← 返回 Skills 市场
242
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install cicd-workflow
功能描述
Provides CI/CD pipeline templates and interactive setup for Java + Vue projects with GitLab CI or Jenkins, supporting linting, testing, building, Dockerizing...
使用说明 (SKILL.md)
CI/CD Workflow Skill
Complete CI/CD pipeline templates for Java + Vue full-stack projects, supporting GitLab CI and Jenkins with Kubernetes deployment.
Interactive Configuration (NEW)
This skill supports interactive step-by-step configuration with numbered options.
Configuration Flow
1. Choose Platform (GitLab CI / Jenkins)
↓
2. Choose Project Type (Java / Vue / Java+Vue)
↓
3. Choose Deployment Target (K8s / Docker / SSH)
↓
4. Choose Trigger Method (Manual / Auto / Scheduled)
↓
5. Choose Pipeline Steps (Multi-select)
↓
6. Generate Configuration
Step 1: Platform
| # | Platform | Config File |
|---|---|---|
| 1 | GitLab CI | .gitlab-ci.yml |
| 2 | Jenkins | Jenkinsfile |
Step 2: Project Type
| # | Type | Description |
|---|---|---|
| 1 | Java Backend | Spring Boot project only |
| 2 | Vue Frontend | Vue.js project only |
| 3 | Java + Vue Fullstack | Both backend and frontend |
Step 3: Deployment Target
| # | Target | Description |
|---|---|---|
| 1 | Kubernetes | Deploy to K8s cluster with kubectl |
| 2 | Docker Server | Deploy to Docker host |
| 3 | Traditional Server (SSH) | Deploy via SSH to remote server |
Step 4: Trigger Method
| # | Method | Description |
|---|---|---|
| 1 | Manual | Trigger by "Build Now" button |
| 2 | Push Auto | Trigger on every push |
| 3 | Scheduled | Trigger by cron schedule |
Step 5: Pipeline Steps (Multi-select)
| # | Step | Description |
|---|---|---|
| 1 | Lint | Code quality checks |
| 2 | Test | Unit tests with coverage |
| 3 | Build | Compile and package |
| 4 | Dockerize | Build and push Docker images |
| 5 | Deploy | Deploy to target environment |
| 6 | Notify | Send notifications |
Input Format
Complete in one line:
Platform,Project,Target,Trigger,Steps
Examples:
1,3,1,1,123456= GitLab CI + Java/Vue + K8s + Manual + All steps2,1,3,1,12356= Jenkins + Java + SSH + Manual + No Docker1,2,1,2,123456= GitLab CI + Vue + K8s + Auto trigger + All steps
Or step by step: Reply with one number at a time, the skill will guide you through each step.
Generated Output
When generating CI/CD configuration, this skill produces a complete package including:
For Jenkins
cicd-output/
├── Jenkinsfile.txt # Pipeline configuration (rename to Jenkinsfile when using)
├── setup-guide.md # Complete setup instructions
├── systemd/
│ └── [app-name].service # systemd service file (for SSH deployment)
└── README.md # Quick reference
For GitLab CI
cicd-output/
├── .gitlab-ci.yml.txt # Pipeline configuration (rename to .gitlab-ci.yml when using)
├── setup-guide.md # Complete setup instructions
├── docker-compose.yml # Local development setup
└── README.md # Quick reference
Setup Guide Contents
The automatically generated setup-guide.md includes:
1. Prerequisites
- Required Jenkins/GitLab version
- Required plugins and extensions
- Server/environment requirements
2. Credential Configuration
- Detailed list of required credentials
- Step-by-step credential creation guide
- Security best practices
3. Platform-Specific Setup
- Jenkins: Pipeline job creation, plugin installation
- GitLab CI: Runner setup, variable configuration
4. Deployment Target Setup
- Kubernetes: Cluster access, namespace setup
- Docker: Registry configuration, daemon setup
- SSH: User creation, key exchange, systemd service
5. Troubleshooting
- Common errors and solutions
- Debug tips and log locations
- Verification steps
6. Customization Guide
- How to modify environment variables
- How to add custom stages
- How to adjust resource limits
Pipeline Stages
- Prepare - 环境检查和初始化
- Lint - 代码质量检查 (SpotBugs, PMD, Checkstyle for Java; ESLint, Prettier for Vue)
- Test - 单元测试与覆盖率报告
- Build - 编译打包,同时进行静态资源安全扫描
- Security Scan - Trivy 镜像安全扫描(可选)
- Dockerize - 构建并推送 Docker 镜像
- Deploy - 部署到 Kubernetes 集群
- Notify - 发送部署状态通知
Supported Platforms
- GitLab CI (
.gitlab-ci.yml) - Jenkins (
Jenkinsfile)
Quick Start
GitLab CI
- Copy
assets/gitlab-ci.yml.txtto your project root as.gitlab-ci.yml - Update variables in the file:
DOCKER_REGISTRY- Your Docker registry URLDOCKER_NAMESPACE- Your registry namespaceK8S_NAMESPACE- Kubernetes namespace
- Configure CI/CD variables in GitLab:
CI_REGISTRY_USER/CI_REGISTRY_PASSWORD- Docker registry credentialsKUBE_CONFIG- Base64 encoded kubeconfigWEBHOOK_URL- Notification webhook URL
- Push to trigger pipeline (manual trigger for dockerize and deploy stages)
Jenkins
- Copy
assets/Jenkinsfile.txtto your project root asJenkinsfile - Install recommended plugins:
- Pipeline
- Docker Pipeline
- Kubernetes CLI
- JUnit (for test results)
- JaCoCo (optional, for coverage)
- HTTP Request (for notifications)
- Create Jenkins credentials:
docker-registry-credentials- Docker registry login (username/password)kubeconfig- Kubernetes config file (secret file)webhook-url- Notification webhook URL (secret text)
- Create a new Pipeline job pointing to your repository
- Run manually via "Build Now"
Jenkinsfile Features:
- ✅ Conditional builds based on file changes (
when { changeset }) - ✅ Static resource security scan during build
- ✅ Graceful handling of missing plugins
- ✅ Resource limits for Docker agents
- ✅ Multi-environment deployment support
- ✅ Rich notification cards for Feishu/DingTalk
Project Structure
project-root/
├── backend/ # Java Spring Boot project
│ ├── src/
│ ├── pom.xml
│ └── Dockerfile # Copy from assets/Dockerfile.java.txt
├── frontend/ # Vue.js project
│ ├── src/
│ ├── package.json
│ └── Dockerfile # Copy from assets/Dockerfile.vue.txt
├── .gitlab-ci.yml # Copy from assets/.gitlab-ci.yml.txt
├── Jenkinsfile # Copy from assets/Jenkinsfile.txt
└── k8s/
└── deployment.yml # Kubernetes manifests (from assets/)
Assets Reference
Dockerfiles
assets/Dockerfile.java.txt- Java backend Docker image (multi-stage, Alpine-based)assets/Dockerfile.vue.txt- Vue frontend Docker image (multi-stage, Nginx-based)
Note: Rename .txt files to remove the extension when using in your project.
Dockerfile.java.txt→DockerfileDockerfile.vue.txt→Dockerfile
Security Features
1. Static Resource Security (Vue Projects)
自动排除的文件类型:
.vue- Vue 单文件组件源码*.config.js/ts/mjs/cjs/json- 各种配置文件vite.config.*- Vite 配置webpack.config.*- Webpack 配置babel.config.*- Babel 配置tailwind.config.*- Tailwind 配置postcss.config.*- PostCSS 配置eslint.config.*/.eslintrc.*- ESLint 配置.prettierrc.*- Prettier 配置*.map- Source map 文件
防护层级:
| 层级 | 位置 | 机制 |
|---|---|---|
| 构建时 | Dockerfile | find 命令删除上述文件 |
| 运行时 | Nginx | location 规则返回 404 |
| CI/CD | Jenkinsfile | 构建阶段扫描并删除 |
2. Nginx Security Configuration
# 拒绝访问源码文件
location ~* \.vue$ { return 404; }
# 拒绝访问配置文件
location ~* (config|vite|webpack|babel|tailwind|postcss|eslint|prettier)\.config\.(js|ts|mjs|cjs|json)$ {
return 404;
}
# 拒绝访问 source map
location ~* \.map$ { return 404; }
Kubernetes
assets/k8s-deployment.yml- Complete K8s manifests including:- Deployments with health checks
- Services (ClusterIP)
- Ingress with TLS
- HorizontalPodAutoscaler (HPA)
Nginx Config
assets/nginx.conf.txt- Optimized Nginx configuration for Vue SPA with:- Gzip compression
- Static asset caching
- API proxy to backend
- Health check endpoint
- Security rules (blocks .vue, config files, source maps)
Note: Copy and rename to nginx.conf when using.
Scripts
Notification Script
scripts/notify.sh - Send deployment notifications to:
- 飞书 (Feishu)
- 钉钉 (DingTalk)
- Slack
- 企业微信 (WeChat Work)
Usage:
export WEBHOOK_TYPE=feishu
export WEBHOOK_URL=https://open.feishu.cn/...
export PROJECT_NAME=my-app
export VERSION=1.0.0
./scripts/notify.sh success
Customization Guide
1. Adjust Resource Limits
Edit assets/k8s-deployment.yml:
resources:
requests:
memory: "512Mi" # Adjust based on your app
cpu: "250m"
limits:
memory: "1Gi"
cpu: "1000m"
2. Change Trigger Strategy
GitLab CI - Remove when: manual to auto-trigger:
dockerize-java:
# ...
# when: manual # Remove or comment this line
Jenkins - Add SCM polling:
triggers {
pollSCM('H/5 * * * *') // Check every 5 minutes
}
3. Add Environment Stages
Add staging deployment between build and production:
GitLab CI:
stages:
- lint
- test
- build
- dockerize
- deploy-staging # Add this
- deploy-production # Rename from deploy
- notify
deploy-staging:
stage: deploy-staging
script:
- kubectl set image ... -n staging
environment:
name: staging
when: manual
4. Custom Quality Gates
Add SonarQube analysis:
sonarqube:
stage: test
image: sonarsource/sonar-scanner-cli
script:
- sonar-scanner
-Dsonar.projectKey=$CI_PROJECT_NAME
-Dsonar.sources=.
-Dsonar.host.url=$SONAR_URL
-Dsonar.login=$SONAR_TOKEN
5. Multi-Environment Support
Use GitLab environments or Jenkins branches:
GitLab:
deploy:
script:
- |
if [ "$CI_COMMIT_REF_NAME" == "main" ]; then
kubectl set image ... -n production
else
kubectl set image ... -n staging
fi
Troubleshooting
Static Resource Security Violation
Error: Build fails with "Security violation found: *.vue files in dist"
Cause: Vue build configuration may be including source files
Solution:
- Check
vite.config.js/vue.config.jsfor incorrectpublicDirorassetsInclude - Verify
.gitignoreexcludes source files from build - Manual fix in Dockerfile already handles cleanup:
RUN find /usr/share/nginx/html -type f \
-name "*.vue" -o \
-name "*.config.js" \
-delete
Jenkins Plugin Not Found
Error: No such DSL method 'publishTestResults'
Solution:
- Jenkinsfile now uses standard
junitplugin instead of custom publishers - Install JUnit Plugin from Jenkins plugin manager
- Or disable test publishing by removing the
post { always { junit ... } }blocks
Docker Build Context Issues
Error: unable to prepare context: unable to evaluate symlinks
Solution:
// Use explicit build context
Dockerfile: "-f backend/Dockerfile backend/"
// Not: "-f backend/Dockerfile ."
Kubectl Commands Fail
- Verify
KUBE_CONFIGis base64 encoded correctly - Check cluster name matches the context in kubeconfig
- Ensure service account has deployment permissions
Image Pull Errors
- Verify image tags are pushed correctly
- Check image pull secrets if using private registry
- Verify pod has
imagePullPolicy: Alwaysfor latest tags
Rollout Hangs
- Check pod events:
kubectl describe pod \x3Cpod-name> - Verify resource limits are not too low
- Check application logs:
kubectl logs \x3Cpod-name>
Security Best Practices
- Never commit credentials - Always use CI/CD variables
- Use specific image tags - Avoid
:latestin production - Enable RBAC - Limit service account permissions
- Scan images - Add Trivy or Clair vulnerability scanning
- Network policies - Restrict pod-to-pod communication
- Resource quotas - Set namespace limits
References
安全使用建议
This skill appears to do what it says — generate CI/CD configs and docs for Java+Vue projects. Before installing/using it: (1) review the provided Jenkinsfile/.gitlab-ci.yml and scripts to ensure they match your security policies, (2) never paste live kubeconfig, registry passwords, or private keys into a public repo — store them as CI credentials or secret files, (3) vet any WEBHOOK_URLs you configure (notify.sh will POST build details to them), (4) test in a non-production environment first (staging) and review the scripts locally, and (5) if you need more assurance, inspect the full Jenkinsfile and pipeline steps for any commands you don't expect before running pipelines in CI.
功能分析
Type: OpenClaw Skill
Name: cicd-workflow
Version: 1.0.0
The skill bundle provides a comprehensive and security-conscious CI/CD workflow for Java and Vue projects. It includes templates for GitLab CI and Jenkins, along with helper scripts for notifications and setup guides. Notably, it implements proactive security measures such as 'Static Resource Security' in `assets/Dockerfile.vue.txt` and `assets/nginx.conf.txt`, which explicitly delete and block access to source files (.vue), source maps, and configuration files in production environments to prevent source code leakage. No indicators of data exfiltration, backdoors, or malicious prompt injection were found.
能力评估
Purpose & Capability
Name and description describe GitLab/Jenkins CI/CD templates for Java+Vue; included assets (Jenkinsfile, .gitlab-ci.yml, Dockerfiles, k8s manifests) and helper scripts directly support that purpose. The files and instructions are proportionate to the stated functionality.
Instruction Scope
SKILL.md guides interactive generation of pipeline configs and instructs how to configure CI variables and credentials (kubeconfig, docker registry credentials, webhook URL). These steps are expected for a CI/CD skill but involve handling sensitive data; the instructions do not attempt to read unrelated host files or exfiltrate data, but they do tell CI jobs to decode and write kubeconfig and to POST to user-supplied WEBHOOK_URLs.
Install Mechanism
No install spec is present (instruction-only + included static assets and two helper scripts). No network downloads or extract/execute steps are embedded in an installer; risk from installation is low. The two scripts are plain and used for documentation generation and webhook notifications.
Credentials
The skill itself declares no required env vars, which is coherent for an instruction-only skill, but the provided CI templates and scripts expect many sensitive CI variables (KUBE_CONFIG / kubeconfig, CI_REGISTRY_USER/CI_REGISTRY_PASSWORD, WEBHOOK_URL, Docker credentials, Jenkins credential IDs). Those variables are appropriate for CI/CD use but are sensitive — users must not paste real secrets into untrusted places and should provision credentials in the CI system (not embed them in public repos).
Persistence & Privilege
Skill metadata does not request always:true and contains no install-time actions that modify other skills or platform-wide settings. Autonomous invocation is allowed by default (normal) but the skill does not request elevated platform privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install cicd-workflow - 安装完成后,直接呼叫该 Skill 的名称或使用
/cicd-workflow触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
输入“CICD工作流”触发技能,按需要选择完成CICD工作流配置。平台支持gitLab、jenkins ; 项目类型支持java、vue、java+vue ;部署环境k8s、docker、SSH服务;触发方式:手动、push自动、定时;流线步骤:代码检查、单元测试、构建、docker、部署、通知。
元数据
常见问题
CICD工作流程技能 是什么?
Provides CI/CD pipeline templates and interactive setup for Java + Vue projects with GitLab CI or Jenkins, supporting linting, testing, building, Dockerizing... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 242 次。
如何安装 CICD工作流程技能?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install cicd-workflow」即可一键安装,无需额外配置。
CICD工作流程技能 是免费的吗?
是的,CICD工作流程技能 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
CICD工作流程技能 支持哪些平台?
CICD工作流程技能 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 CICD工作流程技能?
由 小明(@smallest-ming)开发并维护,当前版本 v1.0.0。
推荐 Skills