‹ 首页

ci-pipeline-patterns

@vibeeval · 收录于 1 周前 · 上游提交 1 个月前

GitHub Actions workflow templates, matrix builds, caching, and monorepo CI strategies

适合你,如果正在用 GitHub Actions 优化 CI 流程

/ 下载安装
ci-pipeline-patterns.skill双击,或拖进 Claude 桌面版 / Cowork,即完成安装↓ .skill↓ .zip
用别的 agent?下载 .zip 解压,把文件夹放进它的技能目录
Claude Code~/.claude/skills/(项目级 .claude/skills/)
Codex CLI~/.codex/skills/
Cursor自动读取上面两处目录
其他工具见其文档的「skills」目录;两个下载是同一份文件,只是名字不同
/ 通过 npx 安装 校验哈希
npx oh-my-skill add vibeeval/vibecosystem/ci-pipeline-patterns
/ 通过 bash 安装
curl -fsSL https://oh-my-skill.com/install.sh | bash -s -- vibeeval/vibecosystem/ci-pipeline-patterns
/ 已经装过?验证本机副本,不用重装
npx oh-my-skill verify vibeeval/vibecosystem/ci-pipeline-patterns
安装目标可用 --agent / --scope 或 --to 明确指定;省略时只会在唯一已存在的 agent 目录上自动选择,零命中或多命中会停止并提示。content_hash 缺失或不一致均拒装。
515GitHub stars
~549上下文体积 · 单文件
镜像托管

怎么用

技能原文 SKILL.md作者撰写 · MIT · cea9462

CI Pipeline Patterns

GitHub Actions Workflow Template
name: CI
on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  lint-and-type:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with: { node-version: 20, cache: npm }
      - run: npm ci
      - run: npm run lint
      - run: npm run type-check

  test:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        shard: [1, 2, 3, 4]
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with: { node-version: 20, cache: npm }
      - run: npm ci
      - run: npm test -- --shard=${{ matrix.shard }}/4

  build:
    needs: [lint-and-type, test]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with: { node-version: 20, cache: npm }
      - run: npm ci
      - run: npm run build
      - uses: actions/upload-artifact@v4
        with: { name: build, path: dist/ }
Caching Strategies
# npm cache
- uses: actions/cache@v4
  with:
    path: ~/.npm
    key: npm-${{ hashFiles('**/package-lock.json') }}

# Docker layer cache
- uses: docker/build-push-action@v5
  with:
    cache-from: type=gha
    cache-to: type=gha,mode=max

# Turborepo remote cache
- run: npx turbo build --cache-dir=.turbo
Monorepo CI (Affected Only)
# Nx affected
- run: npx nx affected --target=test --base=origin/main

# Turborepo
- run: npx turbo run test --filter=...[origin/main]

# Manual path filter
- uses: dorny/paths-filter@v3
  id: changes
  with:
    filters: |
      api: ['packages/api/**']
      web: ['packages/web/**']
Pipeline Security
# Secret scanning
- uses: trufflesecurity/trufflehog@main
  with: { extra_args: --only-verified }

# Dependency audit
- run: npm audit --audit-level=high

# SAST
- uses: github/codeql-action/analyze@v3
Checklist
  • [ ] Concurrency: cancel-in-progress aktif
  • [ ] Cache: npm/pip/go module cache
  • [ ] Paralel: test shard veya matrix
  • [ ] Security: secret scan + dependency audit
  • [ ] Artifact: build output upload
  • [ ] Branch protection: require status checks
  • [ ] Monorepo: affected-only strategy
  • [ ] Timeout: job timeout belirlenmiş
Anti-Patterns
  • Cache key'de sabit string (hash kullan)
  • Her push'ta tüm testler (affected-only)
  • Secret'ı log'a yazdırma (mask)
  • Single job tüm adımlar (paralelize et)
  • Manual deploy (CD otomatik olmalı)
按 MIT 许可原样转载,未经改动 · 在 GitHub 查看 →

评论

登录即可评论;带「已验证安装」的,是发布者名下有本店的安装或持有记录。