Agent skill
modular-release-pipelines
Automate version management and changelog generation with smart builds. Only build changed components using GitHub App tokens and release-please integration.
Install this agent skill to your Project
npx add-skill https://github.com/adaptive-enforcement-lab/claude-skills/tree/main/plugins/build/skills/modular-release-pipelines
SKILL.md
Modular Release Pipelines
When to Use This Skill
This guide covers implementing release automation with:
- Release-please for version bumping and changelog generation
- GitHub App authentication for proper workflow triggering
- Change detection to skip unnecessary builds
- Cascade rebuilds when shared dependencies change
flowchart LR
subgraph release[Release Pipeline]
Main[Push to Main] --> AppToken[GitHub App Token]
AppToken --> RP[Release-Please]
RP --> PR[Creates PR]
end
subgraph build[Build Pipeline]
PR -->|pull_request event| DC[Detect Changes]
DC --> Test[Test]
Test --> Build[Build]
Build --> Status[Build Status]
end
%% Ghostty Hardcore Theme
style Main fill:#65d9ef,color:#1b1d1e
style AppToken fill:#9e6ffe,color:#1b1d1e
style RP fill:#9e6ffe,color:#1b1d1e
style PR fill:#fd971e,color:#1b1d1e
style DC fill:#fd971e,color:#1b1d1e
style Test fill:#9e6ffe,color:#1b1d1e
style Build fill:#a7e22e,color:#1b1d1e
style Status fill:#5e7175,color:#f8f8f3
Prerequisites
Before implementing release pipelines, set up a GitHub App for your organization:
- GitHub App Setup - Create and configure the App
- Token Generation - Generate tokens in workflows
Implementation
- Set up GitHub App for your organization
- Configure release-please with App token
- Set up change detection for your components
- Handle protected branches if applicable
Examples
See examples.md for code examples.
Related Patterns
- GitHub App Setup
- Idempotency Patterns
- Three-Stage Design
References
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
github-token-permissions-overview
Understanding GITHUB_TOKEN scope, default permissions, and implementing least-privilege principle for GitHub Actions workflows.
secure
Find and fix security issues before they become incidents. Vulnerability scanning, SBOM generation, supply chain security, and secure authentication workflows.
complete-workflow-examples
Copy-paste hardened CI/CD workflows with SHA-pinned actions, minimal GITHUB_TOKEN permissions, OIDC authentication, and comprehensive security scanning for GitHub Actions.
ephemeral-runner-patterns
Disposable runner patterns for GitHub Actions. Container-based, VM-based, and ARC deployment strategies with complete state isolation between jobs.
action-pinning-overview
Why pinning GitHub Actions to SHA-256 commits matters for supply chain security. Attack vectors from unpinned actions and comparison of tag vs SHA pinning.
github-actions-security-patterns-hub
Complete security patterns for GitHub Actions covering action pinning, GITHUB_TOKEN permissions, third-party action risks, secret management, and runner security.
Didn't find tool you were looking for?