CI/CD & DevOps Automation
Docker, GitHub Actions, Nginx—one instruction generate production config
DevOps config, tiap kali nightmare
GitHub Actions YAML indent salah satu spasi, entire pipeline down. Error message cuma "syntax error", lo harus stare few hundred line YAML cari extra space itu.
"Lokal gw jalan bagus" — classic line. Docker image version salah, environment variable nggak pass, port mapping terbalik, deploy setiap kali adventure.
Nginx config copas dari internet, HTTPS cert nggak work, reverse proxy 502, access log semua 404. Folded tiga jam, ternyata proxy_pass kurang slash.
OpenClaw generate production-ready config buat lo
OpenClaw analyze project structure lo—pakai bahasa apa, framework apa, depend on service apa, need environment variable apa, terus generate targeted config.
Dockerfile yang di-generate bukan cuma pull latest image aja. Multi-stage build, image lean down, security best practice, semua lo consider.
GitHub Actions workflow juga nggak cuma jalanin npm test. Cache strategy, parallel task, conditional deploy, Secret manage, production perlu semua ada. Yang paling penting—YAML indent guaranteed correct.
DevOps Prompt, kopas langsung pake
Docker, CI/CD, Nginx tiga serangkai, semuanya production-ready.
Analyze project Node.js ini, generate complete Docker config:
Dockerfile requirement:
1. Multi-stage build (builder + production)
2. Pake Alpine base image, final image minimal
3. Run non-root user
4. Leverage cache layer effectively (COPY package.json dulu baru npm install)
5. Add healthcheck
docker-compose.yml requirement:
1. App service + database (PostgreSQL) + Redis
2. Differentiate dev dan prod environment (pake profile atau override file)
3. Volume data persistence
4. Network isolation
5. Environment variable manage pake .env file
Include .dockerignore plus explanation.Config complete GitHub Actions CI/CD pipeline buat project ini.
Workflow requirement:
1. CI (trigger setiap push dan PR):
- Code check: ESLint / Prettier
- Unit test + coverage report
- Build verify
- Dependency security scan
2. CD (trigger merge ke main):
- Build Docker image push ke ECR
- Deploy ke AWS ECS (atau EC2)
- Post-deploy auto-run smoke test
- Fail auto-rollback
3. Optimize:
- npm/pip cache speed-up
- Test parallelize
- Only trigger relevant step pas relevant file change
Semua secret manage pake GitHub Secret.Generate production-grade Nginx config:
1. Reverse proxy:
- Frontend static resource (/) → local directory
- API request (/api/) → backend service (upstream)
- WebSocket support (/ws/)
2. HTTPS config:
- Let's Encrypt certificate (Certbot auto-renew)
- HTTP auto-redirect HTTPS
- HSTS, OCSP Stapling
- TLS 1.2+ only, secure cipher suite
3. Load balancing:
- Upstream multiple backend instance
- Health check
- least_conn strategy
4. Performance optimize:
- Gzip compression
- Static resource cache header
- Request rate limit (prevent DDoS)
Include Certbot install command sama cert request.Config generate: OpenClaw vs hand-write YAML
Bukan bilang hand-write nggak bagus, tapi ada smarter way.
- Customize config based on project structure, bukan generic template
- Include security best practice (non-root, Secret manage, TLS config)
- Generate YAML format guaranteed correct, nggak indent error
- One Prompt handle semua, Docker + CI/CD + Nginx
- Copy dari Stack Overflow, version mungkin already outdated
- Security config often miss, discover pas launch dah jadi security issue
- YAML indent tune setengah hari, satu spasi destroy everything
- Frankenstein config, pieces might conflict each other