How does the automated rollback function?

The workflows include deployment verification steps that monitor health checks after a release; if these checks fail, the workflow automatically triggers a revert to the last known stable version.

Can I customize the approval gates?

Absolutely. The skill provides patterns for environment-specific protection rules including required reviewers and wait timers tailored to your team's compliance needs.

Does this skill support major cloud providers?

Yes, the templates are designed for OIDC federation which is the industry standard for secure, secretless authentication with AWS, GCP, and Azure.

What makes these deployment workflows 'hardened'?

They utilize OIDC federation to eliminate static secrets, use SHA-pinned actions to prevent supply chain attacks, and enforce least-privilege permissions for all runner tokens.

Hardened Deployment Workflows

Name: Hardened Deployment Workflows
Author: adaptive-enforcement-lab

byadaptive-enforcement-lab

デプロイメントとDevOps

Implements secure, production-ready CI/CD pipelines with OIDC authentication and automated rollback patterns.

概要

This skill provides Claude with standardized, security-hardened templates for GitHub Actions and other CI/CD environments to ensure robust delivery cycles. It focuses on eliminating secret sprawl through OIDC federation, enforcing environment protection rules like approval gates and wait timers, and ensuring high availability with zero-downtime deployment and automated rollback strategies. It is ideal for engineering teams looking to migrate from static secrets to short-lived tokens while maintaining strict audit trails and human-in-the-loop controls for production environments.

主な機能

0 GitHub stars
Automated deployment verification with health check rollbacks
SHA-pinned actions for enhanced supply chain security
Secretless OIDC cloud authentication for AWS, GCP, and Azure
Least-privilege GITHUB_TOKEN permission configurations
Environment protection with mandatory manual approval gates

ユースケース

Migrating from static long-lived credentials to secretless OIDC federation
Implementing production-grade deployment gates and human-in-the-loop approvals
Setting up automated rollback logic for mission-critical web applications

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add adaptive-enforcement-lab/claude-skills hardened-deployment-workflow

For use in Claude.ai and ChatGPT

Download Skill

GitHub

概要