← 返回 Skills 市场
1947
总下载
3
收藏
18
当前安装
1
版本数
在 OpenClaw 中安装
/install ci-cd
功能描述
Automate builds, tests, and deployments across web, mobile, and backend applications.
使用说明 (SKILL.md)
When to Use
Trigger on: automated deployment, continuous integration, pipeline setup, GitHub Actions, GitLab CI, build failing, deploy automatically, CI configuration, release automation.
Platform Selection
| Stack | Recommended | Why |
|---|---|---|
| Web (Next.js, Nuxt, static) | Vercel, Netlify | Zero-config, auto-deploys, preview URLs |
| Mobile (iOS/Android/Flutter) | Codemagic, Bitrise + Fastlane | Pre-configured signing, app store upload |
| Backend/Docker | GitHub Actions, GitLab CI | Full control, self-hosted runners option |
| Monorepo | Nx/Turborepo + GHA | Affected detection, build caching |
Decision tree: If platform handles deploy automatically (Vercel, Netlify) → skip custom CI. Only add GitHub Actions when you need tests, custom builds, or deploy to your own infra.
Quick Start Templates
For copy-paste workflows, see templates.md.
Common Pipeline Pitfalls
| Mistake | Impact | Fix |
|---|---|---|
Using latest image tags |
Builds break randomly | Pin versions: node:20.11.0 |
| Not caching dependencies | +5-10 min per build | Cache node_modules, .next/cache |
| Secrets in workflow files | Leaked in logs/PRs | Use platform secrets, OIDC for cloud |
Missing timeout-minutes |
Stuck jobs burn budget | Always set: timeout-minutes: 15 |
No concurrency control |
Redundant runs on rapid pushes | Group by branch/PR |
| Building on every push | Wasted resources | Build on push to main, test on PRs |
Mobile-Specific: Code Signing
The #1 pain point. iOS requires certificates + provisioning profiles. Android requires keystores.
The fix: Use Fastlane Match — stores certs/profiles in git repo, syncs across team and CI.
# One-time setup
fastlane match init
fastlane match appstore
# In CI
fastlane match appstore --readonly
For detailed mobile CI/CD patterns (iOS, Android, Flutter), see mobile.md.
Web-Specific: Build Caching
Next.js/Nuxt builds are slow without cache. The No Cache Detected warning = full rebuild.
# GitHub Actions: persist Next.js cache
- uses: actions/cache@v4
with:
path: .next/cache
key: nextjs-${{ hashFiles('**/package-lock.json') }}
For framework-specific configs, see web.md.
Debugging Failed Builds
| Error Pattern | Likely Cause | Check |
|---|---|---|
| Works locally, fails in CI | Environment drift | Node version, env vars, OS |
| Intermittent failures | Flaky tests, resource limits | Retry logic, increase timeout |
ENOENT / file not found |
Build order, missing artifact | Check needs: dependencies |
| Exit code 137 | Out of memory | Use larger runner or optimize |
| Certificate/signing errors | Expired or mismatched creds | Regenerate with Match/Fastlane |
What This Doesn't Cover
- Container orchestration (Kubernetes) → see
k8sskill - Server configuration → see
serverskill - Monitoring and observability → see
monitoringskill
安全使用建议
This skill is a coherent CI/CD guide and contains useful templates, but it references many secrets and sensitive actions (mobile code-signing, decoding keystores, SSH deploy keys, registry tokens) while the registry metadata declares no required env vars. Before installing or using it: (1) review every template and workflow it suggests and only copy what you understand; (2) never paste real credentials into example files — use your CI platform's secret store or short-lived OIDC tokens; (3) avoid storing private keys/certificates in plain git unless you understand Fastlane Match's encryption and access controls; (4) because the skill owner is unknown, treat these templates as untrusted third-party guidance and audit any generated workflows for accidental secret leakage or overly broad access (e.g., ensure deploy jobs only run on protected branches); (5) if you need the agent to apply templates automatically, restrict which secrets it can access and consider running in a least-privilege CI environment. If you want a cleaner security posture, ask the skill author to declare required env vars in metadata and to provide guidance for secure secret handling (OIDC, ephemeral tokens) rather than base64-decoding or embedding keys.
功能分析
Type: OpenClaw Skill
Name: ci-cd
Version: 1.0.0
The OpenClaw AgentSkills skill bundle for CI-CD provides documentation and templates for common continuous integration and deployment tasks. It demonstrates standard practices for handling sensitive data like code signing credentials and SSH keys using platform-specific secret management (e.g., GitHub Secrets). While actions such as deploying via SSH/SCP and decoding base64-encoded keystores involve powerful capabilities, they are directly aligned with the stated purpose of automating builds and deployments and do not exhibit any indicators of intentional malicious behavior, data exfiltration, persistence, or prompt injection against the agent. All commands and configurations are standard and transparent.
能力评估
Purpose & Capability
Name and description (CI/CD automation) match the content: workflow templates, mobile signing, build caching, and deployment patterns are all relevant to CI/CD tasks.
Instruction Scope
The runtime docs instruct use of many CI secrets and file operations (e.g., MATCH_PASSWORD, MATCH_GIT_AUTH, KEYSTORE_BASE64 decoding, KEYSTORE_PASSWORD, SSH_KEY, GITHUB_TOKEN) and recommend storing code signing artifacts in a git-backed Fastlane Match repo. The skill files instruct reading and injecting secrets into CI jobs and decoding/uploading private keys — actions that go beyond simple templating and involve handling sensitive credentials.
Install Mechanism
Instruction-only skill with no install spec and no code files. No downloads or archive extraction are present, which keeps disk-write and remote-install risk low.
Credentials
Registry metadata lists no required environment variables, but the SKILL.md and included templates explicitly reference many secrets and env vars needed for real-world use (match secrets, keystore secrets, SSH credentials, Docker/GHCR auth). The skill therefore under-declares its credential needs, creating a transparency gap about what will be required/used.
Persistence & Privilege
Skill is not always-enabled, has no install steps that modify agent config, and doesn't request persistence or system-wide changes. Autonomous invocation is allowed by default (normal) but not combined here with other elevated privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install ci-cd - 安装完成后,直接呼叫该 Skill 的名称或使用
/ci-cd触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release
元数据
常见问题
CI-CD 是什么?
Automate builds, tests, and deployments across web, mobile, and backend applications. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1947 次。
如何安装 CI-CD?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install ci-cd」即可一键安装,无需额外配置。
CI-CD 是免费的吗?
是的,CI-CD 完全免费(开源免费),可自由下载、安装和使用。
CI-CD 支持哪些平台?
CI-CD 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 CI-CD?
由 Iván(@ivangdavila)开发并维护,当前版本 v1.0.0。
推荐 Skills