Can it help with vulnerability scanning?

Absolutely; the skill includes predefined stages for both source code security scans and container image vulnerability detection as part of the pipeline.

What deployment targets are supported?

While it includes specific optimizations for Cloud Run, the patterns are designed to be adaptable for GKE, App Engine, and other GCP compute services.

How does this skill improve GCP security?

It implements Workload Identity Federation, which allows GitHub Actions to access GCP resources securely without needing long-lived, high-risk service account keys.

Does it support both GitHub Actions and Google Cloud Build?

Yes, it provides optimized patterns and configuration templates for both platforms, allowing you to choose the tool that best fits your infrastructure.

GCP CI/CD Patterns

Name: GCP CI/CD Patterns
Author: Agentient

byAgentient

0•

部署与 DevOps

Automates the creation of secure, production-grade CI/CD pipelines for Google Cloud Platform using GitHub Actions and Cloud Build.

This skill provides standardized patterns and automation templates for setting up secure, scalable CI/CD workflows on Google Cloud Platform. It specializes in configuring GitHub Actions with Workload Identity Federation to eliminate the need for insecure service account keys, while also supporting native Cloud Build pipelines. By automating standard stages like security scanning, testing, and containerization, it ensures that your GCP deployments follow industry best practices for security and reliability from the first commit to the final production release.

主要功能

01Integrated vulnerability scanning and security audits

020 GitHub stars

03Automated GitHub Actions workflow generation for GCP

04Standardized multi-stage deployment patterns

05Secure Workload Identity Federation configuration

06Native Google Cloud Build pipeline templates

使用场景

01Implementing automated testing and security scans in GCP delivery pipelines

02Setting up a secure deployment pipeline from GitHub to Cloud Run

03Migrating from legacy service account keys to Workload Identity Federation

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add agentient/vibekit cicd-patterns

For use in Claude.ai and ChatGPT