AgentSkillsCN

deployment

Astro网站在Cloudflare Pages + GitHub上的部署工作流。预发布→生产流程。首次部署前使用此方法。

SKILL.md
--- frontmatter
name: deployment
description: Deployment workflow for Astro sites on Cloudflare Pages + GitHub. Staging → Production flow. Use before first deploy.

Deployment Skill

Purpose

Defines deployment workflow for Astro sites. Cloudflare Pages + GitHub only.

Scope

✅ Supported❌ Out of Scope
Cloudflare PagesVercel, Netlify
GitHub reposGitLab, Bitbucket
Single-site projectsMonorepos
Astro static/SSROther frameworks

Core Rules

  1. Never deploy directly to production — Always staging first
  2. Environment variables in dashboard — Never in code
  3. Staging is noindex — Always blocked from search
  4. Production needs client approval — No exceptions
  5. Rollback plan ready — Before every deploy

Blocking Conditions (STOP)

Deployment BLOCKED if any:

ConditionCheck
Build failsnpm run build
TypeScript errorsnpx astro check
Missing env varDashboard check
Lighthouse < 90All categories
Forms not workingTest submission
Staging indexablerobots.txt / noindex
No client approvalWritten confirmation

If blocked → FIX first, do not deploy.

Environment Variables

Set in Cloudflare Dashboard → Settings → Environment Variables

VariableRequiredNotes
PUBLIC_SITE_URLFull URL with https
TURNSTILE_SITE_KEYDifferent for prod/preview
TURNSTILE_SECRET_KEYSecret
RESEND_API_KEYEmail sending
GTM_IDAnalytics

Missing required env var = deployment BLOCKED.

Never:

  • Commit .env to git
  • Put secrets in wrangler.toml
  • Use same keys for prod and preview

Branch Configuration

BranchEnvironmentURL
mainProductiondomain.com
stagingPreviewstaging.domain.com
feature/*Preview[hash].pages.dev

DNS Setup (Cloudflare)

code
Type    Name    Content              Proxy
CNAME   @       [project].pages.dev  ✓
CNAME   www     [project].pages.dev  ✓

Staging Protection

Required: Choose one:

MethodWhen to Use
Cloudflare AccessClient needs to review
robots.txt + noindexInternal only
html
<!-- BaseLayout.astro - always include -->
{import.meta.env.MODE !== 'production' && (
  <meta name="robots" content="noindex, nofollow" />
)}

Monitoring (Required)

TypeToolRequired
AnalyticsCloudflare Analytics
UptimeCloudflare or UptimeRobot
SearchGoogle Search Console
ErrorsConsole or SentryRecommended

Basic uptime monitoring is NOT optional.

Checklists

Pre-Staging

  • npm run build passes
  • npx astro check clean
  • No console.logs in code
  • Env vars documented

Pre-Production

  • Lighthouse > 90 all categories
  • Forms working + sending emails
  • GTM firing correctly
  • No broken links
  • Mobile tested on real device
  • 404 page exists
  • Client approved staging
  • Legal pages present
  • Contact info correct

Post-Deploy (Within 1 hour)

  • Site loads on production URL
  • Forms work
  • Analytics receiving data
  • Submit sitemap to Search Console

Rollback

bash
# Via Dashboard
Pages → Project → Deployments → [Previous] → "Rollback"

# Via CLI
npx wrangler pages deployment list --project-name=[name]
npx wrangler pages deployment rollback --project-name=[name] [id]

Test rollback BEFORE you need it.

Forbidden

  • ❌ Secrets in code or wrangler.toml
  • ❌ Direct push to main without staging
  • ❌ Deploy without client approval
  • ❌ Indexable staging environment
  • ❌ No uptime monitoring
  • ❌ Deploy with blocking conditions

References

Definition of Done

  • Staging accessible and protected
  • Production DNS configured
  • SSL working (https://)
  • All env vars set
  • Uptime monitoring active
  • Search Console configured
  • Rollback tested