name: deploy-work description: Deployment workflow for company repos (pre/pro) using CI, ECR, and Helm.

Deploy Work Skill

Standard deployment workflow for company repositories with CI/CD -> ECR -> Helm.

When to Use

• Deploying to pre or pro for company repos.
• Ensuring CI has produced an image tag before helm upgrade.
• Running a controlled deploy with explicit confirmation.

Core Rules

• Always use --set image.tag=<SHA> for helm upgrades.
• Do NOT edit or commit values-pre.yaml or values-pro.yaml.
• Verify CI completion and ECR push before helm upgrade.
• Ask for confirmation before helm upgrade.

Repo Detection

Use any of:

• git remote get-url origin
• repo folder name
• presence of ci/helm-package-new

Naturgy Special Case

• values-pre.yaml and values-pro.yaml under ci/helm-package-new only apply to the naturgy-web repo.
• If release is naturgy-web-new (or naturgy-web-pre-naturgy-web-new) use:
  • ./ci/helm-package-new/values-pre.yaml or ./ci/helm-package-new/values-pro.yaml.
• Otherwise use:
  • ./ci/helm-package/values-pre.yaml or ./ci/helm-package/values-pro.yaml.

Pre Deployment Workflow

1. Ensure branch/PR has CI green.

   • gh pr checks <id> --watch
   • or gh run list --branch <branch> --workflow ci.yml -L 1

2. Get the SHA with CI green.

   • gh run list --branch <branch> --workflow ci.yml -L 1 --json headSha,conclusion,status

3. Verify ECR image push in logs.

   • gh run view <run_id> --log
   • Look for tags containing <SHA>.

4. Confirm cluster context and detect release/namespace.

   • kubectl config current-context
   • kubectl get ns | rg <ns>
   • kubectl get deployments -A | rg <app>
   • helm list -A | rg <app>

5. Confirm chart path and helm upgrade (confirm first).

   • Common chart path: ./ci/helm-package or ./ci/helm-package-new
   • helm upgrade <release> -f <values-pre.yaml> <chart-path> --namespace <ns> --set image.tag=<SHA>

Pro Deployment Workflow

1. Merge PR to master.

   • gh pr merge <id> --merge

2. Wait for CI on master.

   • gh run list --branch master --workflow ci.yml -L 1

3. Get SHA and verify ECR push.

   • Same as pre.

4. Confirm cluster context and detect release/namespace.

   • kubectl config current-context
   • kubectl get ns | rg <ns>
   • Same as pre.

5. Confirm chart path and helm upgrade (confirm first).

   • Common chart path: ./ci/helm-package or ./ci/helm-package-new
   • helm upgrade <release> -f <values-pro.yaml> <chart-path> --namespace <ns> --set image.tag=<SHA>

Safety

• No destructive cluster commands.
• Read-only until user confirms helm upgrade.
• Record release, namespace, and revision after deploy.