MCP HubMCP Hub
Back to Skills

artifact-management

aj-geddes
Updated Yesterday
47 views
7
7
View on GitHub
Metadesign

About

This Claude Skill helps developers manage build artifacts, Docker images, and package registries. It provides strategies for configuring repositories, implementing versioning, and distributing artifacts across environments. Use it for tasks like Docker registry management, package publication, and establishing artifact retention policies.

Quick Install

Claude Code

Recommended
Plugin CommandRecommended
/plugin add https://github.com/aj-geddes/useful-ai-prompts
Git CloneAlternative
git clone https://github.com/aj-geddes/useful-ai-prompts.git ~/.claude/skills/artifact-management

Copy and paste this command in Claude Code to install this skill

Documentation

Artifact Management

Overview

Implement comprehensive artifact management strategies for storing, versioning, and distributing built binaries, Docker images, and packages across environments.

When to Use

  • Docker image registry management
  • Package publication and versioning
  • Build artifact storage and retrieval
  • Container image optimization
  • Artifact retention policies
  • Multi-registry distribution
  • Dependency caching

Implementation Examples

1. Docker Registry Configuration

# Dockerfile with multi-stage build for optimization
FROM node:18-alpine AS dependencies
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production

FROM node:18-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

FROM node:18-alpine AS runtime
WORKDIR /app
COPY --from=dependencies /app/node_modules ./node_modules
COPY --from=builder /app/dist ./dist
COPY package*.json ./

EXPOSE 3000
HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \
  CMD node healthcheck.js

CMD ["node", "dist/server.js"]

LABEL org.opencontainers.image.version="1.0.0" \
      org.opencontainers.image.description="Production application" \
      org.opencontainers.image.authors="DevOps Team"

2. GitHub Container Registry (GHCR) Push

# .github/workflows/publish-image.yml
name: Publish to GHCR

on:
  push:
    tags: ['v*']
    branches: [main]

env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}

jobs:
  publish:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write

    steps:
      - uses: actions/checkout@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: Log in to registry
        uses: docker/login-action@v2
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Extract metadata
        id: meta
        uses: docker/metadata-action@v4
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
          tags: |
            type=ref,event=branch
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
            type=sha

      - name: Build and push
        uses: docker/build-push-action@v4
        with:
          context: .
          file: ./Dockerfile.prod
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache
          cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache,mode=max

3. npm Package Publishing

{
  "name": "@myorg/awesome-library",
  "version": "1.2.3",
  "description": "Awesome library for developers",
  "main": "dist/index.js",
  "types": "dist/index.d.ts",
  "files": [
    "dist",
    "README.md",
    "LICENSE"
  ],
  "publishConfig": {
    "registry": "https://npm.pkg.github.com",
    "access": "public"
  },
  "repository": {
    "type": "git",
    "url": "https://github.com/myorg/awesome-library.git"
  },
  "scripts": {
    "prepublishOnly": "npm run build && npm run test",
    "prepack": "npm run build"
  }
}

4. Artifact Retention Policy

# .github/workflows/cleanup-artifacts.yml
name: Cleanup Old Artifacts

on:
  schedule:
    - cron: '0 2 * * *'  # Daily at 2 AM
  workflow_dispatch:

jobs:
  cleanup:
    runs-on: ubuntu-latest
    steps:
      - name: Delete artifacts older than 30 days
        uses: geekyeggo/delete-artifact@v2
        with:
          name: '*'
          minCreatedTime: 30d
          failOnError: false

5. Artifact Versioning

#!/bin/bash
# artifact-version.sh

BUILD_DATE=$(date -u +'%Y%m%d')
GIT_HASH=$(git rev-parse --short HEAD)
VERSION=$(grep '"version"' package.json | sed 's/.*"version": "\([^"]*\)".*/\1/')

# Full version tag
FULL_VERSION="${VERSION}-${BUILD_DATE}.${GIT_HASH}"

# Create artifact with version
docker build -t myapp:${FULL_VERSION} .
docker tag myapp:${FULL_VERSION} myapp:latest

echo "Built artifact version: ${FULL_VERSION}"

10. GitLab Package Registry

# .gitlab-ci.yml
publish-package:
  stage: publish
  script:
    - npm config set @myorg:registry https://gitlab.example.com/api/v4/packages/npm/
    - npm config set '//gitlab.example.com/api/v4/packages/npm/:_authToken' "${CI_JOB_TOKEN}"
    - npm publish
  only:
    - tags

Best Practices

✅ DO

  • Use semantic versioning for artifacts
  • Implement image scanning before deployment
  • Set retention policies for old artifacts
  • Use multi-stage builds for Docker images
  • Sign and verify artifacts
  • Implement artifact immutability
  • Document artifact metadata
  • Use specific base image versions
  • Implement vulnerability scanning
  • Cache layers aggressively
  • Tag images with commit SHA
  • Compress artifacts for storage

❌ DON'T

  • Use latest tag as sole identifier
  • Store secrets in artifacts
  • Push artifacts without scanning
  • Use untrusted base images
  • Skip artifact verification
  • Overwrite published artifacts
  • Mix binary and source artifacts
  • Ignore image layer optimization
  • Store build logs with sensitive data

Artifact Storage Standards

# Naming convention
{registry}/{org}/{repo}/{service}:{version}-{build}-{commit}

# Examples
docker.io/myorg/web-app:1.2.3-123-abc1234
ghcr.io/myorg/api-service:2.0.0-456-def5678
artifactory.example.com/releases/core:3.1.0-789-ghi9012

Resources

GitHub Repository

aj-geddes/useful-ai-prompts
Path: skills/artifact-management

Related Skills

content-collections

Meta

This skill provides a production-tested setup for Content Collections, a TypeScript-first tool that transforms Markdown/MDX files into type-safe data collections with Zod validation. Use it when building blogs, documentation sites, or content-heavy Vite + React applications to ensure type safety and automatic content validation. It covers everything from Vite plugin configuration and MDX compilation to deployment optimization and schema validation.

View skill

creating-opencode-plugins

Meta

This skill provides the structure and API specifications for creating OpenCode plugins that hook into 25+ event types like commands, files, and LSP operations. It offers implementation patterns for JavaScript/TypeScript modules that intercept and extend the AI assistant's lifecycle. Use it when you need to build event-driven plugins for monitoring, custom handling, or extending OpenCode's capabilities.

View skill

langchain

Meta

LangChain is a framework for building LLM applications using agents, chains, and RAG pipelines. It supports multiple LLM providers, offers 500+ integrations, and includes features like tool calling and memory management. Use it for rapid prototyping and deploying production systems like chatbots, autonomous agents, and question-answering services.

View skill

cloudflare-turnstile

Meta

This skill provides comprehensive guidance for implementing Cloudflare Turnstile as a CAPTCHA-alternative bot protection system. It covers integration for forms, login pages, API endpoints, and frameworks like React/Next.js/Hono, while handling invisible challenges that maintain user experience. Use it when migrating from reCAPTCHA, debugging error codes, or implementing token validation and E2E tests.

View skill