{"id":"b2231f81-2398-42f6-8b98-a8a5a443ff6f","shortId":"DJHpdn","kind":"skill","title":"sealos-deploy","tagline":"Deploy any GitHub project to Sealos Cloud in one command. Assesses readiness, generates Dockerfile, builds image, creates Sealos template, and deploys — fully automated. Use when user says \"deploy to sealos\", \"deploy this project\", \"deploy to cloud\", \"deploy this repo\", mentions ","description":"# Sealos Deploy\n\nDeploy any GitHub project to Sealos Cloud — from source code to running application, one command.\n\n## kubectl Safety Rules (all phases)\n\nAll kubectl commands MUST use the Sealos kubeconfig:\n```\nKUBECONFIG=~/.sealos/kubeconfig kubectl --insecure-skip-tls-verify\n```\n\nSystem tool installation requires user confirmation. If `docker`, `gh`, or `kubectl` is missing and the skill can install it for the current platform, ask first and only run the install command after the user explicitly replies `y`.\n\n**`kubectl delete` requires user confirmation.** Before deleting any resource (deployment, service, ingress, PVC, database, etc.), always ask:\n```\nWARNING: About to delete <resource kind>/<resource name>. This data cannot be recovered. Confirm? (y/n)\n```\nOnly proceed after user confirms. This applies even if the pipeline logic suggests deletion — always ask first.\n\n## Usage\n\n```\n/sealos-deploy <github-url>\n/sealos-deploy                    # deploy current project\n/sealos-deploy <local-path>\n```\n\n## Quick Start\n\nExecute the modules in order:\n\n1. `modules/preflight.md` — Environment checks & Sealos auth\n2. `modules/pipeline.md` — Full deployment pipeline (Phase 1–6)\n\n## Logging\n\nEvery run MUST write a log file at `~/.sealos/logs/deploy-<YYYYMMDD-HHmmss>.log`.\n\n**At the very start of execution**, create the log file **once**:\n```bash\nmkdir -p ~/.sealos/logs\nLOG_FILE=~/.sealos/logs/deploy-$(date +%Y%m%d-%H%M%S).log\necho \"[$(date '+%Y-%m-%d %H:%M:%S')] Deploy started\" > \"$LOG_FILE\"\n```\n\n**Important: create the log file ONLY ONCE at the start. All subsequent writes MUST append (`>>`) to this same `$LOG_FILE`. Do NOT create a second log file.**\n\n**At each phase boundary**, append a log entry to the same file with Bash `>>`:\n```\n[2026-03-05 14:30:01] === Phase 0: Preflight ===\n[2026-03-05 14:30:01] Docker: ✓ 27.5.1\n[2026-03-05 14:30:01] Node.js: ✓ 22.12.0\n[2026-03-05 14:30:02] Sealos auth: ✓ (region: <REGION from config.json>)\n[2026-03-05 14:30:02] Project: /Users/dev/myapp (github: https://github.com/owner/repo)\n\n[2026-03-05 14:30:03] === Phase 1: Assess ===\n[2026-03-05 14:30:03] Score: 9/12 (good)\n[2026-03-05 14:30:03] Language: python, Framework: fastapi, Port: 8000\n[2026-03-05 14:30:03] Decision: CONTINUE\n\n[2026-03-05 14:30:04] === Phase 2: Detect Image ===\n[2026-03-05 14:30:05] Docker Hub: owner/repo:latest (arm64 only, no amd64)\n[2026-03-05 14:30:05] GHCR: not found\n[2026-03-05 14:30:05] Decision: no amd64 image → continue to Phase 3\n\n[2026-03-05 14:30:06] === Phase 3: Dockerfile ===\n[2026-03-05 14:30:06] Existing Dockerfile: none\n[2026-03-05 14:30:07] Generated: python-fastapi template, port 8000\n\n[2026-03-05 14:30:08] === Phase 4: Build & Push ===\n[2026-03-05 14:30:08] Registry: ghcr (auto-detected via gh CLI)\n[2026-03-05 14:30:30] Build: ✓ ghcr.io/zhujingyang/repo:20260305-143022\n[2026-03-05 14:30:32] GHCR pullability: private package detected — deploy will auto-create image pull Secret from gh CLI\n[2026-03-05 14:30:33] IMAGE_REF=ghcr.io/zhujingyang/repo:20260305-143022\n\n[2026-03-05 14:30:34] === Phase 5: Template ===\n[2026-03-05 14:30:35] Output: .sealos/template/index.yaml\n\n[2026-03-05 14:30:36] === Phase 6: Deploy ===\n[2026-03-05 14:30:36] Deploy URL: https://template.gzg.sealos.run/api/v2alpha/templates/raw\n[2026-03-05 14:30:38] Status: 201 — deployed successfully\n[2026-03-05 14:30:38] === DONE ===\n```\n\n**On error**, log the error details before stopping:\n```\n[2026-03-05 14:30:10] === ERROR ===\n[2026-03-05 14:30:10] Phase: 4 (Build & Push)\n[2026-03-05 14:30:10] Error: docker buildx build failed — \"npm ERR! Missing script: build\"\n[2026-03-05 14:30:10] Retry: 1/3\n```\n\n**At the very end**, tell the user where the log is:\n```\nLog saved to: ~/.sealos/logs/deploy-20260305-143001.log\n```\n\n## Scripts\n\nLocated in `scripts/` within this skill directory (`<SKILL_DIR>/scripts/`):\n\n| Script | Usage | Purpose |\n|--------|-------|---------|\n| `score-model.mjs` | `node score-model.mjs <repo-dir>` | Deterministic readiness scoring (0-12) |\n| `validate-artifacts.mjs` | `node validate-artifacts.mjs --dir <work-dir>` | Validate `.sealos` JSON artifacts against enforced schemas |\n| `detect-image.mjs` | `node detect-image.mjs <github-url> [work-dir]` or `node detect-image.mjs <work-dir>` | Detect existing Docker/GHCR images |\n| `build-push.mjs` | `node build-push.mjs <work-dir> <repo> [--registry ghcr\\|dockerhub] [--user <user>]` | Build amd64 image & push to the selected registry (Docker Hub path assumes a public image at deploy time; omitting `--registry` keeps auto-detect behavior) |\n| `ensure-image-pull-secret.mjs` | `node ensure-image-pull-secret.mjs <namespace> <secret-name> <image-ref> [deployment-name]` | Create/update app-scoped GHCR pull Secret and optionally patch an existing Deployment to reference it |\n| `gh-refresh-scopes.mjs` | `node gh-refresh-scopes.mjs write:packages` | Refresh GHCR package access in the current TTY; `write:packages` is sufficient for both push and private pull in this workflow |\n| `deploy-template.mjs` | `node deploy-template.mjs <template-path> [--dry-run] [--args-json '{\"KEY\":\"value\"}'\\|--args-file <file>]` | Resolve the current region from `~/.sealos/auth.json`, build the correct Template API URL, and post a local template YAML |\n| `sealos-auth.mjs` | `node sealos-auth.mjs check\\|login\\|list\\|switch` | Sealos Cloud authentication & workspace switching |\n\nAll scripts output JSON. Run via Bash and parse the result.\n\n## Internal Skill Dependencies\n\nThis skill references knowledge files from co-installed internal skills. These are **not** user-facing — they are loaded on-demand during specific phases.\n\n`<SKILL_DIR>` refers to the directory containing this `SKILL.md`. Sibling skills are at `<SKILL_DIR>/../`:\n\n```\n<SKILL_DIR>/../\n├── sealos-deploy/           ← this skill (user entry point) = <SKILL_DIR>\n├── dockerfile-skill/        ← Phase 3: Dockerfile generation knowledge\n├── cloud-native-readiness/  ← Phase 1: assessment criteria\n└── docker-to-sealos/       ← Phase 5: Sealos template rules\n```\n\nPaths used in pipeline.md follow the pattern:\n```\n<SKILL_DIR>/../dockerfile-skill/knowledge/error-patterns.md\n<SKILL_DIR>/../dockerfile-skill/templates/<lang>.dockerfile\n<SKILL_DIR>/../docker-to-sealos/references/sealos-specs.md\n```\n\n## Phase Overview\n\n| Phase | Action | Skip When |\n|-------|--------|-----------|\n| 0 — Preflight | Capability scan, path-specific warnings, Sealos auth | Initial blockers resolved |\n| 1 — Assess | Clone repo (or use current project), analyze deployability | Score too low → stop |\n| 2 — Detect | Find existing image (Docker Hub / GHCR / README) | Found → jump to Phase 5 |\n| 3 — Dockerfile | Generate Dockerfile if missing | Already has one → skip |\n| 4 — Build & Push | `docker buildx` → GHCR (auto via gh CLI) or Docker Hub (fallback) | — |\n| 5 — Template | Generate Sealos application template | — |\n| 5.5 — Configure | Guide user through app env vars and inputs | No inputs needed |\n| 6 — Deploy | Deploy template to Sealos Cloud | — |\n\n## Decision Flow\n\n```\nInput (GitHub URL / local path)\n  │\n  ▼\n[Phase 0] Preflight ── fail → guide user to fix and STOP\n  │ pass\n  ▼\n[Phase 1] Assess ── not suitable → STOP with reason\n  │ suitable\n  ▼\n[Phase 2] Detect existing image\n  │\n  ├── found (amd64) ────────────────────┐\n  │                                     │\n  ▼                                     │\n[Phase 3] Dockerfile (generate/reuse)   │\n  │                                     │\n  ▼                                     │\n[Phase 4] Build & Push to registry      │\n  │                                     │\n  ◄─────────────────────────────────────┘\n  │\n  ▼\n[Phase 5] Generate Sealos Template\n  │\n  ▼\n[Phase 5.5] Configure ── present env vars → ask user for inputs → confirm\n  │\n  ▼\n[Phase 6] Deploy to Sealos Cloud ── 401 → re-auth\n  │                                  409 → instance exists\n  ▼\nDone — app deployed ✓\n```\n\n**Execution rule:** Phase 1 must never start while Phase 0 still has unresolved entry blockers. Docker, `gh`, builder, and registry failures must be reported early, but only become hard blockers if the run later requires local build/push.","tags":["sealos","deploy","skills","labring","agent-skills","ai-agent","claude-code","cloud-native","codex","deployment","docker","gemini-cli"],"capabilities":["skill","source-labring","skill-sealos-deploy","topic-agent-skills","topic-ai-agent","topic-claude-code","topic-cloud-native","topic-codex","topic-deployment","topic-docker","topic-gemini-cli","topic-kubernetes","topic-sealos"],"categories":["sealos-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/labring/sealos-skills/sealos-deploy","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add labring/sealos-skills","source_repo":"https://github.com/labring/sealos-skills","install_from":"skills.sh"}},"qualityScore":"0.467","qualityRationale":"deterministic score 0.47 from registry signals: · indexed on github topic:agent-skills · 34 github stars · SKILL.md body (8,136 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:04:11.171Z","embedding":null,"createdAt":"2026-05-14T07:03:51.063Z","updatedAt":"2026-05-18T19:04:11.171Z","lastSeenAt":"2026-05-18T19:04:11.171Z","tsv":"'-03':283,292,300,308,317,329,338,347,359,367,377,391,400,414,423,432,445,455,469,479,501,512,521,529,538,549,559,574,581,591,607 '-05':284,293,301,309,318,330,339,348,360,368,378,392,401,415,424,433,446,456,470,480,502,513,522,530,539,550,560,575,582,592,608 '-12':648 '/..':848,849 '/../docker-to-sealos/references/sealos-specs.md':893 '/../dockerfile-skill/knowledge/error-patterns.md':890 '/../dockerfile-skill/templates':891 '/.sealos/auth.json':772 '/.sealos/kubeconfig':75 '/.sealos/logs':217 '/.sealos/logs/deploy-':201,220 '/.sealos/logs/deploy-20260305-143001.log':628 '/api/v2alpha/templates/raw':547 '/owner/repo)':327 '/scripts':637 '/sealos-deploy':165,166,170 '/users/dev/myapp':323 '/zhujingyang/repo:20260305-143022':477,510 '0':289,647,900,999,1076 '01':287,296,304 '02':312,321 '03':333,342,351,363 '04':371 '05':381,395,404 '06':418,427 '07':436 '08':449,459 '1':178,190,335,871,913,1010,1070 '1/3':613 '10':578,585,595,611 '14':285,294,302,310,319,331,340,349,361,369,379,393,402,416,425,434,447,457,471,481,503,514,523,531,540,551,561,576,583,593,609 '2':184,373,927,1019 '201':555 '2026':282,291,299,307,316,328,337,346,358,366,376,390,399,413,422,431,444,454,468,478,500,511,520,528,537,548,558,573,580,590,606 '22.12.0':306 '27.5.1':298 '3':412,420,862,941,1026 '30':286,295,303,311,320,332,341,350,362,370,380,394,403,417,426,435,448,458,472,473,482,504,515,524,532,541,552,562,577,584,594,610 '32':483 '33':505 '34':516 '35':525 '36':533,542 '38':553,563 '4':451,587,951,1030 '401':1057 '409':1061 '5':518,879,940,965,1036 '5.5':971,1041 '6':191,535,984,1052 '8000':357,443 '9/12':344 'access':735 'action':897 'alreadi':947 'alway':134,161 'amd64':389,407,681,1024 'analyz':921 'api':777 'app':713,976,1065 'app-scop':712 'append':255,272 'appli':153 'applic':58,969 'arg':760,765 'args-fil':764 'args-json':759 'arm64':386 'artifact':656 'ask':105,135,162,1046 'assess':14,336,872,914,1011 'assum':691 'auth':183,314,909,1060 'authent':794 'auto':463,492,702,957 'auto-cr':491 'auto-detect':462,701 'autom':26 'bash':214,281,803 'becom':1094 'behavior':704 'blocker':911,1081,1096 'boundari':271 'build':18,452,474,588,599,605,680,773,952,1031 'build-push.mjs':673,675 'build/push':1103 'builder':1084 'buildx':598,955 'cannot':142 'capabl':902 'check':181,788 'cli':467,499,960 'clone':915 'cloud':10,39,52,793,867,990,1056 'cloud-native-readi':866 'co':818 'co-instal':817 'code':55 'command':13,60,68,112 'configur':972,1042 'confirm':87,123,145,151,1050 'contain':841 'continu':365,409 'correct':775 'creat':20,209,242,263,493 'create/update':711 'criteria':873 'current':103,168,738,769,919 'd':224,233 'data':141 'databas':132 'date':221,230 'decis':364,405,991 'delet':120,125,139,160 'demand':833 'depend':810 'deploy':3,4,24,31,34,37,40,45,46,128,167,187,237,489,536,543,556,696,709,723,852,922,985,986,1053,1066 'deploy-template.mjs':753,755 'deployment-nam':708 'detail':570 'detect':374,464,488,669,703,928,1020 'detect-image.mjs':660,662,668 'determinist':644 'dir':652,665 'directori':636,840 'docker':89,297,382,597,688,875,932,954,962,1082 'docker-to-sealo':874 'docker/ghcr':671 'dockerfil':17,421,429,859,863,892,942,944,1027 'dockerfile-skil':858 'dockerhub':678 'done':564,1064 'dri':757 'dry-run':756 'earli':1091 'echo':229 'end':617 'enforc':658 'ensure-image-pull-secret.mjs':705,707 'entri':275,856,1080 'env':977,1044 'environ':180 'err':602 'error':566,569,579,596 'etc':133 'even':154 'everi':193 'execut':173,208,1067 'exist':428,670,722,930,1021,1063 'explicit':116 'face':827 'fail':600,1001 'failur':1087 'fallback':964 'fastapi':355,440 'file':199,212,219,240,245,260,267,279,766,815 'find':929 'first':106,163 'fix':1005 'flow':992 'follow':887 'found':398,936,1023 'framework':354 'full':186 'fulli':25 'generat':16,437,864,943,967,1037 'generate/reuse':1028 'gh':90,466,498,959,1083 'gh-refresh-scopes.mjs':727,729 'ghcr':396,461,484,677,715,733,934,956 'ghcr.io':476,509 'ghcr.io/zhujingyang/repo:20260305-143022':475,508 'github':6,48,324,994 'github.com':326 'github.com/owner/repo)':325 'good':345 'guid':973,1002 'h':225,234 'hard':1095 'hub':383,689,933,963 'imag':19,375,408,494,506,672,682,694,931,1022 'import':241 'ingress':130 'initi':910 'input':980,982,993,1049 'insecur':78 'insecure-skip-tls-verifi':77 'instal':84,99,111,819 'instanc':1062 'intern':808,820 'json':655,761,800 'jump':937 'keep':700 'key':762 'knowledg':814,865 'kubeconfig':73,74 'kubectl':61,67,76,92,119 'languag':352 'later':1100 'latest':385 'list':790 'load':830 'local':782,996,1102 'locat':630 'log':192,198,202,211,218,228,239,244,259,266,274,567,623,625 'logic':158 'login':789 'low':925 'm':223,226,232,235 'mention':43 'miss':94,603,946 'mkdir':215 'modul':175 'modules/pipeline.md':185 'modules/preflight.md':179 'must':69,195,254,1071,1088 'name':710 'nativ':868 'need':983 'never':1072 'node':642,650,661,667,674,706,728,754,786 'node.js':305 'none':430 'npm':601 'omit':698 'on-demand':831 'one':12,59,949 'option':719 'order':177 'output':526,799 'overview':895 'owner/repo':384 'p':216 'packag':487,731,734,741 'pars':805 'pass':1008 'patch':720 'path':690,883,905,997 'path-specif':904 'pattern':889 'phase':65,189,270,288,334,372,411,419,450,517,534,586,836,861,870,878,894,896,939,998,1009,1018,1025,1029,1035,1040,1051,1069,1075 'pipelin':157,188 'pipeline.md':886 'platform':104 'point':857 'port':356,442 'post':780 'preflight':290,901,1000 'present':1043 'privat':486,748 'proceed':148 'project':7,36,49,169,322,920 'public':693 'pull':495,716,749 'pullabl':485 'purpos':640 'push':453,589,683,746,953,1032 'pvc':131 'python':353,439 'python-fastapi':438 'quick':171 're':1059 're-auth':1058 'readi':15,645,869 'readm':935 'reason':1016 'recov':144 'ref':507 'refer':725,813,837 'refresh':732 'region':315,770 'registri':460,676,687,699,1034,1086 'repli':117 'repo':42,916 'report':1090 'requir':85,121,1101 'resolv':767,912 'resourc':127 'result':807 'retri':612 'rule':63,882,1068 'run':57,109,194,758,801,1099 'safeti':62 'save':626 'say':30 'scan':903 'schema':659 'scope':714 'score':343,646,923 'score-model.mjs':641,643 'script':604,629,632,638,798 'sealo':2,9,21,33,44,51,72,182,313,654,792,851,877,880,908,968,989,1038,1055 'sealos-auth.mjs':785,787 'sealos-deploy':1,850 'sealos/template/index.yaml':527 'second':265 'secret':496,717 'select':686 'servic':129 'sibl':844 'skill':97,635,809,812,821,845,854,860 'skill-sealos-deploy' 'skill.md':843 'skip':79,898,950 'sourc':54 'source-labring' 'specif':835,906 'start':172,206,238,250,1073 'status':554 'still':1077 'stop':572,926,1007,1014 'subsequ':252 'success':557 'suffici':743 'suggest':159 'suitabl':1013,1017 'switch':791,796 'system':82 'tell':618 'templat':22,441,519,776,783,881,966,970,987,1039 'template.gzg.sealos.run':546 'template.gzg.sealos.run/api/v2alpha/templates/raw':545 'time':697 'tls':80 'tool':83 'topic-agent-skills' 'topic-ai-agent' 'topic-claude-code' 'topic-cloud-native' 'topic-codex' 'topic-deployment' 'topic-docker' 'topic-gemini-cli' 'topic-kubernetes' 'topic-sealos' 'tti':739 'unresolv':1079 'url':544,778,995 'usag':164,639 'use':27,70,884,918 'user':29,86,115,122,150,620,679,826,855,974,1003,1047 'user-fac':825 'valid':653 'validate-artifacts.mjs':649,651 'valu':763 'var':978,1045 'verifi':81 'via':465,802,958 'warn':136,907 'within':633 'work':664 'work-dir':663 'workflow':752 'workspac':795 'write':196,253,730,740 'y':118,222,231 'y/n':146 'yaml':784","prices":[{"id":"bb5c1adc-0a1a-41e3-85e7-365a7884e5ec","listingId":"b2231f81-2398-42f6-8b98-a8a5a443ff6f","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"labring","category":"sealos-skills","install_from":"skills.sh"},"createdAt":"2026-05-14T07:03:51.063Z"}],"sources":[{"listingId":"b2231f81-2398-42f6-8b98-a8a5a443ff6f","source":"github","sourceId":"labring/sealos-skills/sealos-deploy","sourceUrl":"https://github.com/labring/sealos-skills/tree/main/skills/sealos-deploy","isPrimary":false,"firstSeenAt":"2026-05-14T07:03:51.063Z","lastSeenAt":"2026-05-18T19:04:11.171Z"}],"details":{"listingId":"b2231f81-2398-42f6-8b98-a8a5a443ff6f","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"labring","slug":"sealos-deploy","github":{"repo":"labring/sealos-skills","stars":34,"topics":["agent-skills","ai-agent","claude-code","cloud-native","codex","deployment","docker","gemini-cli","kubernetes","sealos"],"license":null,"html_url":"https://github.com/labring/sealos-skills","pushed_at":"2026-05-14T09:39:17Z","description":"AI agent skills for Sealos Cloud — deploy any project, provision databases, object storage & more with one command. Works with Claude Code, Gemini CLI, Codex.","skill_md_sha":"e46d764cfa4b34a504ac1eb0926ec2a0213f13dc","skill_md_path":"skills/sealos-deploy/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/labring/sealos-skills/tree/main/skills/sealos-deploy"},"layout":"multi","source":"github","category":"sealos-skills","frontmatter":{"name":"sealos-deploy","description":"Deploy any GitHub project to Sealos Cloud in one command. Assesses readiness, generates Dockerfile, builds image, creates Sealos template, and deploys — fully automated. Use when user says \"deploy to sealos\", \"deploy this project\", \"deploy to cloud\", \"deploy this repo\", mentions Sealos deployment, wants to deploy a GitHub URL or local project to a cloud platform, or asks about one-click deployment. Also triggers on \"/sealos-deploy\".","compatibility":"Sealos auth/workspace are required for deploys. Docker, buildx, and gh CLI are required only when the selected path needs local build/push. git is required when cloning from a GitHub URL or when git metadata is needed. Node.js 18+ and Python 3.8+ remain optional accelerators."},"skills_sh_url":"https://skills.sh/labring/sealos-skills/sealos-deploy"},"updatedAt":"2026-05-18T19:04:11.171Z"}}