npm - ma-agents - Versions diffs - 3.4.6 → 3.4.8 - Mend

ma-agents 3.4.6 → 3.4.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (576) hide show

package/.opencode/skills/create-bug-story/SKILL.md ADDED Viewed

@@ -0,0 +1,263 @@
+---
+name: create-bug-story
+description: Guided workflow to create a structured bug story from a detected defect
+type: skill
+triggers:
+  - "create bug story"
+  - "report bug"
+---
+# Create Bug Story Workflow
+Guided workflow to create a structured bug story from a detected defect and add it to the backlog as a standalone item.
+<workflow>
+<step n="1" goal="Gather bug title and severity">
+  <action>Explain: This workflow creates a structured bug story file that enters the backlog alongside user stories.</action>
+  <ask>What is the bug title? (short, descriptive — e.g., "Login fails with empty password field")</ask>
+  <action>Store as {{bug_title}}</action>
+  <action>Validate {{bug_title}} is not empty</action>
+  <check if="{{bug_title}} is empty">
+    <output>❌ Bug title cannot be empty.</output>
+    <goto step="1" />
+  </check>
+  <output>
+**Severity levels:**
+- `critical` — Data loss, security breach, or system crash in normal usage
+- `high` — Core feature broken or serious security risk; blocks users
+- `medium` — Feature partially broken or degraded; workaround exists
+- `low` — Minor issue, cosmetic defect, or edge case with minimal user impact
+  </output>
+  <ask>What is the severity? [critical / high / medium / low]</ask>
+  <action>Store as {{severity}}</action>
+  <action>Normalize to lowercase</action>
+  <check if="{{severity}} is not one of: critical, high, medium, low">
+    <output>❌ Severity must be one of: critical, high, medium, low.</output>
+    <goto step="1" />
+  </check>
+</step>
+<step n="2" goal="Gather affected component and reproduction steps">
+  <ask>What is the affected component? (e.g., "auth module", "login page", "installer pipeline")</ask>
+  <action>Store as {{affected_component}}</action>
+  <ask>What are the reproduction steps? (numbered steps to reproduce the bug — describe them one at a time or as a list)</ask>
+  <action>Store as {{reproduction_steps}}</action>
+</step>
+<step n="3" goal="Gather expected vs actual behavior">
+  <ask>What is the expected behavior? (what should happen when working correctly)</ask>
+  <action>Store as {{expected_behavior}}</action>
+  <ask>What is the actual behavior? (what actually happens — the defect)</ask>
+  <action>Store as {{actual_behavior}}</action>
+</step>
+<step n="4" goal="Gather version and bug type">
+  <ask>What version was this bug found in? (optional — press Enter to skip; e.g., "2.3.1", "v1.0.0-rc2")</ask>
+  <action>Store as {{version_found}} (empty string if skipped)</action>
+  <output>
+**Bug type classifications:**
+- `regression` — Previously working feature now broken
+- `functional` — Feature does not work as specified
+- `performance` — Unacceptable latency, throughput, or resource usage
+- `security` — Vulnerability or authentication/authorization flaw
+- `ui` — Visual or interaction defect
+- `data` — Data corruption, loss, or incorrect transformation
+- `integration` — Failure at system/service boundaries
+- `other` — Does not fit the above categories
+  </output>
+  <ask>What is the bug type? [regression / functional / performance / security / ui / data / integration / other] (default: functional)</ask>
+  <action>Store as {{bug_type}}</action>
+  <action>If empty or blank, default to "functional"</action>
+  <action>Normalize to lowercase</action>
+  <check if="{{bug_type}} is not one of: regression, functional, performance, security, ui, data, integration, other">
+    <output>❌ Bug type must be one of: regression, functional, performance, security, ui, data, integration, other.</output>
+    <goto step="4" />
+  </check>
+</step>
+<step n="5" goal="Gather root cause hypothesis and affected files">
+  <ask>What is your root cause hypothesis? (optional — press Enter to skip; e.g., "Null check missing in validateUser()")</ask>
+  <action>Store as {{root_cause}} (empty string if skipped)</action>
+  <ask>What files are affected? (optional — comma-separated paths relative to repo root, press Enter to skip)</ask>
+  <action>Store as {{affected_files}} (empty string if skipped)</action>
+  <action>If provided, split by comma and trim whitespace to form a list of file paths</action>
+  <ask>Is there a suggested fix? (optional — brief description or press Enter to skip)</ask>
+  <action>Store as {{suggested_fix}} (empty string if skipped)</action>
+</step>
+<step n="6" goal="Confirm all bug details before writing">
+  <action>Derive {{title_slug}} by converting {{bug_title}} to lowercase kebab-case:
+    - Convert to lowercase
+    - Replace spaces and underscores with hyphens
+    - Remove characters that are not alphanumeric or hyphens
+    - Collapse consecutive hyphens into one
+    - Trim leading/trailing hyphens
+  </action>
+  <action>Set {{output_file}} = `_bmad-output/implementation-artifacts/bug-{{title_slug}}.md`</action>
+  <output>
+## Bug Story Summary — Please Confirm
+- **Title:** {{bug_title}}
+- **Severity:** {{severity}}
+- **Bug Type:** {{bug_type}}
+- **Version Found:** {{version_found}} *(empty if skipped)*
+- **Affected Component:** {{affected_component}}
+- **Reproduction Steps:** {{reproduction_steps}}
+- **Expected Behavior:** {{expected_behavior}}
+- **Actual Behavior:** {{actual_behavior}}
+- **Root Cause Hypothesis:** {{root_cause}} *(empty if skipped)*
+- **Affected Files:** {{affected_files}} *(empty if skipped)*
+- **Suggested Fix:** {{suggested_fix}} *(empty if skipped)*
+- **Output File:** `{{output_file}}`
+  </output>
+  <ask>Confirm creation? [y] Yes / [n] Cancel / [e] Edit a field:</ask>
+  <check if="user selects 'e'">
+    <ask>Which field to edit? (title / severity / component / steps / expected / actual / version / bug-type / root-cause / files / fix)</ask>
+    <check if="field == 'title' OR field == 'severity'"><goto step="1" /></check>
+    <check if="field == 'component' OR field == 'steps'"><goto step="2" /></check>
+    <check if="field == 'expected' OR field == 'actual'"><goto step="3" /></check>
+    <check if="field == 'version' OR field == 'bug-type'"><goto step="4" /></check>
+    <check if="field == 'root-cause' OR field == 'files' OR field == 'fix'"><goto step="5" /></check>
+    <check if="none of the above matched">
+      <output>❌ Unrecognized field. Valid options: title / severity / component / steps / expected / actual / version / bug-type / root-cause / files / fix</output>
+      <goto step="6" />
+    </check>
+  </check>
+  <check if="user selects 'n'">
+    <output>❌ Bug story creation cancelled.</output>
+    <action>Exit workflow</action>
+  </check>
+</step>
+<step n="7" goal="Write bug story file">
+  <action>Check if {{output_file}} already exists</action>
+  <check if="file already exists">
+    <output>⚠️ A bug story already exists at `{{output_file}}`.</output>
+    <ask>Overwrite? [y] Yes — overwrite existing / [n] Cancel / [s] Save with unique suffix (e.g. bug-{{title_slug}}-2.md):</ask>
+    <check if="user selects 's'">
+      <action>Find the next available suffix: try bug-{{title_slug}}-2.md, -3.md, etc. until a filename that does not exist is found. Set {{output_file}} to that path.</action>
+    </check>
+    <check if="user selects 'n'">
+      <output>❌ Bug story creation cancelled to preserve existing file.</output>
+      <action>Exit workflow</action>
+    </check>
+  </check>
+  <action>Write bug story to {{output_file}} using the template below.
+    CRITICAL: The YAML frontmatter block MUST be the very first content in the file — no blank lines, no title, nothing before the opening `---`.
+    Format optional fields (root_cause, affected_files, suggested_fix) as follows:
+      - If {{root_cause}} is empty, write: `_Not identified_`
+      - If {{affected_files}} is empty, write: `_Unknown_`; otherwise list each file as a `- path/to/file` bullet
+      - If {{suggested_fix}} is empty, omit the Suggested Fix section entirely
+  </action>
+  <action>Write file with this exact structure:
+```
+---
+type: bug
+status: backlog
+severity: {{severity}}
+bug_type: {{bug_type}}
+version_found: {{version_found}}
+title: {{bug_title}}
+---
+# Bug: {{bug_title}}
+**Severity:** {{severity}}
+**Affected Component:** {{affected_component}}
+## Reproduction Steps
+{{reproduction_steps}}
+## Expected Behavior
+{{expected_behavior}}
+## Actual Behavior
+{{actual_behavior}}
+## Root Cause Hypothesis
+{{root_cause or "_Not identified_"}}
+## Affected Files
+{{affected_files list or "_Unknown_"}}
+## Suggested Fix
+{{suggested_fix — omit section if empty}}
+## Notes
+- Created via `create-bug-story` workflow
+- Discoverable by sprint workflows via glob: `_bmad-output/implementation-artifacts/bug-*.md`
+- To add to a sprint, run `/add-to-sprint`
+```
+  </action>
+  <output>
+✅ **Bug story created successfully!**
+- **File:** `{{output_file}}`
+- **Title:** {{bug_title}}
+- **Severity:** {{severity}}
+- **Bug Type:** {{bug_type}}
+- **Component:** {{affected_component}}
+  </output>
+</step>
+<step n="8" goal="Add bug entry to backlog.yaml">
+  <action>Check if `_bmad-output/implementation-artifacts/backlog.yaml` exists</action>
+  <check if="backlog.yaml exists">
+    <action>Read `_bmad-output/implementation-artifacts/backlog.yaml`</action>
+    <action>Determine the next priority number by finding the highest existing priority value and adding 1</action>
+    <action>Append a new entry at the end of the backlog items list with the following format:
+```yaml
+- id: "BUG-{{title_slug}}"
+  type: bug
+  epic: null
+  title: "{{bug_title}}"
+  priority: N
+  status: backlog
+  sprint: null
+  severity: {{severity}}
+```
+    Where N is the next priority number.
+    </action>
+    <action>Re-number all priorities sequentially (1, 2, 3, ...) from top to bottom to ensure no gaps</action>
+    <action>Write the updated backlog.yaml back to disk</action>
+    <output>
+📋 **Backlog updated!** Added `BUG-{{title_slug}}` to `_bmad-output/implementation-artifacts/backlog.yaml` with priority {{N}}.
+    </output>
+  </check>
+  <check if="backlog.yaml does not exist">
+    <output>
+ℹ️ No `backlog.yaml` found at `_bmad-output/implementation-artifacts/backlog.yaml`.
+Run `/generate-backlog` to create a backlog that will include this bug story.
+    </output>
+  </check>
+  <output>
+**Next Steps:**
+- Use `/add-to-sprint` to assign this bug to the current sprint
+- Use `/sprint-status-view` to see all sprint items including this bug
+- To detect more bugs, ensure the `auto-bug-detection` skill is loaded in your session
+  </output>
+</step>
+</workflow>

package/.opencode/skills/create-bug-story/bmad-skill-manifest.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+type: skill
+name: create-bug-story
+module: ma-skills

package/.opencode/skills/cyber-generate-certs/.gitkeep ADDED Viewed

File without changes

package/.opencode/skills/cyber-generate-certs/SKILL.md ADDED Viewed

@@ -0,0 +1,27 @@
+---
+name: cyber-generate-certs
+description: Generate self-signed certificates using the self-signed-cert skill
+type: skill
+triggers:
+  - "generate certs"
+  - "generate certificates"
+---
+# workflow-generate-certs.md
+# Secure Certificate Generation Workflow
+Automated workflow for generating self-signed certificates using the `self-signed-cert` skill.
+## Instructions
+1.  **Load Skill**: Activate the `self-signed-cert` skill instructions.
+2.  **Requirement Analysis**: Determine common name (CN) and Subject Alternative Names (SANs).
+3.  **Execution**:
+    - **Linux/macOS**:
+        - `bash scripts/generate-cert.sh root my-internal-ca`
+        - `bash scripts/generate-cert.sh cert my-service localhost`
+    - **Windows**:
+        - `.\scripts\generate-cert.ps1 -Type root -Name my-internal-ca`
+        - `.\scripts\generate-cert.ps1 -Type cert -Name my-service -Dns localhost`
+4.  **Packaging**: Provide instructions for importing the cert into trust stores (OS, Browsers) or mounting in Kubernetes secrets.
+5.  **Security**: Ensure private keys are stored with restricted permissions (600).
+6.  **Rotation**: Offer a schedule for certificate renewal.

package/.opencode/skills/cyber-generate-certs/bmad-skill-manifest.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+type: skill
+name: cyber-generate-certs
+module: ma-skills

package/.opencode/skills/cyber-immunity-estimation/.gitkeep ADDED Viewed

File without changes

package/.opencode/skills/cyber-immunity-estimation/SKILL.md ADDED Viewed

@@ -0,0 +1,29 @@
+---
+name: cyber-immunity-estimation
+description: Assess overall security posture and immunity against common attack vectors
+type: skill
+triggers:
+  - "immunity estimation"
+  - "security posture"
+---
+# workflow-immunity-estimation.md
+# Cyber Immunity Estimation Workflow
+Assesses the overall security posture and 'immunity' of the system against common attack vectors.
+## Instructions
+1.  **Attack Surface Analysis**: Identify all entry points (APIs, UI, SSH, 3rd party integrations).
+2.  **Control Verification**:
+    - Authentication/Authorization presence.
+    - Encryption in transit and at rest.
+    - Secret management maturity (Hardcoded vs Vault).
+3.  **Posture Scoring**: Rate 1-10 on:
+    - Code quality/Sanitization.
+    - Dependency health.
+    - Infrastructure hardening.
+    - Visibility/Logging.
+4.  **Immunity Report**:
+    - Summarize major gaps.
+    - Provide a roadmap for reach 'Immunity Level 5' (Robust).
+5.  **Verification**: Recommend automated regression tests for security controls.

package/.opencode/skills/cyber-immunity-estimation/bmad-skill-manifest.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+type: skill
+name: cyber-immunity-estimation
+module: ma-skills

package/.opencode/skills/cyber-security-audit/.gitkeep ADDED Viewed

File without changes

package/.opencode/skills/cyber-security-audit/SKILL.md ADDED Viewed

@@ -0,0 +1,27 @@
+---
+name: cyber-security-audit
+description: Comprehensive security audit of infrastructure and application configuration
+type: skill
+triggers:
+  - "security audit"
+  - "run security audit"
+---
+# workflow-security-audit.md
+# Comprehensive Security Audit Workflow
+Deep-dive audit of infrastructure and application configuration.
+## Instructions
+1.  **Infrastructure Audit**:
+    - **K8s**: Check for privileged containers, missing network policies, root users.
+    - **Docker**: Check for exposed ports, unnecessary packages in images.
+2.  **Code Audit**:
+    - Static Analysis (SAST) for common patterns (SQLi, XSS).
+    - Check for insecure defaults in frameworks.
+3.  **Identity Audit**:
+    - Review ServiceAccount permissions (RBAC).
+    - Check for hard-coded credentials.
+4.  **Final Recommendation**:
+    - Provide a prioritized list of hardening tasks.
+    - Propose CIDCD guardrails.

package/.opencode/skills/cyber-security-audit/bmad-skill-manifest.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+type: skill
+name: cyber-security-audit
+module: ma-skills

package/.opencode/skills/cyber-vault-secrets/.gitkeep ADDED Viewed

File without changes

package/.opencode/skills/cyber-vault-secrets/SKILL.md ADDED Viewed

@@ -0,0 +1,28 @@
+---
+name: cyber-vault-secrets
+description: Manage secrets, policies, and authentication in HashiCorp Vault
+type: skill
+triggers:
+  - "vault secrets"
+  - "manage vault"
+---
+# workflow-vault-secrets.md
+# HashiCorp Vault Secret Management Workflow
+This workflow guides the agent through managing secrets, policies, and authentication in HashiCorp Vault.
+## Instructions
+1.  **Check Connection**: Verify `vault status` and authentication.
+2.  **Secret Creation/Update**:
+    - `vault kv put secret/{path} {key}={value}`
+    - Ensure secrets are never logged or echoed in plain text.
+3.  **Policy Management**:
+    - Define HCL policies for restricted access.
+    - `vault policy write {name} {policy_file}`
+4.  **Integration**:
+    - Manage Kubernetes auth method: `vault auth enable kubernetes`
+    - Setup Vault Agent injector configurations.
+5.  **Audit**:
+    - Check for expired tokens or orphaned secrets.
+    - Review access logs if available.

package/.opencode/skills/cyber-vault-secrets/bmad-skill-manifest.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+type: skill
+name: cyber-vault-secrets
+module: ma-skills

package/.opencode/skills/cyber-verify-docker-users/.gitkeep ADDED Viewed

File without changes

package/.opencode/skills/cyber-verify-docker-users/SKILL.md ADDED Viewed

@@ -0,0 +1,23 @@
+---
+name: cyber-verify-docker-users
+description: Audit Docker images for proper user management and least privilege
+type: skill
+triggers:
+  - "verify docker users"
+  - "docker user audit"
+---
+# verify-docker-users.md
+# Docker User & Hardening Verification Workflow
+This workflow guides the Cyber agent through auditing Docker images for proper user management and least privilege.
+## Instructions
+1.  **Inspect Metadata**:
+    - Use the `docker-hardening-verification` skill.
+    - Run: `bash skills/docker-hardening-verification/scripts/verify-hardening.sh {image_name}`.
+2.  **Audit Result Analysis**:
+    - **UID Check**: Confirm the defined user is non-zero.
+    - **Permissive Files**: Scan for world-writable files in common paths (/tmp, /etc, /var).
+3.  **Governance Check**: Ensure the image follows OpenShift/hardened cluster requirements (no root, arbitrary UID support).
+4.  **Reporting**: provide a high-level summary of hardening quality and mandatory fixes.

package/.opencode/skills/cyber-verify-docker-users/bmad-skill-manifest.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+type: skill
+name: cyber-verify-docker-users
+module: ma-skills

package/.opencode/skills/cyber-verify-image-signature/.gitkeep ADDED Viewed

File without changes

package/.opencode/skills/cyber-verify-image-signature/SKILL.md ADDED Viewed

@@ -0,0 +1,22 @@
+---
+name: cyber-verify-image-signature
+description: Verify Docker image signatures for supply chain security
+type: skill
+triggers:
+  - "verify image signature"
+  - "check image signature"
+---
+# verify-image-signature.md
+# Docker Image Signature Verification Workflow
+This workflow guides the Cyber agent through verifying that a Docker image has been properly signed.
+## Instructions
+1.  **Identify Image**: Get the image name and digest.
+2.  **Locate Public Key**: Obtain the public key or certificate used for signing.
+3.  **Execute Verification**:
+    - Use `cosign verify --key {public_key} {image_digest}`.
+    - Check the output for valid signatures.
+4.  **Policy Compliance**: Verify if the signing entity (certificate CN) matches the expected trusted authorities.
+5.  **Report**: Alert the user if the image is unsigned or the signature is invalid.

package/.opencode/skills/cyber-verify-image-signature/bmad-skill-manifest.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+type: skill
+name: cyber-verify-image-signature
+module: ma-skills

package/.opencode/skills/cyber-vulnerability-scan/.gitkeep ADDED Viewed

File without changes

package/.opencode/skills/cyber-vulnerability-scan/SKILL.md ADDED Viewed

@@ -0,0 +1,28 @@
+---
+name: cyber-vulnerability-scan
+description: Orchestrate comprehensive vulnerability scanning across tech stacks
+type: skill
+triggers:
+  - "vulnerability scan"
+  - "run vulnerability scan"
+---
+# workflow-vulnerability-scan.md
+# ma-agents Vulnerability Scan Orchestration
+Orchestrates multiple security-focused skills from the `ma-agents` package to provide a comprehensive security scan.
+## Instructions
+1.  **Select Scanners**: Based on project tech stack, trigger:
+    - **JS/TS**: `js-ts-security-skill`
+    - **Python**: `python-security-skill`
+    - **Docker**: `verify-hardened-docker-skill`
+2.  **Run Tools**:
+    - Execute `npm audit` or `yarn audit`.
+    - Run `pip-audit` for Python environments.
+    - Run `trivy image {image}` for containers.
+3.  **Aggregate Results**: Collect all findings into a unified report.
+4.  **Prioritization**: Rank vulnerabilities by CVSS score and exploitability.
+5.  **Remediation**:
+    - Propose version upgrades.
+    - Propose configuration hardening steps.

package/.opencode/skills/cyber-vulnerability-scan/bmad-skill-manifest.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+type: skill
+name: cyber-vulnerability-scan
+module: ma-skills

package/.opencode/skills/devops-configure-infrastructure/.gitkeep ADDED Viewed

File without changes

package/.opencode/skills/devops-configure-infrastructure/SKILL.md ADDED Viewed

@@ -0,0 +1,27 @@
+---
+name: devops-configure-infrastructure
+description: Define and configure core infrastructure components in Kubernetes
+type: skill
+triggers:
+  - "configure infrastructure"
+  - "infrastructure configuration"
+---
+# workflow-configure-infrastructure.md
+# Infrastructure Configuration Workflow
+This workflow focuses on defining and configuring core infrastructure components in a Kubernetes environment.
+## Instructions
+1.  **Storage Definition**:
+    - Define `PersistentVolume` (PV) with appropriate access modes and storage classes.
+    - Define `PersistentVolumeClaim` (PVC) for application workloads.
+2.  **Networking**:
+    - Configure `Service` type `LoadBalancer` or `Ingress` controllers.
+    - Define `NetworkPolicies` for secure communication.
+3.  **Disconnected Environments**:
+    - Provide templates for local storage provisioners (e.g., hostPath, Local Persistent Volumes).
+    - Configure static IP assignments for on-prem load balancers.
+4.  **Validation**:
+    - Verify binding status: `kubectl get pv,pvc`
+    - Verify endpoint availability: `kubectl get endpoints`

package/.opencode/skills/devops-configure-infrastructure/bmad-skill-manifest.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+type: skill
+name: devops-configure-infrastructure
+module: ma-skills

package/.opencode/skills/devops-disconnected-deployment/.gitkeep ADDED Viewed

File without changes

package/.opencode/skills/devops-disconnected-deployment/SKILL.md ADDED Viewed

@@ -0,0 +1,27 @@
+---
+name: devops-disconnected-deployment
+description: Deploy applications in air-gapped or restricted on-prem environments
+type: skill
+triggers:
+  - "disconnected deployment"
+  - "air-gapped deployment"
+---
+# workflow-disconnected-deployment.md
+# Disconnected Environment Deployment Workflow
+Strategies and actions for deploying applications in air-gapped or restricted on-prem environments.
+## Instructions
+1.  **Dependency Gathering**:
+    - Identify all required container images.
+    - Export images: `docker save {image_list} | gzip > images.tar.gz`
+    - Package Helm charts: `helm package {chart_path}`
+2.  **Target Readiness**:
+    - Verify local registry availability.
+    - Import images: `docker load < images.tar.gz`
+3.  **Deployment**:
+    - Use `--set image.repository={local_registry}/{repo}` for Helm.
+    - Verify offline connectivity between components.
+4.  **Troubleshooting**:
+    - Check for 'ImagePullBackOff' due to incorrect registry paths.

package/.opencode/skills/devops-disconnected-deployment/bmad-skill-manifest.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+type: skill
+name: devops-disconnected-deployment
+module: ma-skills

package/.opencode/skills/devops-docker-compose-setup/.gitkeep ADDED Viewed

File without changes

package/.opencode/skills/devops-docker-compose-setup/SKILL.md ADDED Viewed

@@ -0,0 +1,26 @@
+---
+name: devops-docker-compose-setup
+description: Multi-container orchestration using Docker Compose for development and on-prem
+type: skill
+triggers:
+  - "docker compose setup"
+  - "docker compose"
+---
+# workflow-docker-compose-setup.md
+# Docker Compose Management Workflow
+This workflow handles multi-container orchestration using Docker Compose, optimized for development and on-prem deployments.
+## Instructions
+1.  **Define Services**: Map application components to Docker services.
+2.  **Environment Sync**: Setup `.env` file management for different environments (on-prem, dev).
+3.  **Disconnected Operations**:
+    - Build images with `--pull=false` if registry is unavailable.
+    - Use local image tags.
+4.  **Orchestration**:
+    - Setup dependencies with `depends_on` and health checks.
+    - Configure volumes for persistence.
+5.  **Execution**:
+    - `docker-compose up -d`
+    - `docker-compose ps`

package/.opencode/skills/devops-docker-compose-setup/bmad-skill-manifest.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+type: skill
+name: devops-docker-compose-setup
+module: ma-skills

package/.opencode/skills/devops-manage-helm/.gitkeep ADDED Viewed

File without changes

package/.opencode/skills/devops-manage-helm/SKILL.md ADDED Viewed

@@ -0,0 +1,28 @@
+---
+name: devops-manage-helm
+description: Create and manage Helm charts and Helm umbrellas for complex systems
+type: skill
+triggers:
+  - "manage helm"
+  - "helm chart"
+---
+# workflow-manage-helm.md
+# Helm Management Workflow
+This workflow handles the creation and management of Helm charts and Helm umbrellas for complex systems.
+## Instructions
+1.  **Analyze System**: Determine if a single chart or an umbrella chart (multiple sub-charts) is needed.
+2.  **Chart Creation**:
+    - `helm create {chart_name}`
+    - Structure for disconnected environments: Ensure all chart dependencies are bundled (vendorized).
+3.  **Helm Umbrella Setup**:
+    - Configure `Chart.yaml` with sub-chart dependencies.
+    - Setup `values.yaml` to override sub-chart values.
+4.  **On-prem Optimization**:
+    - Prepare `chart-save` and `chart-load` routines for air-gapped systems.
+    - Configure local registry mirrors.
+5.  **Validation**:
+    - `helm lint {chart_path}`
+    - `helm template {chart_path}`

package/.opencode/skills/devops-manage-helm/bmad-skill-manifest.yaml ADDED Viewed

@@ -0,0 +1,3 @@
+type: skill
+name: devops-manage-helm
+module: ma-skills

package/.opencode/skills/devops-sign-docker-image/.gitkeep ADDED Viewed

File without changes