config change).

3. plan — Generate Promotion Plan

Create a step-by-step plan to promote from source to target environment.

# Promotion Plan: staging → production
Generated: [date]

## Prerequisites
- [ ] All tests pass on staging
- [ ] QA sign-off received
- [ ] No open P0/P1 bugs
- [ ] Database migrations compatible
- [ ] Feature flags configured
- [ ] Rollback plan documented

## Changes to Promote
1. **Config changes** (3 vars):
   - Add: NEW_FEATURE_ENABLED=true
   - Update: API_RATE_LIMIT 100→200
   - Update: LOG_LEVEL debug→info

2. **Image version**: v1.4.2 → v1.5.0

3. **Infrastructure changes**:
   - Replicas: 2 → 3
   - Memory limit: 512Mi → 1Gi

## Promotion Steps
1. Create database backup
2. Run database migrations (if any)
3. Update environment variables
4. Deploy new image version
5. Verify health check endpoints
6. Monitor error rates for 15 minutes
7. If OK → mark promotion complete
8. If errors → execute rollback plan

## Rollback Plan
1. Revert image to v1.4.2
2. Revert environment variables
3. Verify rollback health

4. validate — Pre-Promotion Validation

Check if the target environment is ready to receive a promotion.

echo "=== Pre-Promotion Validation ==="

# Check if source environment is healthy
echo "--- Source Health ---"
# Ping health endpoints from env config
rg -o "https?://[a-zA-Z0-9._:/-]+" .env.staging 2>/dev/null | while read url; do
  if echo "$url" | grep -qE "(health|status|ready)"; then
    STATUS=$(curl -s -o /dev/null -w "%{http_code}" --connect-timeout 5 "$url" 2>/dev/null)
    echo "$url → $STATUS"
  fi
done

# Check for pending migrations
echo "--- Migrations ---"
find . -path "*/migrations/*" -name "*.sql" -newer .last-promotion 2>/dev/null | head -10
find . -path "*/migrations/*" -name "*.py" -newer .last-promotion 2>/dev/null | head -10

# Check for feature flag dependencies
echo "--- Feature Flags ---"
rg -n "feature_flag\|featureFlag\|FEATURE_\|isEnabled\|isFeatureOn" \
  -g '!node_modules' -g '!vendor' -g '!dist' -g '!*.test.*' \
  --type-not binary 2>/dev/null | head -15

# Check git state
echo "--- Git State ---"
BRANCH=$(git branch --show-current 2>/dev/null)
echo "Current branch: $BRANCH"
UNCOMMITTED=$(git status --porcelain 2>/dev/null | wc -l)
echo "Uncommitted changes: $UNCOMMITTED"

5. history — Promotion History

Track promotions over time:

# Git tags as promotion markers
echo "=== Promotion History ==="
for env in staging production; do
  echo "--- $env ---"
  git tag -l "${env}-*" --sort=-version:refname 2>/dev/null | head -10 | while read tag; do
    DATE=$(git log -1 --format="%ai" "$tag" 2>/dev/null)
    MSG=$(git log -1 --format="%s" "$tag" 2>/dev/null)
    echo "  $tag ($DATE) — $MSG"
  done
done

# Recent deploys from CI
if command -v gh &>/dev/null; then
  echo "--- GitHub Deployments ---"
  gh api repos/:owner/:repo/deployments --jq '.[0:5] | .[] | "\(.environment) — \(.created_at) — \(.description // "no description")"' 2>/dev/null
fi

6. matrix — Environment Matrix

Show all environments and their current state:

| Environment | Version | Last Deploy | Status | Config Vars |
|------------|---------|-------------|--------|-------------|
| development | v1.5.1-dev | 2h ago | ✅ healthy | 42 vars |
| staging | v1.5.0 | 2d ago | ✅ healthy | 38 vars |
| production | v1.4.2 | 5d ago | ✅ healthy | 35 vars |

Detect environments from:

  • .env.* files
  • docker-compose.*.yml files
  • k8s/overlays/*/ or deploy/*/ directories
  • Terraform workspace/tfvars files
  • Git tags with environment prefixes
  • CI/CD environment configurations

Output Formats

  • text (default): Human-readable diff with color indicators
  • json: {source, target, added: [], removed: [], changed: [], drift: [], plan: {}}
  • markdown: Report suitable for PR comments or wiki

Notes

  • Masks sensitive values (passwords, tokens, keys) in all output
  • Does not execute deployments — generates plans for human review
  • Works with any deployment tool (K8s, Docker, Terraform, Heroku, etc.)
  • Environment detection is convention-based — adapts to common patterns
  • For automated promotions, use the plan output as input to your deployment tool
  • Promotion history relies on git tags — tag your deployments for best results
Usage Guidance
This skill appears to do what it claims (compare envs, detect drift, plan promotions), but it will search your repository and read .env and config files — potentially printing secret values. Before using it: (1) review and, if needed, fix the masking logic (mask by key name and never print raw secret values), (2) run it only on sanitized copies of repos that do not contain live secrets, (3) ensure required CLI tools (python3, git, ripgrep 'rg') are available or update scripts to degrade gracefully, and (4) avoid granting the agent autonomous access to production checkouts or secrets until you validate its output and behavior. If you want, I can suggest safer edits to the SKILL.md to reduce secret exposure (e.g., change mask logic, stop printing values, or report only key names and differences).
Capability Analysis
Type: OpenClaw Skill Name: environment-promoter Version: 1.0.0 The environment-promoter skill is a legitimate DevOps utility designed to compare configurations and manage deployment workflows across environments. It includes security-conscious features such as a Python-based masking function to redact sensitive keys (e.g., SECRET, TOKEN) during environment variable comparisons in SKILL.md. The use of standard tools like git, ripgrep, and curl for health checks is consistent with its stated purpose, and there is no evidence of data exfiltration, obfuscation, or malicious intent.
Capability Assessment
Purpose & Capability
Name/description (compare envs, detect drift, plan promotions) aligns with the commands in SKILL.md: it scans .env files, k8s/manifests, docker-compose, Terraform, and git tags — all reasonable for an environment promotion tool.
Instruction Scope
The instructions tell the agent to search the repository and read/print .env files and config manifests. That is within scope, but the provided scripts print actual values and rely on an inline Python mask function that only inspects values (not key names) for sensitive substrings — so secrets in common .env keys are likely to be exposed. The scripts also call utilities (rg, python3, git) without declaring them, and use broad find/grep across the workspace.
Install Mechanism
No install spec and no code files are included (instruction-only). This minimizes installation risk because nothing is downloaded or written by the skill itself.
Credentials
The skill requests no credentials but the runtime instructions access repository files and environment variable files that commonly contain secrets (API keys, DB passwords). Not requesting credentials is coherent, but the behavior of reading and printing those files is high-risk and disproportionate unless the user explicitly runs it on sanitized or non-sensitive checkouts.
Persistence & Privilege
always:false and no installs or system-wide config changes are requested. The skill does not request persistent presence or modify other skills; autonomous invocation is allowed (platform default) but not combined with other privilege escalations here.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install environment-promoter
  3. After installation, invoke the skill by name or use /environment-promoter
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of environment-promoter. - Compare configs, environment variables, and deployment state across environments to detect differences. - Detect configuration drift to highlight unintentional discrepancies. - Generate detailed promotion plans with prerequisites, step-by-step instructions, and rollback procedures. - Validate promotion prerequisites, including environment health, migrations, feature flags, and git state. - Track and display promotion history using git tags and CI deploy data.
Metadata
Slug environment-promoter
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Environment Promoter?

Manage environment promotions (dev → staging → prod) — compare configs between environments, detect drift, generate promotion plans, validate prerequisites,... It is an AI Agent Skill for Claude Code / OpenClaw, with 45 downloads so far.

How do I install Environment Promoter?

Run "/install environment-promoter" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Environment Promoter free?

Yes, Environment Promoter is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Environment Promoter support?

Environment Promoter is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Environment Promoter?

It is built and maintained by charlie-morrison (@charlie-morrison); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments