elsabro 2.0.1 → 2.2.0

package/skills/cicd-setup.md

@@ -0,0 +1,1206 @@
+---
+name: cicd-setup
+description: Configurar CI/CD completo con GitHub Actions, testing automatizado, deployment y releases
+tags: [cicd, github-actions, deployment, automation, devops, vercel, netlify, releases]
+difficulty: advanced
+estimated_time: 35min
+---
+
+# Skill: CI/CD Setup
+
+<when_to_use>
+Usar cuando el usuario menciona:
+- "CI/CD"
+- "GitHub Actions"
+- "deploy automatico"
+- "pipeline"
+- "integracion continua"
+- "continuous deployment"
+- "automatizar releases"
+- "workflow de CI"
+- "deploy a produccion"
+</when_to_use>
+
+<pre_requisites>
+## Pre-requisitos
+- Repositorio en GitHub
+- Proyecto con tests configurados
+- Cuenta en plataforma de deployment (Vercel/Netlify)
+- Conocimiento basico de YAML
+- (Opcional) NPM account para publicar paquetes
+</pre_requisites>
+
+<tech_stack>
+## Stack Tecnologico
+| Categoria | Tecnologia | Version | Proposito |
+|-----------|------------|---------|-----------|
+| CI | GitHub Actions | - | Workflows automatizados |
+| Deployment | Vercel | - | Deploy de apps Next.js/React |
+| Deployment Alt | Netlify | - | Deploy de sitios estaticos |
+| Releases | semantic-release | 24.x | Versionado semantico automatico |
+| Changelog | conventional-changelog | 5.x | Generacion de changelog |
+| Linting | ESLint | 9.x | Linting de codigo |
+| Formatting | Prettier | 3.x | Formateo de codigo |
+| Commits | commitlint | 19.x | Validacion de commits |
+| Hooks | husky | 9.x | Git hooks |
+</tech_stack>
+
+<project_structure>
+## Estructura de Proyecto
+```
+project/
+├── .github/
+│   ├── workflows/
+│   │   ├── ci.yml              # Tests, lint, build
+│   │   ├── deploy-preview.yml  # Preview deployments
+│   │   ├── deploy-prod.yml     # Production deployment
+│   │   ├── release.yml         # Semantic release
+│   │   └── codeql.yml          # Security scanning
+│   ├── CODEOWNERS
+│   ├── dependabot.yml
+│   └── PULL_REQUEST_TEMPLATE.md
+├── .husky/
+│   ├── pre-commit
+│   ├── commit-msg
+│   └── pre-push
+├── .releaserc.json
+├── commitlint.config.js
+└── package.json
+```
+</project_structure>
+
+<setup_steps>
+## Paso 1: Instalar Dependencias
+
+### Dependencias de Desarrollo
+```bash
+# Semantic Release
+npm install -D semantic-release @semantic-release/changelog @semantic-release/git @semantic-release/github
+
+# Commitlint
+npm install -D @commitlint/cli @commitlint/config-conventional
+
+# Husky
+npm install -D husky
+
+# Lint-staged
+npm install -D lint-staged
+```
+
+### Inicializar Husky
+```bash
+npx husky init
+```
+
+## Paso 2: Workflow de CI Principal
+
+### .github/workflows/ci.yml
+```yaml
+name: CI
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main, develop]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  NODE_VERSION: '20'
+  PNPM_VERSION: '9'
+
+jobs:
+  # ============================================
+  # Lint & Format Check
+  # ============================================
+  lint:
+    name: Lint & Format
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: ${{ env.PNPM_VERSION }}
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: 'pnpm'
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Run ESLint
+        run: pnpm lint
+
+      - name: Check formatting
+        run: pnpm format:check
+
+      - name: Type check
+        run: pnpm type-check
+
+  # ============================================
+  # Unit & Integration Tests
+  # ============================================
+  test:
+    name: Tests
+    runs-on: ubuntu-latest
+    needs: lint
+    strategy:
+      matrix:
+        node-version: [18, 20, 22]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: ${{ env.PNPM_VERSION }}
+
+      - name: Setup Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: 'pnpm'
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Run tests with coverage
+        run: pnpm test:coverage
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        if: matrix.node-version == 20
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: ./coverage/lcov.info
+          fail_ci_if_error: false
+
+  # ============================================
+  # E2E Tests
+  # ============================================
+  e2e:
+    name: E2E Tests
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: ${{ env.PNPM_VERSION }}
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: 'pnpm'
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Install Playwright browsers
+        run: pnpm exec playwright install --with-deps chromium
+
+      - name: Build application
+        run: pnpm build
+
+      - name: Run E2E tests
+        run: pnpm test:e2e
+
+      - name: Upload Playwright report
+        uses: actions/upload-artifact@v4
+        if: failure()
+        with:
+          name: playwright-report
+          path: playwright-report/
+          retention-days: 7
+
+  # ============================================
+  # Build
+  # ============================================
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    needs: [test, e2e]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: ${{ env.PNPM_VERSION }}
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: 'pnpm'
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Build
+        run: pnpm build
+
+      - name: Upload build artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: build
+          path: |
+            .next/
+            dist/
+            out/
+          retention-days: 7
+```
+
+## Paso 3: Preview Deployments
+
+### .github/workflows/deploy-preview.yml
+```yaml
+name: Preview Deployment
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+env:
+  VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}
+  VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}
+
+jobs:
+  deploy-preview:
+    name: Deploy Preview
+    runs-on: ubuntu-latest
+    environment:
+      name: preview
+      url: ${{ steps.deploy.outputs.preview-url }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: '9'
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'pnpm'
+
+      - name: Install Vercel CLI
+        run: pnpm add -g vercel@latest
+
+      - name: Pull Vercel Environment
+        run: vercel pull --yes --environment=preview --token=${{ secrets.VERCEL_TOKEN }}
+
+      - name: Build Project
+        run: vercel build --token=${{ secrets.VERCEL_TOKEN }}
+
+      - name: Deploy to Vercel
+        id: deploy
+        run: |
+          url=$(vercel deploy --prebuilt --token=${{ secrets.VERCEL_TOKEN }})
+          echo "preview-url=$url" >> $GITHUB_OUTPUT
+
+      - name: Comment on PR
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const url = '${{ steps.deploy.outputs.preview-url }}';
+            const body = `## Preview Deployment
+
+            | Status | URL |
+            |--------|-----|
+            | Deployed | [${url}](${url}) |
+
+            > Commit: \`${{ github.sha }}\`
+            `;
+
+            // Find existing comment
+            const { data: comments } = await github.rest.issues.listComments({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: context.issue.number,
+            });
+
+            const botComment = comments.find(c =>
+              c.user.type === 'Bot' &&
+              c.body.includes('Preview Deployment')
+            );
+
+            if (botComment) {
+              await github.rest.issues.updateComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                comment_id: botComment.id,
+                body,
+              });
+            } else {
+              await github.rest.issues.createComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: context.issue.number,
+                body,
+              });
+            }
+```
+
+## Paso 4: Production Deployment
+
+### .github/workflows/deploy-prod.yml
+```yaml
+name: Production Deployment
+
+on:
+  push:
+    branches: [main]
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: 'Environment to deploy to'
+        required: true
+        default: 'production'
+        type: choice
+        options:
+          - production
+          - staging
+
+env:
+  VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}
+  VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}
+
+jobs:
+  # ============================================
+  # Run Tests First
+  # ============================================
+  test:
+    name: Run Tests
+    uses: ./.github/workflows/ci.yml
+    secrets: inherit
+
+  # ============================================
+  # Deploy to Production
+  # ============================================
+  deploy:
+    name: Deploy to Production
+    runs-on: ubuntu-latest
+    needs: test
+    environment:
+      name: production
+      url: ${{ steps.deploy.outputs.production-url }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: '9'
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'pnpm'
+
+      - name: Install Vercel CLI
+        run: pnpm add -g vercel@latest
+
+      - name: Pull Vercel Environment
+        run: vercel pull --yes --environment=production --token=${{ secrets.VERCEL_TOKEN }}
+
+      - name: Build Project
+        run: vercel build --prod --token=${{ secrets.VERCEL_TOKEN }}
+
+      - name: Deploy to Production
+        id: deploy
+        run: |
+          url=$(vercel deploy --prebuilt --prod --token=${{ secrets.VERCEL_TOKEN }})
+          echo "production-url=$url" >> $GITHUB_OUTPUT
+
+      - name: Create deployment status
+        uses: actions/github-script@v7
+        with:
+          script: |
+            await github.rest.repos.createDeploymentStatus({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              deployment_id: context.payload.deployment?.id || 0,
+              state: 'success',
+              environment_url: '${{ steps.deploy.outputs.production-url }}',
+              description: 'Deployment successful'
+            });
+
+  # ============================================
+  # Post-deployment checks
+  # ============================================
+  smoke-test:
+    name: Smoke Tests
+    runs-on: ubuntu-latest
+    needs: deploy
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: '9'
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'pnpm'
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Install Playwright
+        run: pnpm exec playwright install chromium
+
+      - name: Run smoke tests
+        run: pnpm test:e2e:smoke
+        env:
+          PLAYWRIGHT_BASE_URL: ${{ needs.deploy.outputs.production-url }}
+
+      - name: Notify on failure
+        if: failure()
+        uses: actions/github-script@v7
+        with:
+          script: |
+            await github.rest.issues.create({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              title: 'Production smoke tests failed',
+              body: `Smoke tests failed after deployment.
+
+              - Commit: ${{ github.sha }}
+              - Workflow: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+
+              Please investigate immediately.`,
+              labels: ['bug', 'priority:high']
+            });
+```
+
+## Paso 5: Semantic Release
+
+### .github/workflows/release.yml
+```yaml
+name: Release
+
+on:
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+permissions:
+  contents: write
+  issues: write
+  pull-requests: write
+  id-token: write
+
+jobs:
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          persist-credentials: false
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: '9'
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'pnpm'
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Build
+        run: pnpm build
+
+      - name: Run semantic-release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+        run: pnpm exec semantic-release
+```
+
+### .releaserc.json
+```json
+{
+  "branches": [
+    "main",
+    {
+      "name": "beta",
+      "prerelease": true
+    },
+    {
+      "name": "alpha",
+      "prerelease": true
+    }
+  ],
+  "plugins": [
+    [
+      "@semantic-release/commit-analyzer",
+      {
+        "preset": "conventionalcommits",
+        "releaseRules": [
+          { "type": "feat", "release": "minor" },
+          { "type": "fix", "release": "patch" },
+          { "type": "perf", "release": "patch" },
+          { "type": "revert", "release": "patch" },
+          { "type": "docs", "scope": "README", "release": "patch" },
+          { "type": "refactor", "release": "patch" },
+          { "breaking": true, "release": "major" }
+        ]
+      }
+    ],
+    [
+      "@semantic-release/release-notes-generator",
+      {
+        "preset": "conventionalcommits",
+        "presetConfig": {
+          "types": [
+            { "type": "feat", "section": "Features" },
+            { "type": "fix", "section": "Bug Fixes" },
+            { "type": "perf", "section": "Performance" },
+            { "type": "revert", "section": "Reverts" },
+            { "type": "docs", "section": "Documentation" },
+            { "type": "refactor", "section": "Code Refactoring" },
+            { "type": "test", "section": "Tests", "hidden": true },
+            { "type": "chore", "section": "Miscellaneous", "hidden": true }
+          ]
+        }
+      }
+    ],
+    [
+      "@semantic-release/changelog",
+      {
+        "changelogFile": "CHANGELOG.md"
+      }
+    ],
+    [
+      "@semantic-release/npm",
+      {
+        "npmPublish": false
+      }
+    ],
+    [
+      "@semantic-release/git",
+      {
+        "assets": ["CHANGELOG.md", "package.json", "package-lock.json", "pnpm-lock.yaml"],
+        "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
+      }
+    ],
+    "@semantic-release/github"
+  ]
+}
+```
+
+## Paso 6: Security Scanning
+
+### .github/workflows/codeql.yml
+```yaml
+name: CodeQL Analysis
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main, develop]
+  schedule:
+    - cron: '0 6 * * 1'  # Every Monday at 6 AM
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+      actions: read
+      contents: read
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['javascript-typescript']
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          queries: +security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: '/language:${{ matrix.language }}'
+```
+
+## Paso 7: Configurar Dependabot
+
+### .github/dependabot.yml
+```yaml
+version: 2
+updates:
+  # NPM dependencies
+  - package-ecosystem: 'npm'
+    directory: '/'
+    schedule:
+      interval: 'weekly'
+      day: 'monday'
+      time: '09:00'
+    open-pull-requests-limit: 10
+    reviewers:
+      - 'team-leads'
+    labels:
+      - 'dependencies'
+      - 'automated'
+    commit-message:
+      prefix: 'chore(deps)'
+    groups:
+      # Group minor/patch updates
+      minor-and-patch:
+        patterns:
+          - '*'
+        update-types:
+          - 'minor'
+          - 'patch'
+      # Keep major updates separate
+      major:
+        patterns:
+          - '*'
+        update-types:
+          - 'major'
+
+  # GitHub Actions
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'weekly'
+      day: 'monday'
+    labels:
+      - 'dependencies'
+      - 'github-actions'
+    commit-message:
+      prefix: 'chore(ci)'
+```
+
+## Paso 8: Git Hooks con Husky
+
+### .husky/pre-commit
+```bash
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+# Run lint-staged
+npx lint-staged
+
+# Type check
+npm run type-check
+```
+
+### .husky/commit-msg
+```bash
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+npx --no -- commitlint --edit "$1"
+```
+
+### .husky/pre-push
+```bash
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+# Run tests before push
+npm run test
+```
+
+### commitlint.config.js
+```javascript
+module.exports = {
+  extends: ['@commitlint/config-conventional'],
+  rules: {
+    'type-enum': [
+      2,
+      'always',
+      [
+        'feat',     // New feature
+        'fix',      // Bug fix
+        'docs',     // Documentation
+        'style',    // Formatting, missing semicolons, etc
+        'refactor', // Code refactoring
+        'perf',     // Performance improvements
+        'test',     // Adding tests
+        'chore',    // Maintenance
+        'revert',   // Revert changes
+        'ci',       // CI/CD changes
+        'build',    // Build system changes
+      ],
+    ],
+    'subject-case': [2, 'always', 'lower-case'],
+    'subject-max-length': [2, 'always', 72],
+    'body-max-line-length': [2, 'always', 100],
+  },
+};
+```
+
+### lint-staged.config.js
+```javascript
+module.exports = {
+  // TypeScript/JavaScript
+  '*.{ts,tsx,js,jsx}': [
+    'eslint --fix',
+    'prettier --write',
+  ],
+  // JSON, YAML, Markdown
+  '*.{json,yaml,yml,md}': [
+    'prettier --write',
+  ],
+  // CSS
+  '*.{css,scss}': [
+    'prettier --write',
+  ],
+};
+```
+
+## Paso 9: GitHub Configuration Files
+
+### .github/CODEOWNERS
+```
+# Default owners
+* @team-leads
+
+# Frontend
+/src/components/ @frontend-team
+/src/styles/ @frontend-team
+
+# Backend
+/src/api/ @backend-team
+/src/lib/ @backend-team
+
+# Infrastructure
+/.github/ @devops-team
+/docker/ @devops-team
+
+# Documentation
+/docs/ @docs-team
+*.md @docs-team
+```
+
+### .github/PULL_REQUEST_TEMPLATE.md
+```markdown
+## Description
+
+<!-- Describe your changes in detail -->
+
+## Type of Change
+
+- [ ] Bug fix (non-breaking change that fixes an issue)
+- [ ] New feature (non-breaking change that adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] Documentation update
+- [ ] Refactoring (no functional changes)
+
+## Related Issues
+
+<!-- Link to related issues: Fixes #123, Closes #456 -->
+
+## Checklist
+
+- [ ] My code follows the project's style guidelines
+- [ ] I have performed a self-review of my code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have made corresponding changes to the documentation
+- [ ] My changes generate no new warnings
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] New and existing unit tests pass locally with my changes
+- [ ] Any dependent changes have been merged and published
+
+## Screenshots (if applicable)
+
+<!-- Add screenshots to help explain your changes -->
+
+## Additional Notes
+
+<!-- Add any other context about the PR here -->
+```
+
+## Paso 10: Scripts en package.json
+
+```json
+{
+  "scripts": {
+    "dev": "next dev",
+    "build": "next build",
+    "start": "next start",
+    "lint": "eslint . --ext .ts,.tsx,.js,.jsx",
+    "lint:fix": "eslint . --ext .ts,.tsx,.js,.jsx --fix",
+    "format": "prettier --write .",
+    "format:check": "prettier --check .",
+    "type-check": "tsc --noEmit",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "test:coverage": "vitest run --coverage",
+    "test:e2e": "playwright test",
+    "test:e2e:smoke": "playwright test --grep @smoke",
+    "prepare": "husky",
+    "release": "semantic-release",
+    "release:dry": "semantic-release --dry-run"
+  }
+}
+```
+
+## Paso 11: Netlify Alternative
+
+### netlify.toml
+```toml
+[build]
+  command = "npm run build"
+  publish = ".next"
+
+[build.environment]
+  NODE_VERSION = "20"
+
+# Production context
+[context.production]
+  command = "npm run build"
+
+[context.production.environment]
+  NODE_ENV = "production"
+
+# Deploy previews
+[context.deploy-preview]
+  command = "npm run build"
+
+[context.deploy-preview.environment]
+  NODE_ENV = "preview"
+
+# Branch deploys
+[context.branch-deploy]
+  command = "npm run build"
+
+# Redirects
+[[redirects]]
+  from = "/api/*"
+  to = "/.netlify/functions/:splat"
+  status = 200
+
+[[redirects]]
+  from = "/*"
+  to = "/index.html"
+  status = 200
+
+# Headers
+[[headers]]
+  for = "/*"
+  [headers.values]
+    X-Frame-Options = "DENY"
+    X-XSS-Protection = "1; mode=block"
+    X-Content-Type-Options = "nosniff"
+    Referrer-Policy = "strict-origin-when-cross-origin"
+
+[[headers]]
+  for = "/_next/static/*"
+  [headers.values]
+    Cache-Control = "public, max-age=31536000, immutable"
+```
+
+### .github/workflows/deploy-netlify.yml (Alternative)
+```yaml
+name: Deploy to Netlify
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build
+        run: npm run build
+
+      - name: Deploy to Netlify
+        uses: nwtgck/actions-netlify@v3
+        with:
+          publish-dir: '.next'
+          production-branch: main
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          deploy-message: 'Deploy from GitHub Actions'
+          enable-pull-request-comment: true
+          enable-commit-comment: true
+          overwrites-pull-request-comment: true
+        env:
+          NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
+          NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
+```
+</setup_steps>
+
+<secrets_setup>
+## Configuracion de Secrets
+
+### Secrets Requeridos en GitHub
+
+1. **VERCEL_TOKEN**
+   ```
+   Settings > Secrets > Actions > New repository secret
+   Nombre: VERCEL_TOKEN
+   Valor: Token de Vercel (Settings > Tokens)
+   ```
+
+2. **VERCEL_ORG_ID**
+   ```
+   Obtener de: .vercel/project.json despues de `vercel link`
+   ```
+
+3. **VERCEL_PROJECT_ID**
+   ```
+   Obtener de: .vercel/project.json despues de `vercel link`
+   ```
+
+4. **NPM_TOKEN** (si publicas paquetes)
+   ```
+   Obtener de: npm.js > Access Tokens > Generate New Token
+   Tipo: Automation
+   ```
+
+5. **CODECOV_TOKEN** (para coverage)
+   ```
+   Obtener de: codecov.io > Settings > Repository Upload Token
+   ```
+
+### Secrets para Netlify (alternativo)
+
+1. **NETLIFY_AUTH_TOKEN**
+   ```
+   Obtener de: Netlify > User Settings > Applications > Personal access tokens
+   ```
+
+2. **NETLIFY_SITE_ID**
+   ```
+   Obtener de: Netlify > Site Settings > General > Site ID
+   ```
+</secrets_setup>
+
+<environments>
+## Configuracion de Environments
+
+### GitHub Environments
+
+Ir a: Settings > Environments
+
+1. **preview**
+   - No protection rules
+   - Secrets: ninguno adicional
+
+2. **staging**
+   - Wait timer: 0 minutes
+   - Required reviewers: 0
+   - Secrets: staging-specific
+
+3. **production**
+   - Required reviewers: 1-2 personas
+   - Wait timer: 5 minutes (opcional)
+   - Branch protection: solo `main`
+   - Secrets: production-specific
+
+### Branch Protection Rules
+
+Ir a: Settings > Branches > Add rule
+
+**main branch:**
+```
+- Require a pull request before merging
+  - Require approvals: 1
+  - Dismiss stale PR approvals when new commits are pushed
+- Require status checks to pass
+  - Require branches to be up to date
+  - Status checks: lint, test, e2e, build
+- Require conversation resolution before merging
+- Do not allow bypassing the above settings
+```
+</environments>
+
+<verification>
+## Verificacion
+
+1. **CI Workflow**
+   ```bash
+   # Push a un branch feature
+   git checkout -b feature/test-ci
+   git commit --allow-empty -m "test: verify CI workflow"
+   git push origin feature/test-ci
+   # Verificar que CI corre en GitHub Actions
+   ```
+
+2. **Preview Deployment**
+   ```bash
+   # Crear PR
+   gh pr create --title "Test preview" --body "Testing preview deployment"
+   # Verificar comentario con URL de preview
+   ```
+
+3. **Production Deployment**
+   ```bash
+   # Merge PR a main
+   gh pr merge
+   # Verificar deploy a produccion en GitHub Actions
+   ```
+
+4. **Semantic Release**
+   ```bash
+   # Hacer commit con conventional commit
+   git commit -m "feat: add new feature"
+   git push origin main
+   # Verificar que se crea release en GitHub
+   ```
+
+5. **Commit Lint**
+   ```bash
+   # Intentar commit con mensaje invalido
+   git commit -m "bad message"
+   # Deberia fallar con error de commitlint
+   ```
+</verification>
+
+<troubleshooting>
+## Solucion de Problemas
+
+### Error: "Resource not accessible by integration"
+```
+Ir a Settings > Actions > General
+- Workflow permissions: Read and write permissions
+- Allow GitHub Actions to create and approve pull requests
+```
+
+### Error: "Vercel token expired"
+```
+1. Generar nuevo token en Vercel
+2. Actualizar secret VERCEL_TOKEN en GitHub
+```
+
+### Semantic Release no crea release
+```
+1. Verificar que commits siguen conventional commits
+2. Verificar GITHUB_TOKEN tiene permisos
+3. Verificar .releaserc.json es valido
+4. Correr: npx semantic-release --dry-run
+```
+
+### Preview deploy falla
+```
+1. Verificar VERCEL_ORG_ID y VERCEL_PROJECT_ID
+2. Correr localmente: vercel --debug
+3. Verificar que proyecto esta linked
+```
+
+### Husky hooks no corren
+```bash
+# Reinstalar husky
+rm -rf .husky
+npm run prepare
+npx husky add .husky/pre-commit "npx lint-staged"
+npx husky add .husky/commit-msg "npx --no -- commitlint --edit \$1"
+```
+
+### Tests fallan en CI pero pasan local
+```
+1. Verificar versiones de Node coinciden
+2. Verificar variables de entorno
+3. Limpiar cache: rm -rf node_modules && npm ci
+4. Verificar que no hay dependencia de orden de tests
+```
+</troubleshooting>
+
+<best_practices>
+## Mejores Practicas
+
+### 1. Conventional Commits
+```
+feat: nueva funcionalidad (minor version)
+fix: correccion de bug (patch version)
+feat!: breaking change (major version)
+docs: documentacion
+chore: mantenimiento
+```
+
+### 2. Branch Strategy
+```
+main        <- produccion, protegido
+develop     <- desarrollo, preview
+feature/*   <- nuevas funcionalidades
+fix/*       <- correcciones
+release/*   <- preparacion de release
+```
+
+### 3. PR Workflow
+```
+1. Crear branch desde develop
+2. Hacer commits con conventional commits
+3. Crear PR a develop
+4. CI corre automaticamente
+5. Preview deploy se crea
+6. Codigo review
+7. Merge a develop
+8. Cuando listo: merge develop -> main
+9. Deploy automatico a produccion
+10. Release automatico con semantic-release
+```
+
+### 4. Rollback Strategy
+```bash
+# Revertir ultimo deploy
+vercel rollback
+
+# O revertir commit en main
+git revert <commit-hash>
+git push origin main
+```
+</best_practices>