npm - blockmine - Versions diffs - 1.20.0 → 1.22.0 - Mend

blockmine 1.20.0 → 1.22.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (434) hide show

package/.claude/skills/release-engineering/resources/ci-cd-pipelines.md ADDED Viewed

@@ -0,0 +1,411 @@
+# CI/CD Pipelines
+Pipeline design, GitHub Actions, GitLab CI, Jenkins, Azure DevOps, and CI/CD best practices.
+## Table of Contents
+- [Pipeline Design](#pipeline-design)
+- [GitHub Actions](#github-actions)
+- [GitLab CI](#gitlab-ci)
+- [Jenkins](#jenkins)
+- [Best Practices](#best-practices)
+## Pipeline Design
+**Standard Pipeline Stages:**
+```
+Source → Build → Test → Package → Deploy → Verify
+```
+**Detailed Flow:**
+```yaml
+stages:
+  checkout:
+    - Clone repository
+    - Checkout branch
+    - Fetch dependencies metadata
+  build:
+    - Install dependencies
+    - Compile code
+    - Run linters
+    - Static analysis
+  test:
+    - Unit tests
+    - Integration tests
+    - Coverage report
+    - Security scan
+  package:
+    - Build artifacts
+    - Create container image
+    - Scan image
+    - Sign artifacts
+  deploy:
+    - Deploy to staging
+    - Run smoke tests
+    - Deploy to production (manual approval)
+  verify:
+    - Health checks
+    - Integration tests in prod
+    - Monitor metrics
+```
+## GitHub Actions
+**Complete Workflow:**
+```yaml
+name: CI/CD
+on:
+  push:
+    branches: [main, develop]
+    tags: ['v*']
+  pull_request:
+    branches: [main]
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: '20'
+          cache: 'npm'
+      - run: npm ci
+      - run: npm run lint
+      - run: npm test
+      - run: npm run build
+      - name: Upload coverage
+        uses: codecov/codecov-action@v3
+  build-push:
+    needs: test
+    if: github.event_name == 'push'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    outputs:
+      version: ${{ steps.meta.outputs.version }}
+      tags: ${{ steps.meta.outputs.tags }}
+    steps:
+      - uses: actions/checkout@v3
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=sha,prefix={{branch}}-
+      - name: Login to registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+  deploy-staging:
+    needs: build-push
+    if: github.ref == 'refs/heads/develop'
+    runs-on: ubuntu-latest
+    environment: staging
+    steps:
+      - name: Deploy to staging
+        run: |
+          kubectl set image deployment/myapp \
+            app=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.build-push.outputs.version }} \
+            --namespace=staging
+      - name: Verify deployment
+        run: |
+          kubectl rollout status deployment/myapp -n staging
+          kubectl wait --for=condition=available --timeout=5m deployment/myapp -n staging
+  deploy-production:
+    needs: build-push
+    if: startsWith(github.ref, 'refs/tags/v')
+    runs-on: ubuntu-latest
+    environment: production
+    steps:
+      - name: Deploy to production
+        run: |
+          kubectl set image deployment/myapp \
+            app=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.build-push.outputs.version }} \
+            --namespace=production
+      - name: Verify deployment
+        run: kubectl rollout status deployment/myapp -n production
+      - name: Create GitHub release
+        uses: softprops/action-gh-release@v1
+        with:
+          generate_release_notes: true
+```
+## GitLab CI
+```yaml
+# .gitlab-ci.yml
+stages:
+  - build
+  - test
+  - package
+  - deploy
+variables:
+  DOCKER_DRIVER: overlay2
+  DOCKER_TLS_CERTDIR: ""
+before_script:
+  - echo "Pipeline starting"
+build:
+  stage: build
+  image: node:20
+  script:
+    - npm ci
+    - npm run build
+  artifacts:
+    paths:
+      - dist/
+    expire_in: 1 hour
+  cache:
+    paths:
+      - node_modules/
+test:unit:
+  stage: test
+  image: node:20
+  script:
+    - npm ci
+    - npm test
+  coverage: '/Coverage: \d+\.\d+%/'
+test:lint:
+  stage: test
+  image: node:20
+  script:
+    - npm ci
+    - npm run lint
+package:
+  stage: package
+  image: docker:latest
+  services:
+    - docker:dind
+  script:
+    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    - docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA .
+    - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
+    - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest
+    - docker push $CI_REGISTRY_IMAGE:latest
+  only:
+    - main
+    - develop
+deploy:staging:
+  stage: deploy
+  image: bitnami/kubectl:latest
+  script:
+    - kubectl config use-context $KUBE_CONTEXT
+    - kubectl set image deployment/myapp app=$CI_REGISTRY_IMAGE:$CI_COMMIT_SHA -n staging
+    - kubectl rollout status deployment/myapp -n staging
+  environment:
+    name: staging
+    url: https://staging.example.com
+  only:
+    - develop
+deploy:production:
+  stage: deploy
+  image: bitnami/kubectl:latest
+  script:
+    - kubectl config use-context $KUBE_CONTEXT
+    - kubectl set image deployment/myapp app=$CI_REGISTRY_IMAGE:$CI_COMMIT_SHA -n production
+    - kubectl rollout status deployment/myapp -n production
+  environment:
+    name: production
+    url: https://example.com
+  when: manual
+  only:
+    - main
+    - tags
+```
+## Jenkins
+**Jenkinsfile (Declarative):**
+```groovy
+pipeline {
+    agent any
+    environment {
+        DOCKER_REGISTRY = 'registry.example.com'
+        IMAGE_NAME = 'myapp'
+        KUBECONFIG = credentials('kubeconfig')
+    }
+    stages {
+        stage('Checkout') {
+            steps {
+                checkout scm
+            }
+        }
+        stage('Build') {
+            steps {
+                sh 'npm ci'
+                sh 'npm run build'
+            }
+        }
+        stage('Test') {
+            parallel {
+                stage('Unit Tests') {
+                    steps {
+                        sh 'npm test'
+                    }
+                }
+                stage('Lint') {
+                    steps {
+                        sh 'npm run lint'
+                    }
+                }
+            }
+        }
+        stage('Package') {
+            steps {
+                script {
+                    docker.build("${DOCKER_REGISTRY}/${IMAGE_NAME}:${env.BUILD_NUMBER}")
+                }
+            }
+        }
+        stage('Push') {
+            steps {
+                script {
+                    docker.withRegistry("https://${DOCKER_REGISTRY}", 'docker-credentials') {
+                        docker.image("${DOCKER_REGISTRY}/${IMAGE_NAME}:${env.BUILD_NUMBER}").push()
+                        docker.image("${DOCKER_REGISTRY}/${IMAGE_NAME}:${env.BUILD_NUMBER}").push('latest')
+                    }
+                }
+            }
+        }
+        stage('Deploy to Staging') {
+            when {
+                branch 'develop'
+            }
+            steps {
+                sh """
+                    kubectl set image deployment/myapp \
+                        app=${DOCKER_REGISTRY}/${IMAGE_NAME}:${env.BUILD_NUMBER} \
+                        --namespace=staging
+                    kubectl rollout status deployment/myapp -n staging
+                """
+            }
+        }
+        stage('Deploy to Production') {
+            when {
+                branch 'main'
+            }
+            steps {
+                input message: 'Deploy to production?', ok: 'Deploy'
+                sh """
+                    kubectl set image deployment/myapp \
+                        app=${DOCKER_REGISTRY}/${IMAGE_NAME}:${env.BUILD_NUMBER} \
+                        --namespace=production
+                    kubectl rollout status deployment/myapp -n production
+                """
+            }
+        }
+    }
+    post {
+        success {
+            slackSend color: 'good', message: "Deployment successful: ${env.JOB_NAME} #${env.BUILD_NUMBER}"
+        }
+        failure {
+            slackSend color: 'danger', message: "Deployment failed: ${env.JOB_NAME} #${env.BUILD_NUMBER}"
+        }
+    }
+}
+```
+## Best Practices
+### 1. Fast Pipelines
+```yaml
+# Run tests in parallel
+jobs:
+  test:
+    strategy:
+      matrix:
+        node: [18, 20]
+        os: [ubuntu-latest, windows-latest]
+    runs-on: ${{ matrix.os }}
+```
+### 2. Caching
+```yaml
+# Cache dependencies
+- uses: actions/cache@v3
+  with:
+    path: ~/.npm
+    key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+```
+### 3. Secrets Management
+```yaml
+# Never hardcode secrets
+env:
+  API_KEY: ${{ secrets.API_KEY }}
+```
+### 4. Artifact Management
+```yaml
+# Upload build artifacts
+- uses: actions/upload-artifact@v3
+  with:
+    name: dist
+    path: dist/
+```
+---
+**Related Resources:**
+- [build-optimization.md](build-optimization.md)
+- [pipeline-security.md](pipeline-security.md)

package/.claude/skills/release-engineering/resources/deployment-strategies.md ADDED Viewed

@@ -0,0 +1,197 @@
+# Deployment Strategies
+Blue-green deployment, canary releases, rolling updates, recreate strategy, and progressive deployment patterns.
+## Blue-Green Deployment
+**Concept:** Two identical environments, switch traffic instantly.
+**Kubernetes Implementation:**
+```yaml
+# Blue deployment (current production)
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: myapp-blue
+  labels:
+    version: blue
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: myapp
+      version: blue
+  template:
+    metadata:
+      labels:
+        app: myapp
+        version: blue
+    spec:
+      containers:
+      - name: app
+        image: myapp:v1.0.0
+---
+# Green deployment (new version)
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: myapp-green
+  labels:
+    version: green
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: myapp
+      version: green
+  template:
+    metadata:
+      labels:
+        app: myapp
+        version: green
+    spec:
+      containers:
+      - name: app
+        image: myapp:v2.0.0
+---
+# Service switches between blue and green
+apiVersion: v1
+kind: Service
+metadata:
+  name: myapp
+spec:
+  selector:
+    app: myapp
+    version: blue  # Change to 'green' to switch
+  ports:
+  - port: 80
+    targetPort: 8080
+```
+**Switch Script:**
+```bash
+# Deploy green
+kubectl apply -f myapp-green.yaml
+# Wait for green to be ready
+kubectl wait --for=condition=available deployment/myapp-green
+# Run smoke tests
+./smoke-tests.sh http://myapp-green
+# Switch traffic
+kubectl patch service myapp -p '{"spec":{"selector":{"version":"green"}}}'
+# Monitor for 10 minutes
+sleep 600
+# If issues, rollback
+# kubectl patch service myapp -p '{"spec":{"selector":{"version":"blue"}}}'
+# Clean up old blue deployment
+kubectl delete deployment myapp-blue
+```
+## Canary Deployment
+**Concept:** Gradually shift traffic from old to new version.
+**Flagger Configuration:**
+```yaml
+apiVersion: flagger.app/v1beta1
+kind: Canary
+metadata:
+  name: myapp
+spec:
+  targetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: myapp
+  service:
+    port: 80
+  analysis:
+    interval: 1m
+    threshold: 5
+    maxWeight: 50
+    stepWeight: 10
+    metrics:
+    - name: request-success-rate
+      thresholdRange:
+        min: 99
+    - name: request-duration
+      thresholdRange:
+        max: 500
+```
+**Traffic Split Progression:**
+```
+Step 1: 10% canary, 90% primary
+Step 2: 20% canary, 80% primary
+Step 3: 30% canary, 70% primary
+...
+Final:  100% canary, 0% primary
+```
+## Rolling Update
+**Kubernetes Native:**
+```yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: myapp
+spec:
+  replicas: 6
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 2        # Max 2 extra pods during update
+      maxUnavailable: 1  # Max 1 pod down during update
+  template:
+    spec:
+      containers:
+      - name: app
+        image: myapp:v2.0.0
+```
+**Update Process:**
+```
+Current:  [V1] [V1] [V1] [V1] [V1] [V1]
+          [V1] [V1] [V1] [V1] [V1] [V2] [V2]  ← 2 new, 1 old terminating
+          [V1] [V1] [V1] [V1] [V2] [V2]
+          [V1] [V1] [V1] [V2] [V2] [V2]
+          [V1] [V1] [V2] [V2] [V2] [V2]
+          [V1] [V2] [V2] [V2] [V2] [V2]
+New:      [V2] [V2] [V2] [V2] [V2] [V2]
+```
+## Recreate Strategy
+**Use Case:** Database schema changes requiring downtime.
+```yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: myapp
+spec:
+  strategy:
+    type: Recreate  # Kill all old pods before creating new
+```
+## Strategy Comparison
+| Strategy | Downtime | Rollback Speed | Resource Cost | Complexity |
+|----------|----------|----------------|---------------|------------|
+| Blue-Green | None | Instant | 2x (temporary) | Low |
+| Canary | None | Gradual | 1.1-1.5x | Medium |
+| Rolling | None | Medium | 1.1-1.5x | Low |
+| Recreate | Yes | Fast | 1x | Very Low |
+---
+**Related Resources:**
+- [progressive-delivery.md](progressive-delivery.md)
+- [rollback-strategies.md](rollback-strategies.md)

package/.claude/skills/release-engineering/resources/pipeline-security.md ADDED Viewed

@@ -0,0 +1,62 @@
+# Pipeline Security
+Securing CI/CD pipelines, secrets management, artifact signing, supply chain security, and pipeline hardening.
+## Pipeline Hardening
+**Minimal Permissions:**
+```yaml
+permissions:
+  contents: read      # Read code
+  packages: write     # Push containers
+  id-token: write     # OIDC for signing
+  # Don't grant more than needed
+```
+**Pin Actions:**
+```yaml
+# ❌ Bad - mutable tag
+- uses: actions/checkout@v3
+# ✅ Good - pinned SHA
+- uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab  # v3.5.2
+```
+## Secrets Management
+**GitHub Secrets:**
+```yaml
+- name: Deploy
+  env:
+    API_KEY: ${{ secrets.API_KEY }}
+    DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
+  run: ./deploy.sh
+```
+**Vault Integration:**
+```yaml
+- uses: hashicorp/vault-action@v2
+  with:
+    url: https://vault.example.com
+    token: ${{ secrets.VAULT_TOKEN }}
+    secrets: |
+      secret/data/production api_key | API_KEY ;
+      secret/data/production db_pass | DB_PASSWORD
+```
+## Artifact Signing
+**Cosign:**
+```yaml
+- name: Sign image
+  run: |
+    cosign sign --yes \
+      -a git_sha=${{ github.sha }} \
+      myregistry.com/myapp:${{ github.sha }}
+```
+---
+**Related Resources:**
+- [ci-cd-pipelines.md](ci-cd-pipelines.md)
+- [../devsecops/resources/ci-cd-security.md](../../devsecops/resources/ci-cd-security.md)