oh-my-customcode 0.1.1 → 0.1.3

package/templates/agents/infra-engineer/aws-expert/refs/aws-best-practices/SKILL.md

@@ -0,0 +1,279 @@
+# AWS Best Practices Skill
+
+> **Category**: Infrastructure
+> **Source**: Internal (based on AWS Well-Architected Framework)
+
+## Purpose
+
+Apply AWS patterns for building scalable, secure, and cost-effective cloud infrastructure.
+
+## Well-Architected Framework Pillars
+
+### 1. Operational Excellence
+
+```yaml
+principles:
+  - Perform operations as code
+  - Make frequent, small, reversible changes
+  - Refine operations procedures frequently
+  - Anticipate failure
+  - Learn from all operational failures
+
+practices:
+  - Use CloudFormation/CDK for IaC
+  - Implement CI/CD pipelines
+  - Use CloudWatch for monitoring
+  - Set up alarms and dashboards
+  - Document runbooks
+```
+
+### 2. Security
+
+```yaml
+principles:
+  - Implement strong identity foundation
+  - Enable traceability
+  - Apply security at all layers
+  - Automate security best practices
+  - Protect data in transit and at rest
+  - Keep people away from data
+  - Prepare for security events
+
+iam:
+  - Use least privilege principle
+  - Never use root account for daily tasks
+  - Enable MFA for all users
+  - Use IAM roles for services
+  - Rotate credentials regularly
+
+patterns: |
+  # IAM Policy - Least Privilege
+  {
+    "Version": "2012-10-17",
+    "Statement": [{
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetObject",
+        "s3:PutObject"
+      ],
+      "Resource": "arn:aws:s3:::my-bucket/*",
+      "Condition": {
+        "IpAddress": {
+          "aws:SourceIp": "10.0.0.0/8"
+        }
+      }
+    }]
+  }
+```
+
+### 3. Reliability
+
+```yaml
+principles:
+  - Automatically recover from failure
+  - Test recovery procedures
+  - Scale horizontally
+  - Stop guessing capacity
+  - Manage change through automation
+
+practices:
+  - Multi-AZ deployments
+  - Auto Scaling groups
+  - Health checks and self-healing
+  - Backup and disaster recovery
+  - Loose coupling with queues
+
+patterns:
+  high_availability: |
+    # Multi-AZ RDS
+    - Primary in us-east-1a
+    - Standby in us-east-1b
+    - Read replicas in us-east-1c
+
+  auto_scaling: |
+    # Target tracking scaling
+    - Metric: CPUUtilization
+    - Target: 70%
+    - Min: 2, Max: 10
+```
+
+### 4. Performance Efficiency
+
+```yaml
+principles:
+  - Democratize advanced technologies
+  - Go global in minutes
+  - Use serverless architectures
+  - Experiment more often
+  - Consider mechanical sympathy
+
+compute:
+  - Right-size instances
+  - Use Spot for fault-tolerant workloads
+  - Consider Graviton (ARM) processors
+  - Containerize with ECS/EKS
+
+storage:
+  - Use appropriate storage class
+  - S3 Intelligent-Tiering for variable access
+  - EBS volume types based on IOPS needs
+
+database:
+  - Aurora for MySQL/PostgreSQL
+  - DynamoDB for key-value/document
+  - ElastiCache for caching
+```
+
+### 5. Cost Optimization
+
+```yaml
+principles:
+  - Implement cloud financial management
+  - Adopt consumption model
+  - Measure overall efficiency
+  - Stop spending on undifferentiated heavy lifting
+  - Analyze and attribute expenditure
+
+practices:
+  - Use Reserved Instances/Savings Plans
+  - Right-size resources
+  - Delete unused resources
+  - Use Spot Instances
+  - Implement auto scaling
+
+tools:
+  - AWS Cost Explorer
+  - AWS Budgets
+  - AWS Trusted Advisor
+  - Cost Allocation Tags
+```
+
+### 6. Sustainability
+
+```yaml
+principles:
+  - Understand your impact
+  - Establish sustainability goals
+  - Maximize utilization
+  - Anticipate and adopt more efficient offerings
+  - Use managed services
+  - Reduce downstream impact
+
+practices:
+  - Use efficient instance types (Graviton)
+  - Optimize storage lifecycle
+  - Use serverless where possible
+  - Select regions with lower carbon intensity
+```
+
+## Common Patterns
+
+### VPC Design
+
+```yaml
+pattern: |
+  VPC (10.0.0.0/16)
+  ├── Public Subnets
+  │   ├── us-east-1a: 10.0.1.0/24
+  │   ├── us-east-1b: 10.0.2.0/24
+  │   └── us-east-1c: 10.0.3.0/24
+  ├── Private Subnets (App)
+  │   ├── us-east-1a: 10.0.11.0/24
+  │   ├── us-east-1b: 10.0.12.0/24
+  │   └── us-east-1c: 10.0.13.0/24
+  └── Private Subnets (Data)
+      ├── us-east-1a: 10.0.21.0/24
+      ├── us-east-1b: 10.0.22.0/24
+      └── us-east-1c: 10.0.23.0/24
+
+components:
+  - Internet Gateway (public access)
+  - NAT Gateway (private outbound)
+  - VPC Endpoints (AWS services)
+  - Network ACLs (subnet level)
+  - Security Groups (instance level)
+```
+
+### Three-Tier Architecture
+
+```yaml
+pattern: |
+  [Internet]
+      │
+  [CloudFront]
+      │
+  [ALB] ← Public Subnet
+      │
+  [ECS/EC2] ← Private Subnet (App)
+      │
+  [RDS Multi-AZ] ← Private Subnet (Data)
+
+components:
+  web_tier:
+    - CloudFront for CDN
+    - WAF for protection
+    - ALB for load balancing
+
+  app_tier:
+    - ECS Fargate or EC2
+    - Auto Scaling
+    - ElastiCache
+
+  data_tier:
+    - RDS Multi-AZ
+    - Read Replicas
+    - Automated backups
+```
+
+### Serverless Pattern
+
+```yaml
+pattern: |
+  [API Gateway]
+      │
+  [Lambda] → [DynamoDB]
+      │
+  [SQS] → [Lambda] → [S3]
+
+components:
+  - API Gateway for REST/HTTP APIs
+  - Lambda for compute
+  - DynamoDB for NoSQL
+  - SQS for decoupling
+  - S3 for storage
+  - Step Functions for orchestration
+```
+
+### CI/CD Pipeline
+
+```yaml
+pattern: |
+  [CodeCommit/GitHub]
+      │
+  [CodePipeline]
+      │
+  ├── [CodeBuild] - Build & Test
+  │
+  ├── [ECR] - Container Registry
+  │
+  └── [CodeDeploy/ECS] - Deploy
+
+practices:
+  - Blue/Green deployments
+  - Canary releases
+  - Automated rollback
+  - Infrastructure as Code
+```
+
+## Application
+
+When designing AWS architecture:
+
+1. **Always** follow least privilege for IAM
+2. **Always** use Multi-AZ for production
+3. **Always** encrypt data at rest and in transit
+4. **Prefer** managed services over self-managed
+5. **Implement** monitoring and alerting
+6. **Use** IaC for all infrastructure
+7. **Design** for failure
+8. **Optimize** costs continuously

package/templates/agents/infra-engineer/aws-expert/refs/aws-best-practices/index.yaml

@@ -0,0 +1,27 @@
+# AWS Best Practices Skill
+
+metadata:
+  name: aws-best-practices
+  category: infrastructure
+  description: AWS patterns from Well-Architected Framework
+
+source:
+  type: internal
+  reference:
+    - https://docs.aws.amazon.com/wellarchitected/latest/framework/welcome.html
+    - https://docs.aws.amazon.com/
+    - https://aws.amazon.com/architecture/
+
+provides:
+  - Well-Architected Framework pillars
+  - Security best practices
+  - Reliability patterns
+  - Performance optimization
+  - Cost optimization
+  - VPC design patterns
+  - Three-tier architecture
+  - Serverless patterns
+  - CI/CD pipelines
+
+used_by:
+  - aws-expert

package/templates/agents/infra-engineer/docker-expert/refs/docker/compose-best-practices.md

@@ -0,0 +1,284 @@
+# Docker Compose Best Practices
+
+> Source: https://docs.docker.com/compose/compose-file/best-practices/
+
+## File Structure
+
+```yaml
+version: "3.8"
+
+services:
+  # Application services
+  app:
+    ...
+
+  # Infrastructure services
+  db:
+    ...
+
+volumes:
+  # Named volumes
+
+networks:
+  # Custom networks
+```
+
+## Service Configuration
+
+### Build Configuration
+
+```yaml
+services:
+  app:
+    build:
+      context: .
+      dockerfile: Dockerfile
+      target: production
+      args:
+        - NODE_ENV=production
+```
+
+### Environment Variables
+
+```yaml
+services:
+  app:
+    # From file
+    env_file:
+      - .env
+      - .env.local
+
+    # Inline
+    environment:
+      - DATABASE_URL=${DATABASE_URL}
+      - NODE_ENV=production
+```
+
+### Dependencies
+
+```yaml
+services:
+  app:
+    depends_on:
+      db:
+        condition: service_healthy
+      redis:
+        condition: service_started
+```
+
+### Health Checks
+
+```yaml
+services:
+  db:
+    image: postgres:16
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+      start_period: 30s
+```
+
+### Resource Limits
+
+```yaml
+services:
+  app:
+    deploy:
+      resources:
+        limits:
+          cpus: "1"
+          memory: 512M
+        reservations:
+          cpus: "0.5"
+          memory: 256M
+```
+
+## Volumes
+
+### Named Volumes
+
+```yaml
+services:
+  db:
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+
+volumes:
+  postgres_data:
+    driver: local
+```
+
+### Bind Mounts (Development)
+
+```yaml
+services:
+  app:
+    volumes:
+      - ./src:/app/src:ro
+      - ./config:/app/config:ro
+```
+
+## Networks
+
+### Custom Networks
+
+```yaml
+services:
+  app:
+    networks:
+      - frontend
+      - backend
+
+  db:
+    networks:
+      - backend
+
+networks:
+  frontend:
+  backend:
+    internal: true
+```
+
+## Multiple Environments
+
+### Override Files
+
+```bash
+# Base configuration
+docker-compose.yml
+
+# Development overrides
+docker-compose.override.yml
+
+# Production overrides
+docker-compose.prod.yml
+
+# Usage
+docker compose -f docker-compose.yml -f docker-compose.prod.yml up
+```
+
+### Example: Production
+
+```yaml
+# docker-compose.prod.yml
+services:
+  app:
+    build:
+      target: production
+    restart: always
+    deploy:
+      replicas: 3
+      resources:
+        limits:
+          cpus: "1"
+          memory: 1G
+
+  db:
+    restart: always
+    volumes:
+      - /mnt/data/postgres:/var/lib/postgresql/data
+```
+
+### Example: Development
+
+```yaml
+# docker-compose.override.yml
+services:
+  app:
+    build:
+      target: development
+    volumes:
+      - ./src:/app/src
+    environment:
+      - DEBUG=true
+    ports:
+      - "3000:3000"
+      - "9229:9229"  # debugger
+```
+
+## Complete Example
+
+```yaml
+version: "3.8"
+
+services:
+  app:
+    build:
+      context: .
+      target: production
+    restart: unless-stopped
+    environment:
+      - DATABASE_URL=postgresql://user:pass@db:5432/myapp
+      - REDIS_URL=redis://redis:6379
+    ports:
+      - "8080:8080"
+    depends_on:
+      db:
+        condition: service_healthy
+      redis:
+        condition: service_started
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+    deploy:
+      resources:
+        limits:
+          cpus: "2"
+          memory: 1G
+    networks:
+      - frontend
+      - backend
+
+  db:
+    image: postgres:16-alpine
+    restart: unless-stopped
+    environment:
+      - POSTGRES_USER=user
+      - POSTGRES_PASSWORD=pass
+      - POSTGRES_DB=myapp
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U user -d myapp"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    networks:
+      - backend
+
+  redis:
+    image: redis:7-alpine
+    restart: unless-stopped
+    command: redis-server --appendonly yes
+    volumes:
+      - redis_data:/data
+    networks:
+      - backend
+
+  nginx:
+    image: nginx:1.25-alpine
+    restart: unless-stopped
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - ./nginx.conf:/etc/nginx/nginx.conf:ro
+      - ./certs:/etc/nginx/certs:ro
+    depends_on:
+      - app
+    networks:
+      - frontend
+
+volumes:
+  postgres_data:
+  redis_data:
+
+networks:
+  frontend:
+  backend:
+    internal: true
+```