npm - @sylix/coworker - Versions diffs - 2.0.11 → 2.0.12 - Mend

@sylix/coworker 2.0.11 → 2.0.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

package/dist/skills/defaults/devops/cicd.md ADDED Viewed

@@ -0,0 +1,314 @@
+---
+name: cicd
+description: Design and implement CI/CD pipelines with automated testing, deployment, and release strategies.
+---
+# CI/CD Pipeline Design — CoWorker Edition
+Build reliable, fast, and secure deployment pipelines.
+## When to Use This Skill
+- Setting up new CI/CD pipelines
+- Improving deployment frequency
+- Implementing automated testing
+- Adding security scanning
+## Core Concepts
+### 1. GitHub Actions Pipeline
+```yaml
+name: CI Pipeline
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main]
+env:
+  NODE_VERSION: '20'
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: 'npm'
+      - name: Install dependencies
+        run: npm ci
+      - name: Run linter
+        run: npm run lint
+      - name: Run type check
+        run: npm run typecheck
+      - name: Run tests
+        run: npm run test:ci
+        env:
+          CI: true
+          DATABASE_URL: postgres://test
+      - name: Upload coverage
+        uses: codecov/codecov-action@v3
+        with:
+          files: ./coverage/lcov.info
+          fail_ci_if_error: true
+  build:
+    needs: test
+    runs-on: ubuntu-latest
+    outputs:
+      image-tag: ${{ steps.meta.outputs.tags }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Login to Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=sha,prefix=
+            type=raw,value=latest,enable={{is_default_branch}}
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+  deploy:
+    needs: build
+    if: github.ref == 'refs/heads/main'
+    runs-on: ubuntu-latest
+    environment: production
+    steps:
+      - name: Deploy to production
+        run: |
+          echo "Deploying ${{ needs.build.outputs.image-tag }}"
+          # Add deployment commands
+```
+### 2. Dockerfile Best Practices
+```dockerfile
+# Use specific versions, not latest
+FROM node:20-alpine AS builder
+WORKDIR /app
+# Copy package files first for better caching
+COPY package*.json ./
+RUN npm ci
+# Copy source and build
+COPY . .
+RUN npm run build
+# Production image
+FROM node:20-alpine AS runner
+WORKDIR /app
+# Create non-root user
+RUN addgroup --system --gid 1001 nodejs
+RUN adduser --system --uid 1001 nodejs
+# Copy built artifacts
+COPY --from=builder /app/dist ./dist
+COPY --from=builder /app/node_modules ./node_modules
+USER nodejs
+ENV NODE_ENV=production
+EXPOSE 3000
+CMD ["node", "dist/index.js"]
+```
+### 3. GitOps with GitHub Actions
+```yaml
+name: Deploy
+on:
+  push:
+    branches: [main]
+    paths:
+      - 'k8s/**'
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: main
+      - name: Deploy to Kubernetes
+        uses: azure/k8s-set-context@v4
+        with:
+          kubeconfig: ${{ secrets.KUBE_CONFIG }}
+      - name: Deploy with Helm
+        run: |
+          helm upgrade --install myapp ./charts/myapp \
+            --namespace production \
+            --set image.tag=${{ github.sha }}
+```
+### 4. Testing Stages
+```yaml
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    services:
+      postgres:
+        image: postgres:15
+        env:
+          POSTGRES_DB: test
+          POSTGRES_USER: test
+          POSTGRES_PASSWORD: test
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+      redis:
+        image: redis:7-alpine
+        ports:
+          - 6379:6379
+    steps:
+      - name: Unit tests
+        run: npm run test:unit
+      - name: Integration tests
+        run: npm run test:integration
+        env:
+          DATABASE_URL: postgres://test:test@localhost:5432/test
+          REDIS_URL: redis://localhost:6379
+      - name: E2E tests
+        run: npm run test:e2e
+```
+### 5. Security Scanning
+```yaml
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run Trivy scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          scan-ref: '.'
+          format: 'sarif'
+          output: 'trivy-results.sarif'
+      - name: Upload Trivy results to GitHub Security
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: 'trivy-results.sarif'
+      - name: Check dependencies
+        run: |
+          npm audit --audit-level=high || true
+      - name: Container scan
+        if: github.event_name == 'push'
+        uses: aquasecurity/trivy-action@master
+        with:
+          image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
+          format: 'sarif'
+          output: 'container-results.sarif'
+```
+### 6. Release Strategy
+```yaml
+name: Release
+on:
+  push:
+    tags:
+      - 'v*'
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Create GitHub Release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: Release ${{ github.ref }}
+          draft: true
+          prerelease: ${{ contains(github.ref, 'beta') }}
+      - name: Build and release Docker
+        run: |
+          # Multi-platform build
+          docker buildx build \
+            --platform linux/amd64,linux/arm64 \
+            --tag app:${{ github.ref_name }} \
+            --push .
+```
+## Best Practices
+1. **Fast feedback** - Run tests in parallel
+2. **Cache dependencies** - Speed up builds
+3. **Fail fast** - Lint/typecheck before tests
+4. **Environment parity** - Same Docker images everywhere
+5. **Secret management** - Never commit secrets
+6. **Immutable tags** - Don't retag releases
+7. **Rollback ready** - Always have a way back
+## Common Issues
+- Slow pipelines (no caching)
+- Flaky tests (not isolated)
+- Secrets in logs
+- No artifact retention
+- Manual approvals bottleneck
+- Not scanning images

package/dist/skills/defaults/devops/cloud.md ADDED Viewed

@@ -0,0 +1,263 @@
+---
+name: cloud-architecture
+description: Design scalable, resilient cloud architectures on AWS, GCP, or Azure.
+---
+# Cloud Architecture — CoWorker Edition
+Build robust cloud-native systems.
+## When to Use This Skill
+- Designing cloud infrastructure
+- Architecture decisions
+- Cost optimization
+- Scalability planning
+## Core Concepts
+### 1. Well-Architected Framework
+```
+5 Pillars:
+1. Operational Excellence
+2. Security
+3. Reliability
+4. Performance Efficiency
+5. Cost Optimization
+```
+### 2. High-Level Architecture
+```
+                    ┌─────────────┐
+                    │   CDN       │
+                    └──────┬──────┘
+                           │
+                    ┌──────▼──────┐
+                    │ Load Balancer│
+                    └──────┬──────┘
+                           │
+         ┌─────────────────┼─────────────────┐
+         │                 │                 │
+    ┌────▼────┐      ┌────▼────┐      ┌────▼────┐
+    │  App 1  │      │  App 2  │      │  App 3  │
+    └────┬────┘      └────┬────┘      └────┬────┘
+         │                 │                 │
+         └─────────────────┼─────────────────┘
+                           │
+              ┌────────────┼────────────┐
+              │            │            │
+         ┌────▼────┐ ┌────▼────┐ ┌────▼────┐
+         │ Cache   │ │   DB    │ │  Queue  │
+         │(Redis)  │ │ (RDS)   │ │  (SQS)  │
+         └─────────┘ └─────────┘ └─────────┘
+```
+### 3. AWS Example (Terraform)
+```hcl
+# VPC
+resource "aws_vpc" "main" {
+  cidr_block           = "10.0.0.0/16"
+  enable_dns_hostnames = true
+  enable_dns_support   = true
+}
+# Subnets
+resource "aws_subnet" "public" {
+  count                   = 3
+  vpc_id                  = aws_vpc.main.id
+  cidr_block              = "10.0.${count.index + 1}.0/24"
+  availability_zone       = data.aws_availability_zones.available.names[count.index]
+  map_public_ip_on_launch = true
+}
+# Security Groups
+resource "aws_security_group" "app" {
+  name        = "app-sg"
+  vpc_id      = aws_vpc.main.id
+  ingress {
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
+    cidr_blocks = ["10.0.0.0/16"]
+  }
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+}
+# ECS Cluster
+resource "aws_ecs_cluster" "app" {
+  name = "production-cluster"
+  setting {
+    name  = "containerInsights"
+    value = "enabled"
+  }
+}
+# ECS Service
+resource "aws_ecs_service" "app" {
+  name            = "api-service"
+  cluster         = aws_ecs_cluster.app.id
+  task_definition = aws_ecs_task_definition.api.arn
+  desired_count   = 3
+  network_configuration {
+    subnets          = aws_subnet.private[*].id
+    security_groups  = [aws_security_group.app.id]
+  }
+  load_balancer {
+    target_group_arn = aws_lb_target_group.app.arn
+    container_name   = "api"
+    container_port   = 8080
+  }
+  depends_on = [aws_lb_listener.app]
+}
+# RDS
+resource "aws_db_instance" "main" {
+  identifier           = "production-db"
+  engine              = "postgres"
+  engine_version       = "15.3"
+  instance_class      = "db.t3.medium"
+  allocated_storage    = 100
+  max_allocated_storage = 500
+  backup_retention_period = 7
+  backup_window          = "03:00-04:00"
+  maintenance_window     = "mon:04:00-mon:05:00"
+  skip_final_snapshot = false
+  final_snapshot_identifier = "production-db-final"
+}
+```
+### 4. Scaling Patterns
+```yaml
+# Kubernetes HPA
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: api-hpa
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: api
+  minReplicas: 3
+  maxReplicas: 20
+  metrics:
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: 70
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: 80
+```
+### 5. Multi-Region Architecture
+```
+                    ┌──────────────┐
+                    │ Global DNS   │
+                    │   (Route53)  │
+                    └──────┬───────┘
+                           │
+         ┌─────────────────┼─────────────────┐
+         │                 │                 │
+    ┌────▼────┐      ┌────▼────┐      ┌────▼────┐
+    │  us-east│      │ eu-west │      │ ap-south│
+    │ Primary │      │Secondary│      │  Tert   │
+    └────┬────┘      └────┬────┘      └────┬────┘
+         │                 │                 │
+         │    ┌────────────┴────────┐        │
+         │    │   Data Replication │        │
+         │    └────────────┬────────┘        │
+         └─────────────────┼─────────────────┘
+                           │
+                    ┌──────▼──────┐
+                    │   Clients   │
+                    └─────────────┘
+```
+### 6. Disaster Recovery
+```yaml
+# RTO/RPO targets
+# Critical: RTO < 1 hour, RPO < 1 minute
+# Standard: RTO < 4 hours, RPO < 1 hour
+# Batch: RTO < 24 hours, RPO < 24 hours
+# Backup strategy
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: backup-pvc
+spec:
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 1Ti
+  storageClassName: standard-rwo
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: backup-cron
+spec:
+  schedule: "0 2 * * *"  # Daily at 2 AM
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          containers:
+            - name: backup
+              image: postgres:15
+              command:
+                - /bin/sh
+                - -c
+                - pg_dump $DATABASE_URL > /backups/$(date +%Y%m%d).sql
+              volumeMounts:
+                - name: backup
+                  mountPath: /backups
+          volumes:
+            - name: backup
+              persistentVolumeClaim:
+                claimName: backup-pvc
+```
+## Best Practices
+1. **Use managed services** - Less operational burden
+2. **Automate everything** - IaC
+3. **Design for failure** - Assume anything can fail
+4. **Multi-AZ** - Availability
+5. **Cost awareness** - Right-size resources
+6. **Security by default** - Least privilege
+## Common Mistakes
+- Single points of failure
+- Not using IaC
+- Over-provisioning
+- No monitoring
+- Missing backups
+- Security misconfigurations