ci-cd
CI/CD Expert
Create, debug, and optimize CI/CD pipelines across platforms.
Platform Selection
| Platform | Best For | Key Strength |
|---|---|---|
| GitHub Actions | GitHub repos, open source | Marketplace, native integration |
| GitLab CI | GitLab repos, self-hosted | Built-in registry, Auto DevOps |
| CircleCI | Complex workflows, speed | Parallelism, orbs |
| Azure DevOps | Microsoft/enterprise | Azure integration, YAML templates |
| Bitbucket | Atlassian stack | Jira integration, pipes |
Key Principles
- Security first: Never expose secrets in logs, use environment-specific secrets
- Reliability: Idempotent steps, deterministic builds, pinned dependency versions
- Efficiency: Cache aggressively, parallelize independent jobs, skip unchanged paths
More from srstomp/pokayokay
architecture-review
Use when auditing project structure, planning refactors, improving code organization, analyzing dependencies and module boundaries, or identifying structural issues. TypeScript/JavaScript-primary with language-agnostic patterns.
299figma-plugin
Use when building Figma plugins, creating design automation tools, implementing sandbox/UI communication, or working with the Figma Plugin API for node manipulation, styles, and components.
79security-audit
Use when reviewing code security, auditing dependencies for CVEs, checking configuration or secret security, assessing authentication and authorization patterns, identifying OWASP vulnerabilities (injection, XSS, CSRF), or addressing security concerns about implementations.
48testing-strategy
Use when designing test architecture, building API test suites, validating API contracts, setting up component or E2E testing, managing test data, debugging flaky tests, reviewing coverage strategy, or organizing test files. Covers test pyramid, mocking (MSW), frontend (React Testing Library, Playwright), and CI integration.
28sdk-development
Use when building TypeScript SDKs, extracting shared code into packages, creating developer tooling libraries, designing clean API surfaces, or publishing to npm (public or private). Covers typed clients, error handling, multi-target bundling (ESM/CJS/browser).
28session-review
Use after completing work sessions to analyze agent behavior patterns, prepare session handoffs for continuity, document completed work, identify blockers, or preserve context for the next session.
27