From palantir-pack
Deploys Palantir Foundry apps to GCP Cloud Run, AWS Lambda, or Docker with secrets management, health checks, and production configs.
npx claudepluginhub jeremylongshore/claude-code-plugins-plus-skills --plugin palantir-packThis skill is limited to using the following tools:
Deploy Foundry-integrated applications to cloud platforms (GCP Cloud Run, AWS Lambda, Docker) with proper secrets management and health checks.
Configures Palantir Foundry clients across dev, staging, and prod environments using Python dataclasses, env vars, and per-env credentials/scopes.
Deploys MaintainX Node.js integrations to production via Docker on GCP Cloud Run or Kubernetes, with health checks, secret management, and gcloud commands.
Deploys Apollo.io integrations to production on Vercel, GCP Cloud Run, or Kubernetes using Node.js with health checks, Docker, and secret management.
Share bugs, ideas, or general feedback.
Deploy Foundry-integrated applications to cloud platforms (GCP Cloud Run, AWS Lambda, Docker) with proper secrets management and health checks.
palantir-ci-integrationFROM python:3.11-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
COPY src/ ./src/
EXPOSE 8080
CMD ["uvicorn", "src.main:app", "--host", "0.0.0.0", "--port", "8080"]
set -euo pipefail
PROJECT_ID=$(gcloud config get-value project)
SERVICE_NAME="foundry-integration"
REGION="us-central1"
# Build and push container
gcloud builds submit --tag "gcr.io/$PROJECT_ID/$SERVICE_NAME"
# Deploy with secrets from Secret Manager
gcloud run deploy "$SERVICE_NAME" \
--image "gcr.io/$PROJECT_ID/$SERVICE_NAME" \
--region "$REGION" \
--set-secrets "FOUNDRY_HOSTNAME=foundry-hostname:latest" \
--set-secrets "FOUNDRY_CLIENT_ID=foundry-client-id:latest" \
--set-secrets "FOUNDRY_CLIENT_SECRET=foundry-client-secret:latest" \
--min-instances 1 \
--max-instances 10 \
--timeout 60 \
--allow-unauthenticated
# src/main.py
from fastapi import FastAPI
import foundry, os
app = FastAPI()
@app.get("/health")
async def health():
try:
client = get_foundry_client()
list(client.ontologies.Ontology.list())
return {"status": "healthy", "foundry": "connected"}
except Exception as e:
return {"status": "degraded", "foundry": str(e)}, 503
# src/config.py
import os
from dataclasses import dataclass
@dataclass
class FoundryConfig:
hostname: str
client_id: str
client_secret: str
scopes: list[str]
@classmethod
def from_env(cls) -> "FoundryConfig":
env = os.environ.get("ENVIRONMENT", "development")
scopes_map = {
"development": ["api:read-data"],
"staging": ["api:read-data", "api:write-data"],
"production": ["api:read-data", "api:write-data", "api:ontology-read"],
}
return cls(
hostname=os.environ["FOUNDRY_HOSTNAME"],
client_id=os.environ["FOUNDRY_CLIENT_ID"],
client_secret=os.environ["FOUNDRY_CLIENT_SECRET"],
scopes=scopes_map.get(env, ["api:read-data"]),
)
| Issue | Cause | Fix |
|---|---|---|
| Container fails to start | Missing env vars | Verify all secrets are mounted |
| Health check fails | Foundry unreachable | Check VPC/firewall rules |
| Cold start timeout | SDK initialization slow | Set min-instances to 1 |
| Secret rotation breaks app | Old secret revoked | Deploy new secret before revoking old |
For observability setup, see palantir-observability.