Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From configure-plugin
Provides standard GitHub Actions workflows for multi-platform Docker container builds to GHCR, release-please automation, and optional ArgoCD PR auto-merges. Use for CI/CD configuration and compliance checks.
npx claudepluginhub laurigates/claude-plugins --plugin configure-pluginHow this skill is triggered — by the user, by Claude, or both
Slash command
/configure-plugin:ci-workflowshaikuThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Standard GitHub Actions workflows for CI/CD automation.
Checks and configures GitHub Actions CI/CD workflows for container builds, tests, and releases. Updates action versions, adds caching, multi-platform builds, and audits missing workflows.
Design, debug, and harden GitHub Actions CI/CD workflows including reusable workflows, matrix builds, self-hosted runners, OIDC authentication, caching, environments, secrets, and release automation.
Creates and reviews .gitlab-ci.yml files using GitLab CI best practices, DRY/SSOT patterns, runner tags, Docker images, and ArgoCD GitOps standards. Use for new pipelines, existing reviews, or optimizations.
Share bugs, ideas, or general feedback.
Standard GitHub Actions workflows for CI/CD automation.
File: .github/workflows/container-build.yml
Multi-platform container build with GHCR publishing:
name: Build Container
on:
push:
branches: [main]
pull_request:
branches: [main]
release:
types: [published]
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
- name: Build and push
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}
Key features:
File: .github/workflows/release-please.yml
See release-please-standards skill for details.
File: .github/workflows/argocd-automerge.yml
Auto-merge PRs from ArgoCD Image Updater branches:
name: Auto-merge ArgoCD Image Updater branches
on:
push:
branches:
- 'image-updater-**'
permissions:
contents: write
pull-requests: write
jobs:
create-and-merge:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Create Pull Request
id: create-pr
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
PR_URL=$(gh pr create \
--base main \
--head "${{ github.ref_name }}" \
--title "chore(deps): update container image" \
--body "Automated image update by argocd-image-updater.
Branch: \`${{ github.ref_name }}\`" \
2>&1) || true
if echo "$PR_URL" | grep -q "already exists"; then
PR_URL=$(gh pr view "${{ github.ref_name }}" --json url -q .url)
fi
echo "pr_url=$PR_URL" >> "$GITHUB_OUTPUT"
- name: Approve PR
env:
GH_TOKEN: ${{ secrets.AUTO_MERGE_PAT || secrets.GITHUB_TOKEN }}
run: gh pr review --approve "${{ github.ref_name }}"
continue-on-error: true
- name: Enable auto-merge
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: gh pr merge --auto --squash "${{ github.ref_name }}"
Key features:
image-updater-** branches from ArgoCD Image UpdaterPrerequisites:
AUTO_MERGE_PAT secret for self-approvalFile: .github/workflows/test.yml
name: Tests
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Run linter
run: npm run lint
- name: Run type check
run: npm run typecheck
- name: Run tests
run: npm run test:coverage
- name: Upload coverage
uses: codecov/codecov-action@v4
with:
files: ./coverage/lcov.info
File: .github/workflows/claude-auto-fix.yml
Automated CI failure analysis and remediation using Claude Code Action:
name: Claude Auto-fix CI Failures
on:
workflow_run:
# Customize: list the CI workflow names to monitor
workflows: ["CI"]
types: [completed]
workflow_dispatch:
inputs:
run_id:
description: "Failed workflow run ID to analyze"
required: true
type: string
concurrency:
group: auto-fix-${{ github.event.workflow_run.head_branch || github.ref_name }}
cancel-in-progress: false
Key features:
workflow_run completion for monitored workflowsfix(auto):anthropics/claude-code-action@v1 with scoped tool permissionsPrerequisites:
CLAUDE_CODE_OAUTH_TOKEN secret configured in repository settingsworkflows: list)For the full template, see the Claude Auto-Fix Workflow Template in configure-workflows.
| Action | Version | Purpose |
|---|---|---|
| actions/checkout | v4 | Repository checkout |
| docker/setup-buildx-action | v3 | Multi-platform builds |
| docker/login-action | v3 | Registry authentication |
| docker/metadata-action | v5 | Image tagging |
| docker/build-push-action | v6 | Container build/push |
| actions/setup-node | v4 | Node.js setup |
| googleapis/release-please-action | v4 | Release automation |
Minimal permissions required:
permissions:
contents: read # Default for most jobs
packages: write # For container push to GHCR
pull-requests: write # For release-please PR creation
Standard trigger patterns:
# Build on push and PR to main
on:
push:
branches: [main]
pull_request:
branches: [main]
# Also build on release
on:
release:
types: [published]
Use GitHub Actions cache for Docker layers:
cache-from: type=gha
cache-to: type=gha,mode=max
Build for both amd64 and arm64:
platforms: linux/amd64,linux/arm64
| Workflow | Purpose | Required |
|---|---|---|
| container-build | Container builds | Yes (if Dockerfile) |
| release-please | Automated releases | Yes |
| test | Testing and linting | Recommended |
| argocd-automerge | Auto-merge image updates | Optional (if using ArgoCD Image Updater) |
| claude-auto-fix | Automated CI failure remediation | Optional |
| Element | Requirement |
|---|---|
| checkout action | v4 |
| build-push action | v6 |
| Multi-platform | amd64 + arm64 |
| Caching | GHA cache enabled |
| Permissions | Explicit and minimal |
| Status | Condition |
|---|---|
| PASS | All required workflows present with compliant config |
| WARN | Workflows present but using older action versions |
| FAIL | Missing required workflows |
| SKIP | Not applicable (no Dockerfile = no container-build) |
| Secret | Purpose | Required |
|---|---|---|
| GITHUB_TOKEN | Container registry auth | Auto-provided |
| SENTRY_AUTH_TOKEN | Source map upload | If using Sentry |
| MY_RELEASE_PLEASE_TOKEN | Release PR creation | For release-please |
| CLAUDE_CODE_OAUTH_TOKEN | Claude Code Action auth | For claude-auto-fix |
cache-from and cache-to are set