DevOps & CI/CD Review

A review skill for build pipelines, deployment workflows, and infrastructure configuration.

What it covers

Pipeline design — parallel stages, caching strategies, fail-fast ordering, artifact management
Dependency management — lockfile enforcement, pinned versions, automated vulnerability scanning
Environment parity — dev/staging/production consistency, environment variable management, feature flags
Deployment safety — rolling deploys, health checks, rollback procedures, database migration ordering
Supply chain security — dependency provenance, action pinning (SHA over tags), minimal permissions
Configuration — secrets management, no hardcoded config, twelve-factor app compliance

When to use

Run this when modifying CI/CD workflows, Dockerfiles, deployment scripts, or dependency manifests. Essential during infrastructure migrations or when onboarding new services.

CI/CD & DevOps

Security(4)

Pin Dependency Versions

Architecture(10)

Run lint and tests on every PR and block merge on failure

Build the artifact once and promote it across environments

Run database migrations as a controlled, gated step

Automate CI/CD & DevOps checks on every PR

Use Environment Variables for Config

Store secrets in the CI secret store, never in code or logs

Scan dependencies and images for vulnerabilities in CI

Require green CI before deploy

Keep environments separate and configure via env, not code

Automate deployments and provide a fast rollback

Use reviewed, version-controlled infrastructure-as-code

Make pipelines deterministic and idempotent

Fail the build fast on any error

Cache dependencies and build layers to speed pipelines

DevOps & CI/CD Review

What it covers

When to use