Install
openclaw skills install @xrowgmbh/xrowgmbh-ci-tools-pipelineBuild and maintain GitLab CI/CD pipelines with the CI Tools Components Catalog at ci-tools.xrow.de. Use when creating or fixing .gitlab-ci.yml files, choosing CI Tools components, validating component inputs, or designing continuous delivery pipelines for applications, Helm charts, containers, packages, documentation, infrastructure, and GitOps.
openclaw skills install @xrowgmbh/xrowgmbh-ci-tools-pipelineUse this skill to build proper GitLab CI/CD pipelines from the CI Tools Components Catalog. Prefer catalog components over custom jobs when a component exists for the job type.
AGENTS.md first, then inspect the repository layout, current .gitlab-ci.yml, and existing pipeline failures.https://ci-tools.xrow.de/https://ci-tools.xrow.de/Components/https://gitlab.com/xrow-public/ci-toolscommon, workflow, semantic-releaselabel, pre-commit, spellcheck, trivybash-unit-tests, lint-javascript, lint-json, lint-yaml, lint-markdown, lint-ansible, lint-helm, lint-tofucontainer, buildah, helm, helm-docs, package, package-skill, oras-pushdocusaurus, publish-sitemap, publish-wikideploy-helm, deploy-argocd, gitops, app-of-appsworkflow-trunkbased, workflow-gitflowglab ci lint .gitlab-ci.yml$CI_SERVER_FQDN/xrow-public/ci-tools/<component>@main for component includes when package registry or fully-qualified host behavior matters; otherwise match the existing project style.inputs next to the include and keep names stable across related jobs.needs and dependencies only when a real artifact or ordering relationship exists.allow_failure: true, when: manual, rules: when: never, or skipped tests to hide a broken required pipeline. Use them only when the job is genuinely optional, documented, or intentionally gated.Use these components for most repositories:
include:
- component: $CI_SERVER_HOST/xrow-public/ci-tools/common@main
- component: $CI_SERVER_HOST/xrow-public/ci-tools/label@main
- component: $CI_SERVER_HOST/xrow-public/ci-tools/pre-commit@main
- component: $CI_SERVER_HOST/xrow-public/ci-tools/trivy@main
- component: $CI_SERVER_HOST/xrow-public/ci-tools/workflow@main
- component: $CI_SERVER_HOST/xrow-public/ci-tools/semantic-release@main
Use label early when the project needs standard priority::*, size::*, type::*, and workflow::* labels for automation.
Use container for normal application images and buildah when the project needs direct image build control.
Set name and path explicitly when the repository has multiple build roots.
include:
- component: $CI_SERVER_HOST/xrow-public/ci-tools/container@main
inputs:
name: app
path: container/app
Use helm for chart build/test/publish flows and add helm-docs when chart documentation must be generated.
Set test-enabled: false only when there is no safe cluster-backed test path.
include:
- component: $CI_SERVER_HOST/xrow-public/ci-tools/helm@main
inputs:
name: chart
path: chart
Keep review environments close to production while making destructive checks explicit and temporary. For Helm review tests, validate install, upgrade, readiness, ingress, cleanup, and storage behavior through chart values instead of ad hoc shell overrides. Document any review-only threshold or fixture in the MR so reviewers can see why it differs from production defaults.
Use docusaurus for docs sites and pair it with publish-sitemap when the project publishes public pages.
Pass name and path explicitly.
Use lint-ansible, ansible-collection, ansible-ee, ansible-runner, lint-tofu, tofu-module, gitops, deploy-argocd, and app-of-apps according to the repository type.
Keep plan, build, and deploy stages separate unless the catalog component documents a tighter flow.
Fetch the live component page and verify the input names before editing:
curl -fsSL https://ci-tools.xrow.de/Components/<component> | sed -n '1,220p'
Lint the pipeline:
glab ci lint .gitlab-ci.yml
For merge requests, push with CI skipped first, then start an MR pipeline through GitLab Agent rules:
git push origin <branch> -o ci.skip
glab ci run --mr
If CI fails, inspect the failed job trace and fix the underlying problem. If the failure comes from the catalog or main branch, open or link the dependency and mark the MR blocked rather than weakening the pipeline.
allow_failure.