{"id":"16fef10f-050e-4cea-a3c7-6116e1fb54a6","shortId":"qUBP62","kind":"skill","title":"sealos-deploy","tagline":"Deploy any GitHub project to Sealos Cloud in one command. Assesses readiness, generates Dockerfile, builds image, creates Sealos template, and deploys — fully automated. Use when user says \"deploy to sealos\", \"deploy this project\", \"deploy to cloud\", \"deploy this repo\", mentions ","description":"# Sealos Deploy\n\nDeploy any GitHub project to Sealos Cloud — from source code to running application, one command.\n\n## kubectl Safety Rules (all phases)\n\nAll kubectl commands MUST use the Sealos kubeconfig:\n```\nKUBECONFIG=~/.sealos/kubeconfig kubectl --insecure-skip-tls-verify\n```\n\nSystem tool installation requires user confirmation. If `docker`, `gh`, or `kubectl` is missing and the skill can install it for the current platform, ask first and only run the install command after the user explicitly replies `y`.\n\n**`kubectl delete` requires user confirmation.** Before deleting any resource (deployment, service, ingress, PVC, database, etc.), always ask:\n```\n⚠️ 即将删除 <resource kind>/<resource name>，数据不可恢复。确认？(y/n)\n```\nOnly proceed after user confirms. This applies even if the pipeline logic suggests deletion — always ask first.\n\n## Usage\n\n```\n/sealos-deploy <github-url>\n/sealos-deploy                    # deploy current project\n/sealos-deploy <local-path>\n```\n\n## Quick Start\n\nExecute the modules in order:\n\n1. `modules/preflight.md` — Environment checks & Sealos auth\n2. `modules/pipeline.md` — Full deployment pipeline (Phase 1–6)\n\n## Logging\n\nEvery run MUST write a log file at `~/.sealos/logs/deploy-<YYYYMMDD-HHmmss>.log`.\n\n**At the very start of execution**, create the log file **once**:\n```bash\nmkdir -p ~/.sealos/logs\nLOG_FILE=~/.sealos/logs/deploy-$(date +%Y%m%d-%H%M%S).log\necho \"[$(date '+%Y-%m-%d %H:%M:%S')] Deploy started\" > \"$LOG_FILE\"\n```\n\n**Important: create the log file ONLY ONCE at the start. All subsequent writes MUST append (`>>`) to this same `$LOG_FILE`. Do NOT create a second log file.**\n\n**At each phase boundary**, append a log entry to the same file with Bash `>>`:\n```\n[2026-03-05 14:30:01] === Phase 0: Preflight ===\n[2026-03-05 14:30:01] Docker: ✓ 27.5.1\n[2026-03-05 14:30:01] Node.js: ✓ 22.12.0\n[2026-03-05 14:30:02] Sealos auth: ✓ (region: <REGION from config.json>)\n[2026-03-05 14:30:02] Project: /Users/dev/myapp (github: https://github.com/owner/repo)\n\n[2026-03-05 14:30:03] === Phase 1: Assess ===\n[2026-03-05 14:30:03] Score: 9/12 (good)\n[2026-03-05 14:30:03] Language: python, Framework: fastapi, Port: 8000\n[2026-03-05 14:30:03] Decision: CONTINUE\n\n[2026-03-05 14:30:04] === Phase 2: Detect Image ===\n[2026-03-05 14:30:05] Docker Hub: owner/repo:latest (arm64 only, no amd64)\n[2026-03-05 14:30:05] GHCR: not found\n[2026-03-05 14:30:05] Decision: no amd64 image → continue to Phase 3\n\n[2026-03-05 14:30:06] === Phase 3: Dockerfile ===\n[2026-03-05 14:30:06] Existing Dockerfile: none\n[2026-03-05 14:30:07] Generated: python-fastapi template, port 8000\n\n[2026-03-05 14:30:08] === Phase 4: Build & Push ===\n[2026-03-05 14:30:08] Registry: ghcr (auto-detected via gh CLI)\n[2026-03-05 14:30:30] Build: ✓ ghcr.io/zhujingyang/repo:20260305-143022\n[2026-03-05 14:30:32] GHCR pullability: private package detected — deploy will auto-create image pull Secret from gh CLI\n[2026-03-05 14:30:33] IMAGE_REF=ghcr.io/zhujingyang/repo:20260305-143022\n\n[2026-03-05 14:30:34] === Phase 5: Template ===\n[2026-03-05 14:30:35] Output: .sealos/template/index.yaml\n\n[2026-03-05 14:30:36] === Phase 6: Deploy ===\n[2026-03-05 14:30:36] Deploy URL: https://template.gzg.sealos.run/api/v2alpha/templates/raw\n[2026-03-05 14:30:38] Status: 201 — deployed successfully\n[2026-03-05 14:30:38] === DONE ===\n```\n\n**On error**, log the error details before stopping:\n```\n[2026-03-05 14:30:10] === ERROR ===\n[2026-03-05 14:30:10] Phase: 4 (Build & Push)\n[2026-03-05 14:30:10] Error: docker buildx build failed — \"npm ERR! Missing script: build\"\n[2026-03-05 14:30:10] Retry: 1/3\n```\n\n**At the very end**, tell the user where the log is:\n```\nLog saved to: ~/.sealos/logs/deploy-20260305-143001.log\n```\n\n## Scripts\n\nLocated in `scripts/` within this skill directory (`<SKILL_DIR>/scripts/`):\n\n| Script | Usage | Purpose |\n|--------|-------|---------|\n| `score-model.mjs` | `node score-model.mjs <repo-dir>` | Deterministic readiness scoring (0-12) |\n| `validate-artifacts.mjs` | `node validate-artifacts.mjs --dir <work-dir>` | Validate `.sealos` JSON artifacts against enforced schemas |\n| `detect-image.mjs` | `node detect-image.mjs <github-url> [work-dir]` or `node detect-image.mjs <work-dir>` | Detect existing Docker/GHCR images |\n| `build-push.mjs` | `node build-push.mjs <work-dir> <repo> [--registry ghcr\\|dockerhub] [--user <user>]` | Build amd64 image & push to the selected registry (Docker Hub path assumes a public image at deploy time; omitting `--registry` keeps auto-detect behavior) |\n| `ensure-image-pull-secret.mjs` | `node ensure-image-pull-secret.mjs <namespace> <secret-name> <image-ref> [deployment-name]` | Create/update app-scoped GHCR pull Secret and optionally patch an existing Deployment to reference it |\n| `gh-refresh-scopes.mjs` | `node gh-refresh-scopes.mjs write:packages` | Refresh GHCR package access in the current TTY; `write:packages` is sufficient for both push and private pull in this workflow |\n| `deploy-template.mjs` | `node deploy-template.mjs <template-path> [--dry-run] [--args-json '{\"KEY\":\"value\"}'\\|--args-file <file>]` | Resolve the current region from `~/.sealos/auth.json`, build the correct Template API URL, and post a local template YAML |\n| `sealos-auth.mjs` | `node sealos-auth.mjs check\\|login\\|list\\|switch` | Sealos Cloud authentication & workspace switching |\n\nAll scripts output JSON. Run via Bash and parse the result.\n\n## Internal Skill Dependencies\n\nThis skill references knowledge files from co-installed internal skills. These are **not** user-facing — they are loaded on-demand during specific phases.\n\n`<SKILL_DIR>` refers to the directory containing this `SKILL.md`. Sibling skills are at `<SKILL_DIR>/../`:\n\n```\n<SKILL_DIR>/../\n├── sealos-deploy/           ← this skill (user entry point) = <SKILL_DIR>\n├── dockerfile-skill/        ← Phase 3: Dockerfile generation knowledge\n├── cloud-native-readiness/  ← Phase 1: assessment criteria\n└── docker-to-sealos/       ← Phase 5: Sealos template rules\n```\n\nPaths used in pipeline.md follow the pattern:\n```\n<SKILL_DIR>/../dockerfile-skill/knowledge/error-patterns.md\n<SKILL_DIR>/../dockerfile-skill/templates/<lang>.dockerfile\n<SKILL_DIR>/../docker-to-sealos/references/sealos-specs.md\n```\n\n## Phase Overview\n\n| Phase | Action | Skip When |\n|-------|--------|-----------|\n| 0 — Preflight | Capability scan, path-specific warnings, Sealos auth | Initial blockers resolved |\n| 1 — Assess | Clone repo (or use current project), analyze deployability | Score too low → stop |\n| 2 — Detect | Find existing image (Docker Hub / GHCR / README) | Found → jump to Phase 5 |\n| 3 — Dockerfile | Generate Dockerfile if missing | Already has one → skip |\n| 4 — Build & Push | `docker buildx` → GHCR (auto via gh CLI) or Docker Hub (fallback) | — |\n| 5 — Template | Generate Sealos application template | — |\n| 5.5 — Configure | Guide user through app env vars and inputs | No inputs needed |\n| 6 — Deploy | Deploy template to Sealos Cloud | — |\n\n## Decision Flow\n\n```\nInput (GitHub URL / local path)\n  │\n  ▼\n[Phase 0] Preflight ── fail → guide user to fix and STOP\n  │ pass\n  ▼\n[Phase 1] Assess ── not suitable → STOP with reason\n  │ suitable\n  ▼\n[Phase 2] Detect existing image\n  │\n  ├── found (amd64) ────────────────────┐\n  │                                     │\n  ▼                                     │\n[Phase 3] Dockerfile (generate/reuse)   │\n  │                                     │\n  ▼                                     │\n[Phase 4] Build & Push to registry      │\n  │                                     │\n  ◄─────────────────────────────────────┘\n  │\n  ▼\n[Phase 5] Generate Sealos Template\n  │\n  ▼\n[Phase 5.5] Configure ── present env vars → ask user for inputs → confirm\n  │\n  ▼\n[Phase 6] Deploy to Sealos Cloud ── 401 → re-auth\n  │                                  409 → instance exists\n  ▼\nDone — app deployed ✓\n```\n\n**Execution rule:** Phase 1 must never start while Phase 0 still has unresolved entry blockers. Docker, `gh`, builder, and registry failures must be reported early, but only become hard blockers if the run later requires local build/push.","tags":["sealos","deploy","seakills","labring","agent-skills","ai-agent","claude-code","cloud-native","codex","deployment","docker","gemini-cli"],"capabilities":["skill","source-labring","skill-sealos-deploy","topic-agent-skills","topic-ai-agent","topic-claude-code","topic-cloud-native","topic-codex","topic-deployment","topic-docker","topic-gemini-cli","topic-kubernetes","topic-sealos"],"categories":["seakills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/labring/seakills/sealos-deploy","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add labring/seakills","source_repo":"https://github.com/labring/seakills","install_from":"skills.sh"}},"qualityScore":"0.458","qualityRationale":"deterministic score 0.46 from registry signals: · indexed on github topic:agent-skills · 17 github stars · SKILL.md body (8,088 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-22T13:03:12.760Z","embedding":null,"createdAt":"2026-04-19T00:40:55.303Z","updatedAt":"2026-04-22T13:03:12.760Z","lastSeenAt":"2026-04-22T13:03:12.760Z","tsv":"'-03':276,285,293,301,310,322,331,340,352,360,370,384,393,407,416,425,438,448,462,472,494,505,514,522,531,542,552,567,574,584,600 '-05':277,286,294,302,311,323,332,341,353,361,371,385,394,408,417,426,439,449,463,473,495,506,515,523,532,543,553,568,575,585,601 '-12':641 '/..':841,842 '/../docker-to-sealos/references/sealos-specs.md':886 '/../dockerfile-skill/knowledge/error-patterns.md':883 '/../dockerfile-skill/templates':884 '/.sealos/auth.json':765 '/.sealos/kubeconfig':75 '/.sealos/logs':210 '/.sealos/logs/deploy-':194,213 '/.sealos/logs/deploy-20260305-143001.log':621 '/api/v2alpha/templates/raw':540 '/owner/repo)':320 '/scripts':630 '/sealos-deploy':158,159,163 '/users/dev/myapp':316 '/zhujingyang/repo:20260305-143022':470,503 '0':282,640,893,992,1069 '01':280,289,297 '02':305,314 '03':326,335,344,356 '04':364 '05':374,388,397 '06':411,420 '07':429 '08':442,452 '1':171,183,328,864,906,1003,1063 '1/3':606 '10':571,578,588,604 '14':278,287,295,303,312,324,333,342,354,362,372,386,395,409,418,427,440,450,464,474,496,507,516,524,533,544,554,569,576,586,602 '2':177,366,920,1012 '201':548 '2026':275,284,292,300,309,321,330,339,351,359,369,383,392,406,415,424,437,447,461,471,493,504,513,521,530,541,551,566,573,583,599 '22.12.0':299 '27.5.1':291 '3':405,413,855,934,1019 '30':279,288,296,304,313,325,334,343,355,363,373,387,396,410,419,428,441,451,465,466,475,497,508,517,525,534,545,555,570,577,587,603 '32':476 '33':498 '34':509 '35':518 '36':526,535 '38':546,556 '4':444,580,944,1023 '401':1050 '409':1054 '5':511,872,933,958,1029 '5.5':964,1034 '6':184,528,977,1045 '8000':350,436 '9/12':337 'access':728 'action':890 'alreadi':940 'alway':134,154 'amd64':382,400,674,1017 'analyz':914 'api':770 'app':706,969,1058 'app-scop':705 'append':248,265 'appli':146 'applic':58,962 'arg':753,758 'args-fil':757 'args-json':752 'arm64':379 'artifact':649 'ask':105,135,155,1039 'assess':14,329,865,907,1004 'assum':684 'auth':176,307,902,1053 'authent':787 'auto':456,485,695,950 'auto-cr':484 'auto-detect':455,694 'autom':26 'bash':207,274,796 'becom':1087 'behavior':697 'blocker':904,1074,1089 'boundari':264 'build':18,445,467,581,592,598,673,766,945,1024 'build-push.mjs':666,668 'build/push':1096 'builder':1077 'buildx':591,948 'capabl':895 'check':174,781 'cli':460,492,953 'clone':908 'cloud':10,39,52,786,860,983,1049 'cloud-native-readi':859 'co':811 'co-instal':810 'code':55 'command':13,60,68,112 'configur':965,1035 'confirm':87,123,144,1043 'contain':834 'continu':358,402 'correct':768 'creat':20,202,235,256,486 'create/update':704 'criteria':866 'current':103,161,731,762,912 'd':217,226 'databas':132 'date':214,223 'decis':357,398,984 'delet':120,125,153 'demand':826 'depend':803 'deploy':3,4,24,31,34,37,40,45,46,128,160,180,230,482,529,536,549,689,702,716,845,915,978,979,1046,1059 'deploy-template.mjs':746,748 'deployment-nam':701 'detail':563 'detect':367,457,481,662,696,921,1013 'detect-image.mjs':653,655,661 'determinist':637 'dir':645,658 'directori':629,833 'docker':89,290,375,590,681,868,925,947,955,1075 'docker-to-sealo':867 'docker/ghcr':664 'dockerfil':17,414,422,852,856,885,935,937,1020 'dockerfile-skil':851 'dockerhub':671 'done':557,1057 'dri':750 'dry-run':749 'earli':1084 'echo':222 'end':610 'enforc':651 'ensure-image-pull-secret.mjs':698,700 'entri':268,849,1073 'env':970,1037 'environ':173 'err':595 'error':559,562,572,589 'etc':133 'even':147 'everi':186 'execut':166,201,1060 'exist':421,663,715,923,1014,1056 'explicit':116 'face':820 'fail':593,994 'failur':1080 'fallback':957 'fastapi':348,433 'file':192,205,212,233,238,253,260,272,759,808 'find':922 'first':106,156 'fix':998 'flow':985 'follow':880 'found':391,929,1016 'framework':347 'full':179 'fulli':25 'generat':16,430,857,936,960,1030 'generate/reuse':1021 'gh':90,459,491,952,1076 'gh-refresh-scopes.mjs':720,722 'ghcr':389,454,477,670,708,726,927,949 'ghcr.io':469,502 'ghcr.io/zhujingyang/repo:20260305-143022':468,501 'github':6,48,317,987 'github.com':319 'github.com/owner/repo)':318 'good':338 'guid':966,995 'h':218,227 'hard':1088 'hub':376,682,926,956 'imag':19,368,401,487,499,665,675,687,924,1015 'import':234 'ingress':130 'initi':903 'input':973,975,986,1042 'insecur':78 'insecure-skip-tls-verifi':77 'instal':84,99,111,812 'instanc':1055 'intern':801,813 'json':648,754,793 'jump':930 'keep':693 'key':755 'knowledg':807,858 'kubeconfig':73,74 'kubectl':61,67,76,92,119 'languag':345 'later':1093 'latest':378 'list':783 'load':823 'local':775,989,1095 'locat':623 'log':185,191,195,204,211,221,232,237,252,259,267,560,616,618 'logic':151 'login':782 'low':918 'm':216,219,225,228 'mention':43 'miss':94,596,939 'mkdir':208 'modul':168 'modules/pipeline.md':178 'modules/preflight.md':172 'must':69,188,247,1064,1081 'name':703 'nativ':861 'need':976 'never':1065 'node':635,643,654,660,667,699,721,747,779 'node.js':298 'none':423 'npm':594 'omit':691 'on-demand':824 'one':12,59,942 'option':712 'order':170 'output':519,792 'overview':888 'owner/repo':377 'p':209 'packag':480,724,727,734 'pars':798 'pass':1001 'patch':713 'path':683,876,898,990 'path-specif':897 'pattern':882 'phase':65,182,263,281,327,365,404,412,443,510,527,579,829,854,863,871,887,889,932,991,1002,1011,1018,1022,1028,1033,1044,1062,1068 'pipelin':150,181 'pipeline.md':879 'platform':104 'point':850 'port':349,435 'post':773 'preflight':283,894,993 'present':1036 'privat':479,741 'proceed':141 'project':7,36,49,162,315,913 'public':686 'pull':488,709,742 'pullabl':478 'purpos':633 'push':446,582,676,739,946,1025 'pvc':131 'python':346,432 'python-fastapi':431 'quick':164 're':1052 're-auth':1051 'readi':15,638,862 'readm':928 'reason':1009 'ref':500 'refer':718,806,830 'refresh':725 'region':308,763 'registri':453,669,680,692,1027,1079 'repli':117 'repo':42,909 'report':1083 'requir':85,121,1094 'resolv':760,905 'resourc':127 'result':800 'retri':605 'rule':63,875,1061 'run':57,109,187,751,794,1092 'safeti':62 'save':619 'say':30 'scan':896 'schema':652 'scope':707 'score':336,639,916 'score-model.mjs':634,636 'script':597,622,625,631,791 'sealo':2,9,21,33,44,51,72,175,306,647,785,844,870,873,901,961,982,1031,1048 'sealos-auth.mjs':778,780 'sealos-deploy':1,843 'sealos/template/index.yaml':520 'second':258 'secret':489,710 'select':679 'servic':129 'sibl':837 'skill':97,628,802,805,814,838,847,853 'skill-sealos-deploy' 'skill.md':836 'skip':79,891,943 'sourc':54 'source-labring' 'specif':828,899 'start':165,199,231,243,1066 'status':547 'still':1070 'stop':565,919,1000,1007 'subsequ':245 'success':550 'suffici':736 'suggest':152 'suitabl':1006,1010 'switch':784,789 'system':82 'tell':611 'templat':22,434,512,769,776,874,959,963,980,1032 'template.gzg.sealos.run':539 'template.gzg.sealos.run/api/v2alpha/templates/raw':538 'time':690 'tls':80 'tool':83 'topic-agent-skills' 'topic-ai-agent' 'topic-claude-code' 'topic-cloud-native' 'topic-codex' 'topic-deployment' 'topic-docker' 'topic-gemini-cli' 'topic-kubernetes' 'topic-sealos' 'tti':732 'unresolv':1072 'url':537,771,988 'usag':157,632 'use':27,70,877,911 'user':29,86,115,122,143,613,672,819,848,967,996,1040 'user-fac':818 'valid':646 'validate-artifacts.mjs':642,644 'valu':756 'var':971,1038 'verifi':81 'via':458,795,951 'warn':900 'within':626 'work':657 'work-dir':656 'workflow':745 'workspac':788 'write':189,246,723,733 'y':118,215,224 'y/n':139 'yaml':777 '即将删除':136 '数据不可恢复':137 '确认':138","prices":[{"id":"e31571aa-599b-4d04-948e-c97830564b3c","listingId":"16fef10f-050e-4cea-a3c7-6116e1fb54a6","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"labring","category":"seakills","install_from":"skills.sh"},"createdAt":"2026-04-19T00:40:55.303Z"}],"sources":[{"listingId":"16fef10f-050e-4cea-a3c7-6116e1fb54a6","source":"github","sourceId":"labring/seakills/sealos-deploy","sourceUrl":"https://github.com/labring/seakills/tree/main/skills/sealos-deploy","isPrimary":false,"firstSeenAt":"2026-04-19T00:40:55.303Z","lastSeenAt":"2026-04-22T13:03:12.760Z"}],"details":{"listingId":"16fef10f-050e-4cea-a3c7-6116e1fb54a6","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"labring","slug":"sealos-deploy","github":{"repo":"labring/seakills","stars":17,"topics":["agent-skills","ai-agent","claude-code","cloud-native","codex","deployment","docker","gemini-cli","kubernetes","sealos"],"license":null,"html_url":"https://github.com/labring/seakills","pushed_at":"2026-04-22T08:50:08Z","description":"AI agent skills for Sealos Cloud — deploy any project, provision databases, object storage & more with one command. Works with Claude Code, Gemini CLI, Codex.","skill_md_sha":"cb2c6535fbe13a832fb1d8dbea56c486ce207da1","skill_md_path":"skills/sealos-deploy/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/labring/seakills/tree/main/skills/sealos-deploy"},"layout":"multi","source":"github","category":"seakills","frontmatter":{"name":"sealos-deploy","description":"Deploy any GitHub project to Sealos Cloud in one command. Assesses readiness, generates Dockerfile, builds image, creates Sealos template, and deploys — fully automated. Use when user says \"deploy to sealos\", \"deploy this project\", \"deploy to cloud\", \"deploy this repo\", mentions Sealos deployment, wants to deploy a GitHub URL or local project to a cloud platform, or asks about one-click deployment. Also triggers on \"/sealos-deploy\".","compatibility":"Sealos auth/workspace are required for deploys. Docker, buildx, and gh CLI are required only when the selected path needs local build/push. git is required when cloning from a GitHub URL or when git metadata is needed. Node.js 18+ and Python 3.8+ remain optional accelerators."},"skills_sh_url":"https://skills.sh/labring/seakills/sealos-deploy"},"updatedAt":"2026-04-22T13:03:12.760Z"}}